7554ddb13cc50c4f95a64e655b0aec126a2a6d6073cdea6305efb00a52e4d4d1

Analysis

max time kernel
151s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
22/05/2023, 21:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Hyperbeam Setup 0.21.0.exe
Size

64.8MB
MD5

ee818d25da7dc81da07de994c16e47eb
SHA1

530d4211ace147d5d4672768b480ef46a0a88294
SHA256

7554ddb13cc50c4f95a64e655b0aec126a2a6d6073cdea6305efb00a52e4d4d1
SHA512

f89066b6efdadf834e3aef32a7cb14bb4c032aba9811717215da61f8de1bbc114e01be98829e80b099ac794f63fab28cc479405d70311e2a3769298af10e99b7
SSDEEP

1572864:qWNtTIQ3bcG8yb5D/HVI05Op7rYzmumHX0kxZl:qWN6Q3QGXbYQK7hHkkjl

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000\Control Panel\International\Geo\Nation	Hyperbeam.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000\Control Panel\International\Geo\Nation	Hyperbeam.exe

Executes dropped EXE 4 IoCs

pid	Process
436	Hyperbeam.exe
1068	Hyperbeam.exe
1488	Hyperbeam.exe
2960	Hyperbeam.exe

Loads dropped DLL 17 IoCs

pid	Process
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
436	Hyperbeam.exe
436	Hyperbeam.exe
1488	Hyperbeam.exe
1068	Hyperbeam.exe
1068	Hyperbeam.exe
1068	Hyperbeam.exe
1068	Hyperbeam.exe
1068	Hyperbeam.exe
1068	Hyperbeam.exe
2960	Hyperbeam.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates processes with tasklist 1 TTPs 1 IoCs

Process Discovery

T1057

pid	Process
1784	tasklist.exe

Modifies registry class 28 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\shell\open\command	Hyperbeam.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "152"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "23"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "23"	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Hyperbeam\\Hyperbeam.exe\" \"%1\""	Hyperbeam.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\Total	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\URL Protocol	Hyperbeam.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\MuiCache	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DomStorageState	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "185"	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4eik = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Recognizers\\Tokens\\MS-1033-110-WINMO-DNN"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\ = "URL:hyperbeam"	Hyperbeam.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\shell\open	Hyperbeam.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4eik	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\microsoft.windows.search	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\windows.search	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "56"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "56"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam	Hyperbeam.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\hyperbeam\shell	Hyperbeam.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage	SearchApp.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5104	Hyperbeam Setup 0.21.0.exe
5104	Hyperbeam Setup 0.21.0.exe
1784	tasklist.exe
1784	tasklist.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	1784	tasklist.exe
Token: SeSecurityPrivilege	5104	Hyperbeam Setup 0.21.0.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe
Token: SeShutdownPrivilege	436	Hyperbeam.exe
Token: SeCreatePagefilePrivilege	436	Hyperbeam.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
436	Hyperbeam.exe
436	Hyperbeam.exe
436	Hyperbeam.exe
436	Hyperbeam.exe

Suspicious use of SendNotifyMessage 5 IoCs

pid	Process
436	Hyperbeam.exe
436	Hyperbeam.exe
436	Hyperbeam.exe
436	Hyperbeam.exe
436	Hyperbeam.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4064	SearchApp.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5104 wrote to memory of 3280	5104	Hyperbeam Setup 0.21.0.exe	83
PID 5104 wrote to memory of 3280	5104	Hyperbeam Setup 0.21.0.exe	83
PID 5104 wrote to memory of 3280	5104	Hyperbeam Setup 0.21.0.exe	83
PID 3280 wrote to memory of 1784	3280	cmd.exe	85
PID 3280 wrote to memory of 1784	3280	cmd.exe	85
PID 3280 wrote to memory of 1784	3280	cmd.exe	85
PID 3280 wrote to memory of 1592	3280	cmd.exe	86
PID 3280 wrote to memory of 1592	3280	cmd.exe	86
PID 3280 wrote to memory of 1592	3280	cmd.exe	86
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1068	436	Hyperbeam.exe	98
PID 436 wrote to memory of 1488	436	Hyperbeam.exe	99
PID 436 wrote to memory of 1488	436	Hyperbeam.exe	99
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100
PID 436 wrote to memory of 2960	436	Hyperbeam.exe	100

C:\Users\Admin\AppData\Local\Temp\Hyperbeam Setup 0.21.0.exe
"C:\Users\Admin\AppData\Local\Temp\Hyperbeam Setup 0.21.0.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:5104
- C:\Windows\SysWOW64\cmd.exe
  cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Hyperbeam.exe" | %SYSTEMROOT%\System32\find.exe "Hyperbeam.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3280
- - C:\Windows\SysWOW64\tasklist.exe
    tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Hyperbeam.exe"
    3⤵
    - Enumerates processes with tasklist
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:1784
- - C:\Windows\SysWOW64\find.exe
    C:\Windows\System32\find.exe "Hyperbeam.exe"
    3⤵
    PID:1592

C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe
"C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe"
1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:436
- C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe
  "C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\hyperbeam" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1524 --field-trial-handle=1736,i,16494115343012080594,1068737014074236270,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1068
- C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe
  "C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\hyperbeam" --mojo-platform-channel-handle=2040 --field-trial-handle=1736,i,16494115343012080594,1068737014074236270,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1488
- C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe
  "C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\hyperbeam" --app-path="C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2324 --field-trial-handle=1736,i,16494115343012080594,1068737014074236270,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2960

C:\Windows\system32\werfault.exe
werfault.exe /hc /shared Global\0a002b4ff7b94848aeb6cc42ebae80eb /t 3908 /p 3856
1⤵
PID:1420

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4064

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133292707826246186.txt

Filesize
76KB

MD5
725ad45b945b724533aa5abbbd9fcd55

SHA1
7471f248710e5f2128bbd6bf43f7acb020dc1b24

SHA256
de16d0aab826d9f50139f6eb4e0aef2dbc98df4261f4a5c8ccfba6d6f9d033e6

SHA512
b3110ddf1212e4ea0b97baf5e0df1f56246018dc90fa94903af73bbd0c88af17627b757c1c218260e7059f89abacf124a81139db4f64dc125a9baa6d0e226dda

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\D3DCompiler_47.dll

Filesize
4.7MB

MD5
cb9807f6cf55ad799e920b7e0f97df99

SHA1
bb76012ded5acd103adad49436612d073d159b29

SHA256
5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

SHA512
f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\chrome_100_percent.pak

Filesize
126KB

MD5
a3d4515d3a33a407d313a62818e82a5d

SHA1
967ff9a6774a66f7b3299af4fd5d70961ed54d79

SHA256
662a9db6ef4197cb4b6c50648a2cafceb7fd903015828df3fee605a602370be0

SHA512
0c757e1beccbca1ae0791fa0c51a9e2019696bd0965c73de67b364fba6f317ea2cf20fa65e4fa7dd22519683528e5112dc8c530049170f4e702e0c8d4e065801

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\chrome_100_percent.pak

Filesize
126KB

MD5
a3d4515d3a33a407d313a62818e82a5d

SHA1
967ff9a6774a66f7b3299af4fd5d70961ed54d79

SHA256
662a9db6ef4197cb4b6c50648a2cafceb7fd903015828df3fee605a602370be0

SHA512
0c757e1beccbca1ae0791fa0c51a9e2019696bd0965c73de67b364fba6f317ea2cf20fa65e4fa7dd22519683528e5112dc8c530049170f4e702e0c8d4e065801

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\chrome_200_percent.pak

Filesize
175KB

MD5
3bab45c70f22646cf8452c30903810cb

SHA1
40b31d4c79b5a2b8d12f8cf8b6c49c962c31f766

SHA256
d4282ae977f23afe252e19e421c8d09696ea3b83a1e73a6aaebaaa5547c74cbc

SHA512
85eda055494f0233c963e821906cf69d94e664d8396e8b08e7a8f412e1c16af71252fef1bfe3ed43cfad157aa90c0dcbb375626e2ddf0e807c9b23ad27e61d9c

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\d3dcompiler_47.dll

Filesize
4.7MB

MD5
cb9807f6cf55ad799e920b7e0f97df99

SHA1
bb76012ded5acd103adad49436612d073d159b29

SHA256
5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

SHA512
f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\icudtl.dat

Filesize
10.0MB

MD5
6690f2b2384e1bf8961fda96a4d07691

SHA1
111f6dd9833c653908431621fe8fbc87f1135632

SHA256
cb73d42d36839708013393ad0e4e932fdda9a1acda9275ecdbe74fe89eea8366

SHA512
6a5242fdc0ba09e339151feae1b3f7a9f00a09288b6f4ea9305d1a09d8bc3015c074ee91de35b8d6fc765c2fb55ec37dd91b8e66b7a7bb3148cbc305de19b088

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\libEGL.dll

Filesize
458KB

MD5
79d17646daac89413e76e5612353c94d

SHA1
cf648b96e89302f70b4deaa51499b7ea35d5f068

SHA256
cd79548789bd396bf81e5d5019ac4b802dadc82a22668c685fad2608c7d3f305

SHA512
acab8e90a9c872fc7fb25d7e5cecb0dd1dc18533b62511bd2baa74bc961c02c88ab8826c77d451deb1298528624d97d36c2cd53170a006b89ab8c7c0da97900c

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\libGLESv2.dll

Filesize
7.1MB

MD5
fe9b0eae67c26a0e8214e4c8e9f64182

SHA1
48dbeb8410f73119e1bf5dc7da5fb59934320e1b

SHA256
8f1e9e29ffe97fdc7efe7e3ad7169a48787d8ad0ac44e17840d0deae391576cf

SHA512
82ff0224de8c5f68575ab186d102afe63c48ce90afa2553e179db0088b7ca8ec87d37506d711611c873bab4a6e75e65a2c8c9fe6bd3b611fed4260cfba1cc3af

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\libegl.dll

Filesize
458KB

MD5
79d17646daac89413e76e5612353c94d

SHA1
cf648b96e89302f70b4deaa51499b7ea35d5f068

SHA256
cd79548789bd396bf81e5d5019ac4b802dadc82a22668c685fad2608c7d3f305

SHA512
acab8e90a9c872fc7fb25d7e5cecb0dd1dc18533b62511bd2baa74bc961c02c88ab8826c77d451deb1298528624d97d36c2cd53170a006b89ab8c7c0da97900c

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\libglesv2.dll

Filesize
7.1MB

MD5
fe9b0eae67c26a0e8214e4c8e9f64182

SHA1
48dbeb8410f73119e1bf5dc7da5fb59934320e1b

SHA256
8f1e9e29ffe97fdc7efe7e3ad7169a48787d8ad0ac44e17840d0deae391576cf

SHA512
82ff0224de8c5f68575ab186d102afe63c48ce90afa2553e179db0088b7ca8ec87d37506d711611c873bab4a6e75e65a2c8c9fe6bd3b611fed4260cfba1cc3af

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\locales\en-US.pak

Filesize
296KB

MD5
1e9b12891461eefd9db12e537965329c

SHA1
bf2346e045f79a70218890764b9318fa86886b36

SHA256
bd67fc968d75e77f2bae7ad552c398ccc4dad8635d74814c2046f813010c45e7

SHA512
3f01b9fc7e07bf6f3f8cda357debb83f73bb24179f6926d0b24114ac0078f42941a68842453bd7ee86cb759ef76e240b84278ebe1541cb659fb7caf3cf5b6820

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources.pak

Filesize
5.1MB

MD5
3d984171bf7cd9766e2f21bde99b52b7

SHA1
010467ead02a904b669526c899d2ccf2a0831092

SHA256
a8703075c4f583483e728560096e440cc31697e0a5688393b7dab9615011adeb

SHA512
bf54b46f92ed91bada2fe76a14f13c8261e825595da6c67143eb04f79d6c407e61102d310ebabcd17111288b282882ac74c1d99962447fad3a5bafcee0a5ba1c

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources\app-update.yml

Filesize
138B

MD5
1f37c365ac4c1e90f397bca6b052a9b3

SHA1
4850dd8fca87c3b8f4769297832d243b12161eaa

SHA256
f78c2335bb27e27010214620baa998ec02fadf476c862ddd646c644ca337fe11

SHA512
2b6f9f665613665452d66f51ce3c670974e46391666919b73d41c343c40e1255a42b3ae94e3cde6eab66d171eb4685ef2a3e6ec11468453834d47a8da5b86a02

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources\app.asar

Filesize
15.2MB

MD5
fa8ff01ec7ce037fa1518652dc96d45f

SHA1
5f723ad249e2bccd372d00ae3c54e661d6a9397a

SHA256
470ea96a0a352792d1e2cf84d178e38cd571718c58fa1a9859cca7227a002da1

SHA512
3f6f8cc64407ec77bee4c3f2f6578099b0736ac66136d61a86f1631b3be6eac46541386f9d780c2ed5828c6c8b634e46e1bd2e318046df1366b849e75eeef1e5

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources\assets\icons\png\32x32.png

Filesize
1KB

MD5
8b3514c86725fd861a6c247387521c39

SHA1
902574eaac1992c3c4ff5a89dc7b1c38be13e87f

SHA256
25b2e06ed269dc9dd950fa7d9e8c6fe89c678f8a9a0866a0b28174c2bb9b66de

SHA512
40ac1267a85a00153d5d3e5e99c4b736958521577c3aa412a2cb393940a220e79216235edbcb89a0fa4e947cf5c67529666dc5ac1797582c500aceeafa143ca4

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\resources\assets\icons\png\512x512.png

Filesize
18KB

MD5
a1c4b83fff19c3d75a1edaacd72e0c76

SHA1
d57b8e0788833a8f1497f41110ab45aeb8f0f0ec

SHA256
2b876c77469c35fd587102b78a6bb971d35f54073592ed4699f7079c5624d0e1

SHA512
d367391543dfc2b5d0ffcfd06c74ef41b684eb73a9422ac4c5737406fb6897cc9d8398706d05b080aee3c6d64ad6be9b0d8059206c39958ba000e32b3582c7f8

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\v8_context_snapshot.bin

Filesize
716KB

MD5
b978b7e83b574a43fe766af2b670c1c4

SHA1
ab0d1211740fefe3b8ddc8bcb2400e68cc88ba4d

SHA256
f59fa568139442c7f547fc8a5a0fd090ddc8427cc409e2fcef0518a9dcb47a96

SHA512
ac0f297b128e83d55788aadf5870849781d81cc61461117c5cf22f757e20089acb640b3ebc2f3bb2fbe1659e75da73a63cb884be4a791a90702758e6c52dc706

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\vk_swiftshader.dll

Filesize
4.6MB

MD5
09895152704e73f877090429a3f617a7

SHA1
6c9a5a4eec367bd020fb267545ff21c676c775ce

SHA256
a4ee0be900ba0afd24e94b86501b9aff169453fe0a930748a9839aba00aa3a49

SHA512
3e3c0d194a4476f0de279428e17fc96250ae8aa640094d8077ecbdda2f0661dfd253b503f6a69583f3983e230299f4c79e767c7824574ffd71b7904481bb9832

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\vk_swiftshader.dll

Filesize
4.6MB

MD5
09895152704e73f877090429a3f617a7

SHA1
6c9a5a4eec367bd020fb267545ff21c676c775ce

SHA256
a4ee0be900ba0afd24e94b86501b9aff169453fe0a930748a9839aba00aa3a49

SHA512
3e3c0d194a4476f0de279428e17fc96250ae8aa640094d8077ecbdda2f0661dfd253b503f6a69583f3983e230299f4c79e767c7824574ffd71b7904481bb9832

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\vk_swiftshader_icd.json

Filesize
106B

MD5
8642dd3a87e2de6e991fae08458e302b

SHA1
9c06735c31cec00600fd763a92f8112d085bd12a

SHA256
32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

SHA512
f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\vulkan-1.dll

Filesize
849KB

MD5
6e5c112a19cadb33fdc55622218a7386

SHA1
b9b0395372967ddadb32d66481b26df4f0b9fefb

SHA256
a88440204e4a7bc48c5829375d1da3e37b675b5b0fdc5b073a50dd2869931cda

SHA512
4d1cda843a6081a2b76b2748e7db62069ae0fd539a6ef9177ee490dad93ec5bd8bf624645dd03ce0e3ea4357eb2973ec1005f78d8bc7481b592de4fab960edc8

Download Submit
C:\Users\Admin\AppData\Local\Programs\Hyperbeam\vulkan-1.dll

Filesize
849KB

MD5
6e5c112a19cadb33fdc55622218a7386

SHA1
b9b0395372967ddadb32d66481b26df4f0b9fefb

SHA256
a88440204e4a7bc48c5829375d1da3e37b675b5b0fdc5b073a50dd2869931cda

SHA512
4d1cda843a6081a2b76b2748e7db62069ae0fd539a6ef9177ee490dad93ec5bd8bf624645dd03ce0e3ea4357eb2973ec1005f78d8bc7481b592de4fab960edc8

Download Submit
C:\Users\Admin\AppData\Local\Temp\eb537c95-f178-49d9-8e63-85ec6ef1758b.tmp.node

Filesize
495KB

MD5
2451dbaaa5c1b21da03be4fb0fb8c3fc

SHA1
900809bc256be20cbed09db625e2a67d623d18ed

SHA256
c19cc096eee9424ec00aaba8b2756613e9b5dc7f1559bc7141acbd18ce4cc79b

SHA512
9586e8fb84405450ebb5ce5bc909c70e0d9a79af8474029f225c0a987a3c18230b54feeb864016d56eeacd1ac496fa213f0ad621f0b78a2bc7990683cc4c67bd

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\Hyperbeam.exe

Filesize
145.0MB

MD5
16be127ba5c4d3dc2daab53cf952ad7a

SHA1
adb1a41519fcd5e6952425726bd8d239bdfa1483

SHA256
c27942559e94bfe4700aa2b120e0149a674085f42862b51d02657203cfcd3395

SHA512
938d0714d4ee7c490fb6a0af667b0cb0c9c79fc8953dbdb60312cc5d9417057efd74021fe0ce3e5bf8214416fc53638262522987884b9cd9a78f3bd53cdc4f5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\LICENSE.electron.txt

Filesize
1KB

MD5
4d42118d35941e0f664dddbd83f633c5

SHA1
2b21ec5f20fe961d15f2b58efb1368e66d202e5c

SHA256
5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d

SHA512
3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\LICENSES.chromium.html

Filesize
6.2MB

MD5
53ef875136b19bef138829d5846208b0

SHA1
edfcf34901b7fc6a3e578d637266686673a30299

SHA256
d3bf6dd8892c6d77555e0b55efe98bfd18f08987ea39668bc5d0c419877aef1f

SHA512
b6f0e50ac1a2a2144d718eca60dd8a26ca48045fff9c05327e4e0e09a4d12ba69952f9feb9481497f9b1b1378a5c1d55845bee551f84e7a47f98f7a222c302ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\chrome_200_percent.pak

Filesize
175KB

MD5
3bab45c70f22646cf8452c30903810cb

SHA1
40b31d4c79b5a2b8d12f8cf8b6c49c962c31f766

SHA256
d4282ae977f23afe252e19e421c8d09696ea3b83a1e73a6aaebaaa5547c74cbc

SHA512
85eda055494f0233c963e821906cf69d94e664d8396e8b08e7a8f412e1c16af71252fef1bfe3ed43cfad157aa90c0dcbb375626e2ddf0e807c9b23ad27e61d9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\d3dcompiler_47.dll

Filesize
4.7MB

MD5
cb9807f6cf55ad799e920b7e0f97df99

SHA1
bb76012ded5acd103adad49436612d073d159b29

SHA256
5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a

SHA512
f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\ffmpeg.dll

Filesize
2.7MB

MD5
c92829816a0f5e945f014a437e668b38

SHA1
5998ef0668a09345af83757eb58553f6e6cbf767

SHA256
b325226a9777eefe345d9736d4f1f98b6ccb464e4a3abccd35f10bf108518ae4

SHA512
2799cb0d806f03cc3b60874c89f20261a0ac8b43c30d7ebcdfb01c4543253f3f5f0991fcb3305cb4617245469a58d7aa8f0f66e946f8fd45231d9597e32384e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\icudtl.dat

Filesize
10.0MB

MD5
6690f2b2384e1bf8961fda96a4d07691

SHA1
111f6dd9833c653908431621fe8fbc87f1135632

SHA256
cb73d42d36839708013393ad0e4e932fdda9a1acda9275ecdbe74fe89eea8366

SHA512
6a5242fdc0ba09e339151feae1b3f7a9f00a09288b6f4ea9305d1a09d8bc3015c074ee91de35b8d6fc765c2fb55ec37dd91b8e66b7a7bb3148cbc305de19b088

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\libEGL.dll

Filesize
458KB

MD5
79d17646daac89413e76e5612353c94d

SHA1
cf648b96e89302f70b4deaa51499b7ea35d5f068

SHA256
cd79548789bd396bf81e5d5019ac4b802dadc82a22668c685fad2608c7d3f305

SHA512
acab8e90a9c872fc7fb25d7e5cecb0dd1dc18533b62511bd2baa74bc961c02c88ab8826c77d451deb1298528624d97d36c2cd53170a006b89ab8c7c0da97900c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\libGLESv2.dll

Filesize
7.1MB

MD5
fe9b0eae67c26a0e8214e4c8e9f64182

SHA1
48dbeb8410f73119e1bf5dc7da5fb59934320e1b

SHA256
8f1e9e29ffe97fdc7efe7e3ad7169a48787d8ad0ac44e17840d0deae391576cf

SHA512
82ff0224de8c5f68575ab186d102afe63c48ce90afa2553e179db0088b7ca8ec87d37506d711611c873bab4a6e75e65a2c8c9fe6bd3b611fed4260cfba1cc3af

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\locales\en-GB.pak

Filesize
293KB

MD5
0444defa8f211ac4eabcc760b14a5b8a

SHA1
f143e080ba73f83c77d6c095ab8be1f71f763532

SHA256
e252661d412a068610ac2e2a64609f21f71c64602c579a14d7e6ee59d08fdfc1

SHA512
ef4977e477c3c39c2915e82162bf44370a3e2242a2fe57b43a0c2342171d02278adcec9d602ad4d4021a6554ad85a55d4635ccf3cf97405bda30626379d875b6

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\locales\en-US.pak

Filesize
296KB

MD5
1e9b12891461eefd9db12e537965329c

SHA1
bf2346e045f79a70218890764b9318fa86886b36

SHA256
bd67fc968d75e77f2bae7ad552c398ccc4dad8635d74814c2046f813010c45e7

SHA512
3f01b9fc7e07bf6f3f8cda357debb83f73bb24179f6926d0b24114ac0078f42941a68842453bd7ee86cb759ef76e240b84278ebe1541cb659fb7caf3cf5b6820

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\locales\es-419.pak

Filesize
358KB

MD5
637dcfd56428fe96bb0a778b0cf8a660

SHA1
1bad857d600d00864edc3d31529cf4ef6a49b580

SHA256
45f136986a226b1385189997aad2f660d0f518cc9871862250736237e0b105cf

SHA512
66b5c92687e97326af47258d38ec523184ced00855ca385515c64bfb9a7e3eb8dd1f885c4db5891bad680c670714bf9e5574483e34265c1f7781c8a7e7af9301

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\locales\es.pak

Filesize
359KB

MD5
85e0afd9c09f97cecc025f31fdb6269c

SHA1
13b9ec632e465c31fe6e88b1e3c186a2eacf5de6

SHA256
e1a9180677d2989137e8dd381e6c847c47b385a6d3e965a047829479317736ae

SHA512
0371b816522bc43b124ab8dfba3ac55e63c435276031f7035075a0767a11f3d73b5991156ee6ea1770d0115c09cb653c9d3fbda4b2d9f1e00b068c9d7a2f8db4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources.pak

Filesize
5.1MB

MD5
3d984171bf7cd9766e2f21bde99b52b7

SHA1
010467ead02a904b669526c899d2ccf2a0831092

SHA256
a8703075c4f583483e728560096e440cc31697e0a5688393b7dab9615011adeb

SHA512
bf54b46f92ed91bada2fe76a14f13c8261e825595da6c67143eb04f79d6c407e61102d310ebabcd17111288b282882ac74c1d99962447fad3a5bafcee0a5ba1c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\app-update.yml

Filesize
138B

MD5
1f37c365ac4c1e90f397bca6b052a9b3

SHA1
4850dd8fca87c3b8f4769297832d243b12161eaa

SHA256
f78c2335bb27e27010214620baa998ec02fadf476c862ddd646c644ca337fe11

SHA512
2b6f9f665613665452d66f51ce3c670974e46391666919b73d41c343c40e1255a42b3ae94e3cde6eab66d171eb4685ef2a3e6ec11468453834d47a8da5b86a02

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\app.asar

Filesize
15.2MB

MD5
fa8ff01ec7ce037fa1518652dc96d45f

SHA1
5f723ad249e2bccd372d00ae3c54e661d6a9397a

SHA256
470ea96a0a352792d1e2cf84d178e38cd571718c58fa1a9859cca7227a002da1

SHA512
3f6f8cc64407ec77bee4c3f2f6578099b0736ac66136d61a86f1631b3be6eac46541386f9d780c2ed5828c6c8b634e46e1bd2e318046df1366b849e75eeef1e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\1024x1024.png

Filesize
39KB

MD5
c5fc8787181aca58c2b8fcbb5181949c

SHA1
f35847849b002cfb419bfa23d550decfa43a368c

SHA256
ac8f9f11f938eabd84027f3dadaf8ceeeacc353041bc7899fc86b24373f6deba

SHA512
a29ace0a48f8f0e7a478b01aa55abf353a0bef38401bffa6582726356326467f009022d5990e0b5eeaf88bd652d6fe80d0d05108ef70c6f96c646c4ff4915dd0

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\128x128.png

Filesize
4KB

MD5
c9bd7e5f3d4b776f65cd7e7a9f13d286

SHA1
85fa6e31d26e9671ae71905aa6003ceab293f1f7

SHA256
0276f44b39a1ee180a4208d0ce2d1e5b0f63ebe52730baf86eba82dd122d4749

SHA512
202be03e378f7d4e130504ec4feb5616bda1ee1b9cd7f8d98d36c47ac367119a286040c1a50a122b913a827b99f1ae570ce40e1732e41f3401fb1ebde1ffdb3a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\16x16.png

Filesize
529B

MD5
e6ede0e8ab552a71ed81bca7acdb993d

SHA1
475e63479dfa87c0074be987ebea7d6544526787

SHA256
8cb6183bfa529d39c05d8df43a64f7bcab2f840f2d0304ebc23b9e3577c9a454

SHA512
536b0b6680bdbf57dbb056f9462f21d27f201e14b5499b50bb20293d9434a1c8f828f5f7a31ee419b3277daaf006abb3f48f765c0dcc4b737b1020e9c59130d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\24x24.png

Filesize
863B

MD5
137ab36e995228ac323682de59f49e7a

SHA1
acec21708c01b22ff173912caa2f8eb821376934

SHA256
fd0c474ab205aa88add798d03c5240fdc5083b023f489a27893a7ae64253d67a

SHA512
0ab74cb5c9386f580a76b9fbe5236066930523d9e17d1dce2349f4d79efe1454fa3bb30b694c9befc8c939c4b1f66f7887fe4742eff1bc27d22936f88ec020b7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\256x256.png

Filesize
8KB

MD5
f4673c68db3fba5ffce6dfc02f7dae13

SHA1
453b0dde274557a558dbdf3f5a940dfac3e78de8

SHA256
bb0178eb2201bca2457fe92bac06e2075a00aad50a4a512828c6a9778f1bb404

SHA512
da19ddbb85cb325017f59f820071451517761ace24d69bcfa4687761a0878442b11f3236db60aac68254da756d0c39e80264f420c54f517c6d25f3e14cf43eaf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\32x32.png

Filesize
1KB

MD5
8b3514c86725fd861a6c247387521c39

SHA1
902574eaac1992c3c4ff5a89dc7b1c38be13e87f

SHA256
25b2e06ed269dc9dd950fa7d9e8c6fe89c678f8a9a0866a0b28174c2bb9b66de

SHA512
40ac1267a85a00153d5d3e5e99c4b736958521577c3aa412a2cb393940a220e79216235edbcb89a0fa4e947cf5c67529666dc5ac1797582c500aceeafa143ca4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\48x48.png

Filesize
1KB

MD5
5ed9466c3d01fb2d628a87d7ba9bca51

SHA1
be40c409fda8341c08bde7f416324ff0d07a87b9

SHA256
cd8c4c50b2e68fdb9c79d39f2b7b61a7e9e11fb07bcd8a97ad0030c56afe240d

SHA512
762edfe619a8b8e12ed9e319931af0c163cfd85dc1a764d3b1a4a4df477ace9d65ba1b5e7b8d9d46fe698891e6c3ccf2397af8d34fb7a4100ec127da6a236583

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\512x512.png

Filesize
18KB

MD5
a1c4b83fff19c3d75a1edaacd72e0c76

SHA1
d57b8e0788833a8f1497f41110ab45aeb8f0f0ec

SHA256
2b876c77469c35fd587102b78a6bb971d35f54073592ed4699f7079c5624d0e1

SHA512
d367391543dfc2b5d0ffcfd06c74ef41b684eb73a9422ac4c5737406fb6897cc9d8398706d05b080aee3c6d64ad6be9b0d8059206c39958ba000e32b3582c7f8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\png\64x64.png

Filesize
2KB

MD5
05f58ff7147df767ddb8a4582f2df237

SHA1
5d23d2fb1c2e293ca1c84b15dc80c03d0dc93be1

SHA256
5d204653efc21d43a80a1d0944302bac8a00ada2a20e5191e059a06f1c1c6d1a

SHA512
c9a431969107e7ac8a19b1503ab2930ab28d999af09681594cb1bb7e841dabd865524568ff6cc72e0a42998286b2dad9f3e8e11aa6992b163b99aaadea693bec

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\assets\icons\win\icon.ico

Filesize
352KB

MD5
199a597857932a3c3440ad88f9f8ec83

SHA1
3dabf8ed3411fca798b9f9e240cb7f9d297c3066

SHA256
a9798c50b6889fa60d83b00a65a4b7c55a72ee147147c8845145ccaab1260e0d

SHA512
824b1c0dcafd4cecf70d07a3e16f186df355cbfdb62dcf2b996106e9f3b1747071853ddf54ca6a2a4478fb45685963f1b83390ec4a817639a9751d5a16ceb9a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\resources\elevate.exe

Filesize
111KB

MD5
eb49ddad4aa07b44c3c931a505e36196

SHA1
9738231d45eac0bd2044824dc1aed632ed99ccac

SHA256
7c4236c66700d6eda63d02ad641b8ef34bc9e53015cb16086e9d86bbeabc77fc

SHA512
92cdf35be27b435810ade11e7f56e2b68cfe270f1f8418a51508c85ad7051ef2a1cc2368819872d1850ba734ac0357087abbbfa3aee449d51093a7c588a68561

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\snapshot_blob.bin

Filesize
401KB

MD5
17b5a28e6aa7ef49bea7555843937313

SHA1
8c740e68f009c3d03db74edc347cc5d1fac7b1b8

SHA256
2590aa136bc101f1075e42cd8939c7679ceb35b773c989be2ada49acaffd01a5

SHA512
af7efffed22246389d6a834cc8d8467e965849ffb8fbecd4d192c0596d1a026c6ddbe49cd2029163fd77bad22906e80446512bdb918875a7fa96c6ffef65cfc5

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\v8_context_snapshot.bin

Filesize
716KB

MD5
b978b7e83b574a43fe766af2b670c1c4

SHA1
ab0d1211740fefe3b8ddc8bcb2400e68cc88ba4d

SHA256
f59fa568139442c7f547fc8a5a0fd090ddc8427cc409e2fcef0518a9dcb47a96

SHA512
ac0f297b128e83d55788aadf5870849781d81cc61461117c5cf22f757e20089acb640b3ebc2f3bb2fbe1659e75da73a63cb884be4a791a90702758e6c52dc706

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\vk_swiftshader.dll

Filesize
4.6MB

MD5
09895152704e73f877090429a3f617a7

SHA1
6c9a5a4eec367bd020fb267545ff21c676c775ce

SHA256
a4ee0be900ba0afd24e94b86501b9aff169453fe0a930748a9839aba00aa3a49

SHA512
3e3c0d194a4476f0de279428e17fc96250ae8aa640094d8077ecbdda2f0661dfd253b503f6a69583f3983e230299f4c79e767c7824574ffd71b7904481bb9832

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\vk_swiftshader_icd.json

Filesize
106B

MD5
8642dd3a87e2de6e991fae08458e302b

SHA1
9c06735c31cec00600fd763a92f8112d085bd12a

SHA256
32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

SHA512
f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\7z-out\vulkan-1.dll

Filesize
849KB

MD5
6e5c112a19cadb33fdc55622218a7386

SHA1
b9b0395372967ddadb32d66481b26df4f0b9fefb

SHA256
a88440204e4a7bc48c5829375d1da3e37b675b5b0fdc5b073a50dd2869931cda

SHA512
4d1cda843a6081a2b76b2748e7db62069ae0fd539a6ef9177ee490dad93ec5bd8bf624645dd03ce0e3ea4357eb2973ec1005f78d8bc7481b592de4fab960edc8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\nsExec.dll

Filesize
6KB

MD5
ec0504e6b8a11d5aad43b296beeb84b2

SHA1
91b5ce085130c8c7194d66b2439ec9e1c206497c

SHA256
5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

SHA512
3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

Download Submit
C:\Users\Admin\AppData\Local\Temp\nso9291.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Cache\Cache_Data\f_000001

Filesize
79KB

MD5
9c77a3fa79f094167c4646ff20031a1c

SHA1
06b400d62466a6429b9174954657be6f9cd5fb7b

SHA256
10b44cae6f33b6919963699dd004e12ee04559909f8962b1ea4591875d6f837f

SHA512
b52d7148f98939fdc85f2d6af1557de4bf3ab12b19d762afbc7dab73984e7cf0a99d8d23b24cf42dc1b767a090ba2aa467e05ce65dbf9dca56a5b1d580b2de37

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Cache\Cache_Data\f_000002

Filesize
244KB

MD5
92f09f22b991fdd9f762a4bfb7cd2003

SHA1
d1c0b65ee2314123c5874fdfb1d30f364e65883f

SHA256
59ed3bef9c3e0b3d515dd445ed7cbe96438a1ef3df2646613945ea8b3053ff20

SHA512
e0375c701d8bfe6681adf31091bbbbe5ea85475f2a3f7bae333e4d8d66b1096d7ded11c11c4047166c5ee3573b53688a386ec2cacf5d7800d65cc268700531db

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Cache\Cache_Data\f_000004

Filesize
54KB

MD5
80b3cebe7b75130d36c97ddb653f3520

SHA1
3da0d576287a0f86892f258881cf5a9cb733bb76

SHA256
b8c59469738c452de4ca95c58a3dc11e0a3cc9451e6328b3f96155f5e4a774b8

SHA512
1bf98605b8b8af8526449d5d498ec53021321fb897c3339ba8d6e5e5d7490f155ad6ad79bd6dddd44fcb08ecdf0b57236b23c173af097b2c8dba31fe542557ea

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
98f84a36638182babd496d04f57ac4bc

SHA1
17909855eae53953d392133c7f0fa5d88d86652f

SHA256
462f83a795b3e064e71714eb8fa2751a077cd6c66866300f50035e7ea4f157b3

SHA512
216e8cab5befda448bbf342ab6c4e52d9dfbeedde65225d076f778e5497259afad0a62ccdc6c83c0805bbb8ad9c2004c920d7d992ff57fb03f0983919e56180f

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
90959e03f71dc7d57e0a35b1efaf2666

SHA1
01d906f175762c398194a836711a58beb14d6eb9

SHA256
8b36a989c9f8cfba2dc76030385c906cb52e4282edf7cc127a3c92f42845816b

SHA512
e49d004b9b51e935bb4922349ee8d1212b88ab7285b198c385a735700e5c57675bb96293ff81ba6c17f276c801590b05e6d3f7e6619b2f2104b7465a20161638

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Network\Network Persistent State

Filesize
521B

MD5
79d6efae5bb15c1d30592110a380f240

SHA1
4755d2f262f8819751cce12b99b42052c240c219

SHA256
b8a5350eba35ad500de39ac9935eb8f37fd3dd0903fb42107cf51495b07a1891

SHA512
b3e099f7a0a1fdd0fdccd5b4e2a15dc2d57560001cbf2f3415bdb6a5564d2c8930b1e51e52164939c6548a5d6875bf0bfb06ff906f1f3b2740aace254f2c371f

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Network\Network Persistent State~RFe5848ac.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Preferences

Filesize
57B

MD5
58127c59cb9e1da127904c341d15372b

SHA1
62445484661d8036ce9788baeaba31d204e9a5fc

SHA256
be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de

SHA512
8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\CacheStorage\3a3ef770bfb7ff7305a15868ae01c49399715c03\0c39d14a-a7f7-4589-8301-63992f53ac50\index-dir\the-real-index

Filesize
1KB

MD5
01cb8bdc714d8b12741fb0df696e8afa

SHA1
9d52f5aff9232fec0253365c9e401f6c7f3c0238

SHA256
981acfefab087555e42ef36594ca8079628317ce3ac8133ff88b7fecf9f99d22

SHA512
7f1c68200ab3fcb4386bc8e522d52d15aa0ab6969be52fd179cc845e6df5dce0e8df9637b151fa7258942f466ea45752446820af3ed333c2967f0ba94400fafa

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\CacheStorage\3a3ef770bfb7ff7305a15868ae01c49399715c03\0c39d14a-a7f7-4589-8301-63992f53ac50\index-dir\the-real-index~RFe582c99.TMP

Filesize
48B

MD5
9e3946b3a6fe45cc3e21a86bdcdbfc9a

SHA1
42f32b2b1de6423214899686b90b16250ad493fb

SHA256
7d74e0ddecfd7028681701359c42762e05a3af6b606a07f90401d6a08fe86e4c

SHA512
bb9b08aa84c536b3949bfea66dd8b0aee7ef3325ae897ca3c36123772d26e6cd0b9fb46c3f0e374c11aae0a3df456acfd3673b06dba012f184e99cc3bf433a07

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\CacheStorage\3a3ef770bfb7ff7305a15868ae01c49399715c03\index.txt

Filesize
121B

MD5
6285b92d866a0ec16e02de3a4b4b9116

SHA1
d8a93f84f03586613aaad90fe45345449ebd058a

SHA256
dede49f8eb3228328e05fbc7f49b2d42d08aef5fcf78bbc0af931355569767fc

SHA512
89ba26be4c3c53c78fbae3663e604c3deca85cd6e8cd5316747bbf049d0c63b79b76dc0950770231af842f90536024c156082a88febbbe54d8d75c283ca49852

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\CacheStorage\3a3ef770bfb7ff7305a15868ae01c49399715c03\index.txt~RFe582cc8.TMP

Filesize
125B

MD5
1b538e65cc9a372ac692bc2a6e50e4ef

SHA1
cec0ee3ff006fb20d77c14ac508e747b8f29be81

SHA256
bd195a5f316aba0870ac154108616e730fa6e350951929d7b8fdc7603e495686

SHA512
66f76bbcbf9eae62fada4756d4bae1417e9773b4a1f0371d7c4e32e07c164e664b4858ad0919fd9a107e9f304bb7e4e3016d5800629ef25c0ad1e7809aa1af8f

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
533a96b8fc90a8cc35074b4463f9e940

SHA1
fc930ce4fa498da0ac6c6fed79bf8d7aa7a3fa05

SHA256
35174acd2b5b45a3ac52b2d592282e4b537596c48ee386e8aa2cd4dadfe8891c

SHA512
b0c071161984f4ea0aa58555124478358aa4b3d9b43491baed2f91a9a7322832478d2bc81cc61330d576844e29489ebabceafc843092d675bc682120c07ded34

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ea6f.TMP

Filesize
48B

MD5
69e94cecbbf52619fca05f8435b6c8e6

SHA1
5720fe487a9e3013b365e6f7c4d158b1dd29aeef

SHA256
bc935b19f7f5a693a60afbc47a4cce8eeb78023c1cb5befe27777528e75c6fc9

SHA512
597470e9215f6af0a2792ff144ec46094a20020296de6d3023ff0f771d2a7d68090c86c3b95382ac5239eab5a5e4f8c6568493e9613a46de5fcf0a433bbae890

Download Submit
C:\Users\Admin\AppData\Roaming\hyperbeam\Session Storage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
memory/1068-510-0x00007FFFE3CF0000-0x00007FFFE3CF1000-memory.dmp

Filesize
4KB

Download
memory/2960-576-0x00007FFFE4250000-0x00007FFFE4251000-memory.dmp

Filesize
4KB

Download
memory/2960-577-0x00007FFFE3360000-0x00007FFFE3361000-memory.dmp

Filesize
4KB

Download
memory/2960-603-0x000001DE1AC90000-0x000001DE1AD3D000-memory.dmp

Filesize
692KB

Download
memory/4064-712-0x000001B44A0A0000-0x000001B44A0C0000-memory.dmp

Filesize
128KB

Download
memory/4064-710-0x000001B449C90000-0x000001B449CB0000-memory.dmp

Filesize
128KB

Download
memory/4064-708-0x000001B449CD0000-0x000001B449CF0000-memory.dmp

Filesize
128KB

Download