lumma | 689c4761b9897b14dbadf5dd833c603a2deecdeccfb1f7c5a6304b2afbe7cfee

Analysis

max time kernel
96s
max time network
175s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
01/05/2023, 20:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WeMod-8.6.0.exe
Size

99.0MB
MD5

24985391366a2f90a132465022fb5f69
SHA1

f9564ca80e59a57a7fbc7b865c74ba079386b140
SHA256

689c4761b9897b14dbadf5dd833c603a2deecdeccfb1f7c5a6304b2afbe7cfee
SHA512

14bba15cb5d40ea02a40a227c2c57f63d65a9cbcc5448a7efe84f8c93648d5a7e9ebe2574e118fc775d34e73381af5096b3c4371efb2ef52de0effe776de657d
SSDEEP

3145728:0nKaKBgg9VVXAm3gtBNRLTLd3xk0/M6s6rkel:mSCgNwmu9hk0/tf

Score

10^/10

lumma redline discovery infostealer stealer

Malware Config

Signatures

Detects Redline Stealer samples 5 IoCs

This rule detects the presence of Redline Stealer samples based on their unique strings.

stealer

resource	yara_rule
behavioral2/files/0x0006000000023007-257.dat	redline_stealer
behavioral2/files/0x0006000000023007-258.dat	redline_stealer
behavioral2/files/0x0006000000023007-283.dat	redline_stealer
behavioral2/files/0x0006000000023007-286.dat	redline_stealer
behavioral2/files/0x0006000000023007-290.dat	redline_stealer

Lumma Stealer
An infostealer written in C++ first seen in August 2022.
stealer lumma
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000\Control Panel\International\Geo\Nation	Update.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Executes dropped EXE 9 IoCs

pid	Process
2408	Update.exe
3804	Squirrel.exe
2496	WeMod.exe
4992	Update.exe
1104	WeMod.exe
4332	WeMod.exe
3724	WeMod.exe
2292	WeMod.exe
4824	WeMod.exe

Loads dropped DLL 6 IoCs

pid	Process
2496	WeMod.exe
1104	WeMod.exe
4332	WeMod.exe
3724	WeMod.exe
2292	WeMod.exe
4824	WeMod.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod	WeMod.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\URL Protocol	WeMod.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\ = "URL:wemod"	WeMod.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\shell\open\command	WeMod.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\shell	WeMod.exe
Key created	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\shell\open	WeMod.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\wemod\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\WeMod\\app-8.6.0\\WeMod.exe\" \"%1\""	WeMod.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2408	Update.exe
2408	Update.exe

Suspicious use of AdjustPrivilegeToken 9 IoCs

description	pid	Process
Token: SeDebugPrivilege	2408	Update.exe
Token: SeShutdownPrivilege	3724	WeMod.exe
Token: SeCreatePagefilePrivilege	3724	WeMod.exe
Token: SeShutdownPrivilege	3724	WeMod.exe
Token: SeCreatePagefilePrivilege	3724	WeMod.exe
Token: SeShutdownPrivilege	3724	WeMod.exe
Token: SeCreatePagefilePrivilege	3724	WeMod.exe
Token: SeShutdownPrivilege	3724	WeMod.exe
Token: SeCreatePagefilePrivilege	3724	WeMod.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2408	Update.exe

Suspicious use of WriteProcessMemory 60 IoCs

description	pid	Process	procid_target
PID 4748 wrote to memory of 2408	4748	WeMod-8.6.0.exe	82
PID 4748 wrote to memory of 2408	4748	WeMod-8.6.0.exe	82
PID 2408 wrote to memory of 3804	2408	Update.exe	87
PID 2408 wrote to memory of 3804	2408	Update.exe	87
PID 2408 wrote to memory of 2496	2408	Update.exe	88
PID 2408 wrote to memory of 2496	2408	Update.exe	88
PID 2408 wrote to memory of 2496	2408	Update.exe	88
PID 2496 wrote to memory of 4992	2496	WeMod.exe	92
PID 2496 wrote to memory of 4992	2496	WeMod.exe	92
PID 2408 wrote to memory of 1104	2408	Update.exe	93
PID 2408 wrote to memory of 1104	2408	Update.exe	93
PID 2408 wrote to memory of 1104	2408	Update.exe	93
PID 1104 wrote to memory of 4332	1104	WeMod.exe	94
PID 1104 wrote to memory of 4332	1104	WeMod.exe	94
PID 1104 wrote to memory of 4332	1104	WeMod.exe	94
PID 4332 wrote to memory of 3724	4332	WeMod.exe	95
PID 4332 wrote to memory of 3724	4332	WeMod.exe	95
PID 4332 wrote to memory of 3724	4332	WeMod.exe	95
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 2292	3724	WeMod.exe	96
PID 3724 wrote to memory of 4824	3724	WeMod.exe	97
PID 3724 wrote to memory of 4824	3724	WeMod.exe	97
PID 3724 wrote to memory of 4824	3724	WeMod.exe	97

C:\Users\Admin\AppData\Local\Temp\WeMod-8.6.0.exe
"C:\Users\Admin\AppData\Local\Temp\WeMod-8.6.0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4748
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2408
- - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\Squirrel.exe
    "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\Squirrel.exe" --updateSelf=C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
    3⤵
    - Executes dropped EXE
    PID:3804
- - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
    "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --squirrel-install 8.6.0
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:2496
  - - C:\Users\Admin\AppData\Local\WeMod\Update.exe
      C:\Users\Admin\AppData\Local\WeMod\Update.exe --createShortcut WeMod.exe
      4⤵
      Executes dropped EXE
      PID:4992
- - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
    "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --squirrel-firstrun
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:1104
  - - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
      "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --type=relauncher --no-sandbox --- "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of WriteProcessMemory
      PID:4332
    - - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
        
        "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of WriteProcessMemory
        
        PID:3724
      - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
        
        "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\WeMod" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1800,i,16601790583891089639,3995817426723573305,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2292
      - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
        
        "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --force-ui-direction=ltr --user-data-dir="C:\Users\Admin\AppData\Roaming\WeMod" --mojo-platform-channel-handle=2076 --field-trial-handle=1800,i,16601790583891089639,3995817426723573305,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4824
      - C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe
        
        "C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\WeMod" --app-user-model-id=com.squirrel.WeMod.WeMod --app-path="C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2480 --field-trial-handle=1800,i,16601790583891089639,3995817426723573305,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
        6⤵
        
        PID:2488
        
        C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe
        
        C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe WeMod\Support_1682979999261_Out
        7⤵
        
        PID:2856
      - C:\Users\Admin\AppData\Local\WeMod\Update.exe
        
        C:\Users\Admin\AppData\Local\WeMod\Update.exe --checkForUpdate https://api.wemod.com/client/channels/stable
        6⤵
        
        PID:2616

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Update.exe.log

Filesize
2KB

MD5
dc2fadc301da9c5dea3499a79bc02086

SHA1
3716685ad7aedd12e6cc6fd19c5f3131d5660a16

SHA256
01a3e3e8c493aa07a663a5578073d0c700f4852cf38a8251f4cc6b099abab875

SHA512
d5f724c9a2e442aefa9e42d1508ed08420d90edaf239b698b6a0119af9d236314d652802c35bf9d44df3e420cd163920310b3e2a86350152ec225618aebd6bd8

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
76B

MD5
2048a6e63ea6c66ea9001d9f51fe6c38

SHA1
6faf9dc016628783068f5430da2d6ab6ee99846d

SHA256
52cc531dc4610e5fb892bc39bc91811a58096e9032f1c67f9f46555c1be3c32c

SHA512
c4d47030b171a403d0990f769cc63ed109929ce3e9089a546fa144e748696d6d75f958d66c80f4aa84585db0977323cf7e0c428857ff898db373a4f2edb5b4cb

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.8MB

MD5
b43e5cf21598243f3078d787159d7bef

SHA1
dbe552b5455966b2cc59e6786dac21610cbbea0e

SHA256
36fd9d2415858e7010345d3fc16536349a689f9d75ed005151cb4ff5e1d0cb80

SHA512
8c41abd147c334fbff93871f08eb878e60c7be3e26487c601d741dfaa7a047d85e3d21ef10f47fafd65c569e90e9d1b32cad74fc4065e3c16728681f6c5df9be

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.8MB

MD5
b43e5cf21598243f3078d787159d7bef

SHA1
dbe552b5455966b2cc59e6786dac21610cbbea0e

SHA256
36fd9d2415858e7010345d3fc16536349a689f9d75ed005151cb4ff5e1d0cb80

SHA512
8c41abd147c334fbff93871f08eb878e60c7be3e26487c601d741dfaa7a047d85e3d21ef10f47fafd65c569e90e9d1b32cad74fc4065e3c16728681f6c5df9be

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\WeMod-8.6.0-full.nupkg

Filesize
98.2MB

MD5
5b65b8e7c722ea3cdd852a60e3a47e48

SHA1
78caa65d63160b9b3364633ed0435b91eb116d8d

SHA256
1b663486c0bf5ea10ecc69c3eaa7b46c565f3cf6c1144dcde260fa8611cfb20f

SHA512
059e220748dcaf694edc308f9a16d90975c0cd098158256ac9e4f8a77364896e5bca1452448492c15f5e22f1a1c3b06a0e73da081a5713988b1686da47fb6d3d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\background.gif

Filesize
21KB

MD5
1d0394cf33c9bdf438c3b05fe4b8c617

SHA1
8b04090dc8ae8982247575680988a6fc037f61fc

SHA256
4762c5c406920b9b28f567859d3eef8623b6484166e43b33c7a04cd0f0684dfe

SHA512
7c3e92906159a6cb5ed1dde26d5ead5e4bb6f24219bf070c45c787851f17ed329e8074a634dd964026b691c8b0f568c66aa736ad0e04df0fa32306f565bcb95b

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\setupIcon.ico

Filesize
24KB

MD5
e2fc5f7c4e479982f270a6d9daeaa7b9

SHA1
e6b2f2c381d64b588d80fc2d7754515972ca48ec

SHA256
9be0f7268db367235d785653b7da1cec8374bee92c42732299f7193f430edb1c

SHA512
42d657ac14903eccaa037e1b8e554b2f3a2ca1066dc23ca7f32f3fcc0da8714ad1c0f2cd295b1f65a9a9f4f7bda2bab2d1991cf07bf72c5b829668d2b92cfd5e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\Update.exe

Filesize
1.8MB

MD5
b43e5cf21598243f3078d787159d7bef

SHA1
dbe552b5455966b2cc59e6786dac21610cbbea0e

SHA256
36fd9d2415858e7010345d3fc16536349a689f9d75ed005151cb4ff5e1d0cb80

SHA512
8c41abd147c334fbff93871f08eb878e60c7be3e26487c601d741dfaa7a047d85e3d21ef10f47fafd65c569e90e9d1b32cad74fc4065e3c16728681f6c5df9be

Download Submit
C:\Users\Admin\AppData\Local\WeMod\Update.exe

Filesize
1.8MB

MD5
2e4acb84ffaaf4ac65d1378491ea7ba8

SHA1
c927761e4512e2c9ef81d97c5a33a00c384fd0c7

SHA256
15a062eafbb7eceaf09142f9c39c8e4d998dd5a90700de81bcbe33a5ba34a35f

SHA512
b14858a9cb845c3a9339c0f77b26f5151a926700352e8482a4242aed86b7a04c6fe8a4fd8246456d8d188790527db40faebf3f5c7dfe3bd229f877ca1b36d410

Download Submit
C:\Users\Admin\AppData\Local\WeMod\Update.exe

Filesize
1.8MB

MD5
2e4acb84ffaaf4ac65d1378491ea7ba8

SHA1
c927761e4512e2c9ef81d97c5a33a00c384fd0c7

SHA256
15a062eafbb7eceaf09142f9c39c8e4d998dd5a90700de81bcbe33a5ba34a35f

SHA512
b14858a9cb845c3a9339c0f77b26f5151a926700352e8482a4242aed86b7a04c6fe8a4fd8246456d8d188790527db40faebf3f5c7dfe3bd229f877ca1b36d410

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\D3DCompiler_47.dll

Filesize
3.9MB

MD5
ab3be0c427c6e405fad496db1545bd61

SHA1
76012f31db8618624bc8b563698b2669365e49cb

SHA256
827d12e4ed62520b663078bbf26f95dfd106526e66048cf75b5c9612b2fb7ce6

SHA512
d1dc2ec77c770c5da99e688d799f88b1e585f8dcf63e6876e237fe7fce6e23b528e6a5ef94ffc68283c60ae4e465ff19d3fd6f2fae5de4504b5479d68cbc4dba

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\Squirrel.exe

Filesize
1.8MB

MD5
2e4acb84ffaaf4ac65d1378491ea7ba8

SHA1
c927761e4512e2c9ef81d97c5a33a00c384fd0c7

SHA256
15a062eafbb7eceaf09142f9c39c8e4d998dd5a90700de81bcbe33a5ba34a35f

SHA512
b14858a9cb845c3a9339c0f77b26f5151a926700352e8482a4242aed86b7a04c6fe8a4fd8246456d8d188790527db40faebf3f5c7dfe3bd229f877ca1b36d410

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
127.9MB

MD5
785460a10d3b9bb8e77cb0474dd405e6

SHA1
d905a695151b170d042fc60d938e1f978ab12e2e

SHA256
3fcada77230aff52ca5b9ef42caa6162f96779a0f33112141b2387b27a6543e5

SHA512
e4ff932c345c4e1158071b43cd939ed5800cb22b3f90c01ed6ea8f46a489846546cd90f316914ac06c47d50d260ddc92ea5a58ece52b1edc6681548199ea90fa

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
127.9MB

MD5
785460a10d3b9bb8e77cb0474dd405e6

SHA1
d905a695151b170d042fc60d938e1f978ab12e2e

SHA256
3fcada77230aff52ca5b9ef42caa6162f96779a0f33112141b2387b27a6543e5

SHA512
e4ff932c345c4e1158071b43cd939ed5800cb22b3f90c01ed6ea8f46a489846546cd90f316914ac06c47d50d260ddc92ea5a58ece52b1edc6681548199ea90fa

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
127.9MB

MD5
785460a10d3b9bb8e77cb0474dd405e6

SHA1
d905a695151b170d042fc60d938e1f978ab12e2e

SHA256
3fcada77230aff52ca5b9ef42caa6162f96779a0f33112141b2387b27a6543e5

SHA512
e4ff932c345c4e1158071b43cd939ed5800cb22b3f90c01ed6ea8f46a489846546cd90f316914ac06c47d50d260ddc92ea5a58ece52b1edc6681548199ea90fa

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
127.9MB

MD5
785460a10d3b9bb8e77cb0474dd405e6

SHA1
d905a695151b170d042fc60d938e1f978ab12e2e

SHA256
3fcada77230aff52ca5b9ef42caa6162f96779a0f33112141b2387b27a6543e5

SHA512
e4ff932c345c4e1158071b43cd939ed5800cb22b3f90c01ed6ea8f46a489846546cd90f316914ac06c47d50d260ddc92ea5a58ece52b1edc6681548199ea90fa

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
127.4MB

MD5
cd2e49fa77a0026b6154a4b75de09847

SHA1
561a53a0dd21c3e5fac4bda3cbdbda99e900ea2a

SHA256
3ace7df462618eecbca22b6228b1ec0c49edd63263be7f39e42cedca093e2f35

SHA512
778dcb3e02daddff82e9ddbf2d69e7a2fca70b579818f9542bf2bb21c7cd1e2427be6aae8076ac1af883fece6ffc925be84a9b9245694a27c0c83ed1583c4316

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
113.3MB

MD5
2dda2bea6078d8bdc3abf609bb2ab4a3

SHA1
162329c88794c5eef28bfcc630cac43d32a0dfdb

SHA256
510ff9e5607b844ef6280e6d928e542066885a53394de65bde75eb807ebfa3c0

SHA512
ab6e295c7618e36a7b6dd1652a5c20698408f9b31e4b1b5fecd5dc5b7094bbeb078d9dec612eb840af8f078e3f1e9b7a6ea041f906e9d29691f58917cbd09bfe

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
110.6MB

MD5
a50e910fbf1a64e5d8eac42a1cb3a33d

SHA1
04201b7a9c4bc0157ad81fd2eba1f3d33969b5a3

SHA256
ab9d8c62997633a59e45a779a32daa8ab8801c4bca7bdfe3cbd25d22539accce

SHA512
09fbeee0655eb9579d5a75e4130bb8cc8124a5e728cdc686db358ebf8bd230343a9763195b61a34130afb8a97c41c6edb0456d9779b4e1c7a5bab04cc32ba199

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
106.0MB

MD5
cd333cff45bc07ad9563af032f4ecb4f

SHA1
c1e36aed9cc3446b98b979f293eacd92baf9a0cd

SHA256
fbbb0e36d8d1eed850a2ebb01048a13b276d4b48550fe65b941496bdf9a2036e

SHA512
1c20731e05ce2b70050cd7168402ebd1828fa52106f74d48118cff284455e3166106a2d751bce573bb4f75e71c9bcb743ec8abda627296defd60a71951a92d49

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\WeMod.exe

Filesize
108.3MB

MD5
164603e313e313608c221995967fe06e

SHA1
75edae0b32ef949e6dcbd2c905696d42cd8332ba

SHA256
613198207f32c5e84e535a0ba258dc0f096f2746e5826a2cded5b9c51803d72d

SHA512
8d33cd876ed51b6981c66c1139b48b68da003540fb66c4ae29f7fa62b1e1b16afcff6286359bb45c11a206db773c096bd4ed9c92b8d2a778118b0ffa3b7dc187

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\chrome_100_percent.pak

Filesize
126KB

MD5
44a69827d4aa75426f3c577af2f8618e

SHA1
7bdd115425b05414b64dcdb7d980b92ecd3f15b3

SHA256
bca4401b578a6ac0fe793e8519fed82b5444972b7d6c176ec0369ed13beaad7b

SHA512
5c7bdf1f1deb72c79b860bf48f16c19cb19b4d861c0b6beb585512ad58b1bc4b64e24edfcd97233e5b91dcd0f63ed1c7b278d22ec062fd0dfe28fe49cae52049

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\chrome_200_percent.pak

Filesize
175KB

MD5
9c379fc04a7bf1a853b14834f58c9f4b

SHA1
c105120fd00001c9ebdf2b3b981ecccb02f8eefb

SHA256
b2c25fb30fee5f04ccdb8bf3c937a667502d266e428425feeb5af964f6167d48

SHA512
f28844dba7780e5f5c9d77ac3d29069dfcd6698447d5723886e510eadd51d6285e06adbda06bf4a69f841afc161c764cb2e5b9ad2c92f0a87176709b4acd2c13

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\d3dcompiler_47.dll

Filesize
3.9MB

MD5
ab3be0c427c6e405fad496db1545bd61

SHA1
76012f31db8618624bc8b563698b2669365e49cb

SHA256
827d12e4ed62520b663078bbf26f95dfd106526e66048cf75b5c9612b2fb7ce6

SHA512
d1dc2ec77c770c5da99e688d799f88b1e585f8dcf63e6876e237fe7fce6e23b528e6a5ef94ffc68283c60ae4e465ff19d3fd6f2fae5de4504b5479d68cbc4dba

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\ffmpeg.dll

Filesize
2.4MB

MD5
6eb84bf78abc36ec975f0a72ec7d83d3

SHA1
b92944d2605822e2ffc5196ac299e2bf86c6e25f

SHA256
db04507fffccb8c42d921c1e659fa1687838b76c3fc2985619d61abebd8075cc

SHA512
5154c5e922b634e1538a30df48671002574bc674b606d05bfb572de48a2ef0410a5919ff3686c4b3cc617a49692d21e02aa6b24f8b9b0c23e853e709221c1c2e

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\icudtl.dat

Filesize
10.0MB

MD5
cf9421b601645bda331c7136a0a9c3f8

SHA1
9950d66df9022f1caa941ab0e9647636f7b7a286

SHA256
8d8a74ca376338623170d59c455476218d5a667d5991a52556aa9c9a70ebc5e5

SHA512
bc9601e2b4ab28130bfadfd6f61b3ed500deb0bd235dc5ca94999c09f59d10bdcbf278869a9802f918830041f620c88e2c3b506608ade661db48ccd84c1977eb

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\libEGL.dll

Filesize
377KB

MD5
8b967ad62cc99673cde56980ed63575d

SHA1
ad32b4e7ccfea0df27f9859be34aec8805ac1422

SHA256
61c9a573c6f81b60ba4bbc5197580bbd79ece79872d20fcd3e105c9d286b8d5a

SHA512
cd259a87a4cf47fdc9bbb41685c7a60aa4b4b493849be8ae57dc2295fb146c57297da6b4b8de7145a69b25cb5526f48d559f7273c4f4a5a022cd3c66364a11a3

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\libGLESv2.dll

Filesize
6.2MB

MD5
177e604afed9174818c288861079a67c

SHA1
251a142753a7231112939a43d4987e84c343e876

SHA256
dde9d5defb26f9380a576a7260e7b707139e8ee0440d2f2ac280f3244f17f9b6

SHA512
3c29ea51691060285c89ad5e1b507054c96d6e026b0147353e9c0601b64c6c64fe677184a4514972e0c40694617ef728fe58ad39079c905f30a87683e2f7198a

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\libegl.dll

Filesize
377KB

MD5
8b967ad62cc99673cde56980ed63575d

SHA1
ad32b4e7ccfea0df27f9859be34aec8805ac1422

SHA256
61c9a573c6f81b60ba4bbc5197580bbd79ece79872d20fcd3e105c9d286b8d5a

SHA512
cd259a87a4cf47fdc9bbb41685c7a60aa4b4b493849be8ae57dc2295fb146c57297da6b4b8de7145a69b25cb5526f48d559f7273c4f4a5a022cd3c66364a11a3

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\libglesv2.dll

Filesize
6.2MB

MD5
177e604afed9174818c288861079a67c

SHA1
251a142753a7231112939a43d4987e84c343e876

SHA256
dde9d5defb26f9380a576a7260e7b707139e8ee0440d2f2ac280f3244f17f9b6

SHA512
3c29ea51691060285c89ad5e1b507054c96d6e026b0147353e9c0601b64c6c64fe677184a4514972e0c40694617ef728fe58ad39079c905f30a87683e2f7198a

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\locales\en-US.pak

Filesize
302KB

MD5
3fef69b20e6f9599e9c2369398e571c0

SHA1
92be2b65b62938e6426ab333c82d70d337666784

SHA256
a99bd31907bbdc12bdfbff7b9da6ddd850c273f3a6ece64ee8d1d9b6ef0c501c

SHA512
3057edfb719c07972fd230514ac5e02f88b04c72356fa4a5e5291677dcbab03297942d5ecdc62c8e58d0088aed4d6ea53806c01f0ea622942feb06584241ad2d

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources.pak

Filesize
5.2MB

MD5
f24c85d2b898b6b4de118f6a2e63a244

SHA1
731adfc20807874b70bda7e2661e66ff6987e069

SHA256
aca9267dd8f530135d67240aa897112467bae77cd5fe1a549c69732fdf2803c6

SHA512
b49f6a4eb870b01b48b4cfbf5a73c1727cf7847a9505f7c11ce6befdbef868484867f6e0ac66aea8177ca5cab2abba1cae5ac626a8e3f44fc001cac0fe820c61

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar

Filesize
6.6MB

MD5
9b47f8546d1258078638930f63f255e5

SHA1
0553dac387bbca7e2c8bca3feb52aff65048d688

SHA256
2ef3023f110b9dd9de28bfa84d9fcfa1e6babd76b2bf0f6a92bd624a67ec1f45

SHA512
614ca9bc4c792ddada2d8830c503197d547197d663ff08b8c89d2755ecdc9c83df1de3a7865e3c2cf4ebbc9892e1ae1534321bc564cbdd1652361d7fe4aa064d

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe

Filesize
945KB

MD5
74bdec2a1b6ee5cc7276f47d13edc48a

SHA1
71a8a2b69cb0e4f333812bd72fd06cf6e1a3b61e

SHA256
7fb226a4b4c6f72314f74bd5f667d678bb3b2c2d5d76c0c9b1b4a8fa0799fb19

SHA512
a0798582456212c55a74c1dfa059148726601440f7d64c5957ee5fc8fc14368017ff4af6d99295b8ce651a38bf3d086eef46f78a1fff7008552cf6a2e6984e30

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe

Filesize
945KB

MD5
74bdec2a1b6ee5cc7276f47d13edc48a

SHA1
71a8a2b69cb0e4f333812bd72fd06cf6e1a3b61e

SHA256
7fb226a4b4c6f72314f74bd5f667d678bb3b2c2d5d76c0c9b1b4a8fa0799fb19

SHA512
a0798582456212c55a74c1dfa059148726601440f7d64c5957ee5fc8fc14368017ff4af6d99295b8ce651a38bf3d086eef46f78a1fff7008552cf6a2e6984e30

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\resources\app.asar.unpacked\static\unpacked\icon.ico

Filesize
279KB

MD5
34ee19ccd44f31cd831dc50920f19890

SHA1
24545d2f4741fb5a4649840486ffd3597b7ade5b

SHA256
136cf9b3a30268d1d439df7b9fd9104cb1d83be7fd2b562c3e9a47450ae0df3d

SHA512
ded8ade93c143dc8abc7a76b03b4015a8637b2ee13b85dd70655d5857289f19ebef76562eace56a3ad3c2418fab5305bb0b6cadd0a412ddb781b8f496e82c74a

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\squirrel.exe

Filesize
1.8MB

MD5
2e4acb84ffaaf4ac65d1378491ea7ba8

SHA1
c927761e4512e2c9ef81d97c5a33a00c384fd0c7

SHA256
15a062eafbb7eceaf09142f9c39c8e4d998dd5a90700de81bcbe33a5ba34a35f

SHA512
b14858a9cb845c3a9339c0f77b26f5151a926700352e8482a4242aed86b7a04c6fe8a4fd8246456d8d188790527db40faebf3f5c7dfe3bd229f877ca1b36d410

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\squirrel.exe

Filesize
1.8MB

MD5
2e4acb84ffaaf4ac65d1378491ea7ba8

SHA1
c927761e4512e2c9ef81d97c5a33a00c384fd0c7

SHA256
15a062eafbb7eceaf09142f9c39c8e4d998dd5a90700de81bcbe33a5ba34a35f

SHA512
b14858a9cb845c3a9339c0f77b26f5151a926700352e8482a4242aed86b7a04c6fe8a4fd8246456d8d188790527db40faebf3f5c7dfe3bd229f877ca1b36d410

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\v8_context_snapshot.bin

Filesize
590KB

MD5
dd9ca4878bba782613cba372de1c36f4

SHA1
2eefcb6fcaa4b2ed717c952895710be5701871a7

SHA256
ea33ca96024769386ae0ff100c2ae239507006d7340f1f8bbc5bcfb4195f9226

SHA512
0791d3827a6de5745d3424c562b16604cf311ed6fcb4cf62d2c7f54ec0b7f3535b1114e919d2ba6d144cbe9f45418a555ab3fd801078bd8d563a656796f5d4e6

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\vk_swiftshader.dll

Filesize
4.2MB

MD5
66cafd13877168b0062349a5a639e4fe

SHA1
3936afd07d22d44d033908ae6d56c58ff395d755

SHA256
270f2398c073b62660eb8ff492a8ed4c0b760b044d34a6b6fbaa42cf7cb78e84

SHA512
8d1d2f9516510ae7b0d4a7f401800092005b5da58d70d22a9b893bca52ca2d928708b558e7d95a18e540ccd3180dd038ae629326b3b8f6a89a6e12d61b399901

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\vk_swiftshader.dll

Filesize
4.2MB

MD5
66cafd13877168b0062349a5a639e4fe

SHA1
3936afd07d22d44d033908ae6d56c58ff395d755

SHA256
270f2398c073b62660eb8ff492a8ed4c0b760b044d34a6b6fbaa42cf7cb78e84

SHA512
8d1d2f9516510ae7b0d4a7f401800092005b5da58d70d22a9b893bca52ca2d928708b558e7d95a18e540ccd3180dd038ae629326b3b8f6a89a6e12d61b399901

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\vk_swiftshader_icd.json

Filesize
106B

MD5
8642dd3a87e2de6e991fae08458e302b

SHA1
9c06735c31cec00600fd763a92f8112d085bd12a

SHA256
32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

SHA512
f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\vulkan-1.dll

Filesize
754KB

MD5
75bdb977c84aa352ae7dd7782f89611e

SHA1
62f9fe878d2972098895796b3d887f517951ddeb

SHA256
a43f02de6304eadaf539b127a2f02f95492abca28588d6e0f8cb115388b231cb

SHA512
5ed525be689fbb2a74dd2eb35a2099781c1c2848da524bd0a9d07c69154e1d131e30a08c690bb541231fcd14303fd3a6922bfb8ad47955020aebd81dee569561

Download Submit
C:\Users\Admin\AppData\Local\WeMod\app-8.6.0\vulkan-1.dll

Filesize
754KB

MD5
75bdb977c84aa352ae7dd7782f89611e

SHA1
62f9fe878d2972098895796b3d887f517951ddeb

SHA256
a43f02de6304eadaf539b127a2f02f95492abca28588d6e0f8cb115388b231cb

SHA512
5ed525be689fbb2a74dd2eb35a2099781c1c2848da524bd0a9d07c69154e1d131e30a08c690bb541231fcd14303fd3a6922bfb8ad47955020aebd81dee569561

Download Submit
C:\Users\Admin\AppData\Local\WeMod\packages\RELEASES

Filesize
76B

MD5
2048a6e63ea6c66ea9001d9f51fe6c38

SHA1
6faf9dc016628783068f5430da2d6ab6ee99846d

SHA256
52cc531dc4610e5fb892bc39bc91811a58096e9032f1c67f9f46555c1be3c32c

SHA512
c4d47030b171a403d0990f769cc63ed109929ce3e9089a546fa144e748696d6d75f958d66c80f4aa84585db0977323cf7e0c428857ff898db373a4f2edb5b4cb

Download Submit
C:\Users\Admin\AppData\Local\WeMod\packages\RELEASES

Filesize
76B

MD5
2048a6e63ea6c66ea9001d9f51fe6c38

SHA1
6faf9dc016628783068f5430da2d6ab6ee99846d

SHA256
52cc531dc4610e5fb892bc39bc91811a58096e9032f1c67f9f46555c1be3c32c

SHA512
c4d47030b171a403d0990f769cc63ed109929ce3e9089a546fa144e748696d6d75f958d66c80f4aa84585db0977323cf7e0c428857ff898db373a4f2edb5b4cb

Download Submit
C:\Users\Admin\AppData\Local\WeMod\packages\RELEASES

Filesize
76B

MD5
2048a6e63ea6c66ea9001d9f51fe6c38

SHA1
6faf9dc016628783068f5430da2d6ab6ee99846d

SHA256
52cc531dc4610e5fb892bc39bc91811a58096e9032f1c67f9f46555c1be3c32c

SHA512
c4d47030b171a403d0990f769cc63ed109929ce3e9089a546fa144e748696d6d75f958d66c80f4aa84585db0977323cf7e0c428857ff898db373a4f2edb5b4cb

Download Submit
C:\Users\Admin\AppData\Local\WeMod\packages\WeMod-8.6.0-full.nupkg

Filesize
98.2MB

MD5
5b65b8e7c722ea3cdd852a60e3a47e48

SHA1
78caa65d63160b9b3364633ed0435b91eb116d8d

SHA256
1b663486c0bf5ea10ecc69c3eaa7b46c565f3cf6c1144dcde260fa8611cfb20f

SHA512
059e220748dcaf694edc308f9a16d90975c0cd098158256ac9e4f8a77364896e5bca1452448492c15f5e22f1a1c3b06a0e73da081a5713988b1686da47fb6d3d

Download Submit
C:\Users\Admin\AppData\Local\WeMod\packages\WeMod-8.6.0-full.nupkg

Filesize
98.2MB

MD5
5b65b8e7c722ea3cdd852a60e3a47e48

SHA1
78caa65d63160b9b3364633ed0435b91eb116d8d

SHA256
1b663486c0bf5ea10ecc69c3eaa7b46c565f3cf6c1144dcde260fa8611cfb20f

SHA512
059e220748dcaf694edc308f9a16d90975c0cd098158256ac9e4f8a77364896e5bca1452448492c15f5e22f1a1c3b06a0e73da081a5713988b1686da47fb6d3d

Download Submit
C:\Users\Admin\AppData\Local\WeMod\update.exe

Filesize
1.8MB

MD5
b43e5cf21598243f3078d787159d7bef

SHA1
dbe552b5455966b2cc59e6786dac21610cbbea0e

SHA256
36fd9d2415858e7010345d3fc16536349a689f9d75ed005151cb4ff5e1d0cb80

SHA512
8c41abd147c334fbff93871f08eb878e60c7be3e26487c601d741dfaa7a047d85e3d21ef10f47fafd65c569e90e9d1b32cad74fc4065e3c16728681f6c5df9be

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\WeMod\Network\TransportSecurity

Filesize
366B

MD5
48c46a7289afdfc7636c8f64574a65b8

SHA1
b09c077d780a131446eba8138de11a05bd6a6a0e

SHA256
1d9f159409d5f3ccc8a2074206c3b4b6f8318b849747eb8f78a9e6426ea8876e

SHA512
4edb2612a58b7172f44c18b45e1a3de52ed208ca2643856000b46e7544892256746a16cd851df33fe65643ed9c57b61e93c310a074573cb804b9caafdee766ac

Download Submit
C:\Users\Admin\AppData\Roaming\WeMod\Network\TransportSecurity~RFe590b51.TMP

Filesize
201B

MD5
7be9bea85736af7d2595cc71968a4309

SHA1
88f5a847f6a959dc2a95b13618d17b6370594fc5

SHA256
4f5f0eeef3bbd3992cc264b8112461592098c8892a443dc834a92f908d0bb697

SHA512
14cd208482b4ca87371d8a2b0a20fb36db4db1edefd7b331d79c3b2f0fe3699abdf67378b6592577df3bbaddc69ee1af0cb86fed5f787918461cc85922d7881f

Download Submit
memory/2408-141-0x0000000000360000-0x0000000000536000-memory.dmp

Filesize
1.8MB

Download
memory/2408-274-0x0000000022040000-0x000000002204E000-memory.dmp

Filesize
56KB

Download
memory/2408-145-0x0000000000D20000-0x0000000000D30000-memory.dmp

Filesize
64KB

Download
memory/2408-142-0x0000000000D20000-0x0000000000D30000-memory.dmp

Filesize
64KB

Download
memory/2408-288-0x0000000000D20000-0x0000000000D30000-memory.dmp

Filesize
64KB

Download
memory/2408-273-0x0000000022070000-0x00000000220A8000-memory.dmp

Filesize
224KB

Download
memory/2616-392-0x000000001DB20000-0x000000001E048000-memory.dmp

Filesize
5.2MB

Download
memory/2616-389-0x000000001C180000-0x000000001C190000-memory.dmp

Filesize
64KB

Download
memory/2856-404-0x000002B638F50000-0x000002B638F60000-memory.dmp

Filesize
64KB

Download
memory/2856-395-0x000002B638A20000-0x000002B638B10000-memory.dmp

Filesize
960KB

Download
memory/2856-403-0x000002B638E80000-0x000002B638EA2000-memory.dmp

Filesize
136KB

Download
memory/2856-409-0x000002B638F50000-0x000002B638F60000-memory.dmp

Filesize
64KB

Download
memory/3804-252-0x0000000000040000-0x000000000021C000-memory.dmp

Filesize
1.9MB

Download
memory/3804-263-0x000000001BC10000-0x000000001BC20000-memory.dmp

Filesize
64KB

Download
memory/3804-254-0x000000001BC10000-0x000000001BC20000-memory.dmp

Filesize
64KB

Download
memory/4992-270-0x00000000027F0000-0x0000000002800000-memory.dmp

Filesize
64KB

Download
memory/4992-272-0x00000000025F0000-0x0000000002610000-memory.dmp

Filesize
128KB

Download