5d367ebda866b40688258207090562d070d7f1ad3a4e139a5eaeab2da7914c2f

Analysis

max time kernel
13s
max time network
20s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2023, 14:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Foodie-Dash.exe
Size

18.2MB
MD5

77f6e0af21bd3fbad512428fac9b081f
SHA1

90937c355dc723155d93ecb8ca36cda6c2f34451
SHA256

5d367ebda866b40688258207090562d070d7f1ad3a4e139a5eaeab2da7914c2f
SHA512

c429c587295553d21ca3f9a6657bf6ea468a4db828651b06e415724b8e381b63ec7c38abd69099aa42f36863a4da77c58cb5aa2537395ed142450d69964d2cc9
SSDEEP

393216:Gf3YT4aKjgifvoU7VvF/EBgBEhA5CB1wAEOd4jEcfOLoYlzZckmi:Gf3yzKjbHoU7Vt/EBgWhA2wougcfuKkm

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1792	Foodie Dash.exe

Loads dropped DLL 62 IoCs

pid	Process
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe
1792	Foodie Dash.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Checks SCSI registry key(s) 3 TTPs 4 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	Foodie Dash.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	Foodie Dash.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	Foodie Dash.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	Foodie Dash.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2784	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2784	AUDIODG.EXE

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1792	Foodie Dash.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 5024 wrote to memory of 1792	5024	Foodie-Dash.exe	85
PID 5024 wrote to memory of 1792	5024	Foodie-Dash.exe	85

C:\Users\Admin\AppData\Local\Temp\Foodie-Dash.exe
"C:\Users\Admin\AppData\Local\Temp\Foodie-Dash.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5024
- C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\Foodie Dash.exe
  "C:\Users\Admin\AppData\Local\Temp\Foodie-Dash.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks SCSI registry key(s)
  - Suspicious use of SetWindowsHookEx
  PID:1792

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x50c 0x500
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2784

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_bz2.pyd

Filesize
82KB

MD5
3859239ced9a45399b967ebce5a6ba23

SHA1
6f8ff3df90ac833c1eb69208db462cda8ca3f8d6

SHA256
a4dd883257a7ace84f96bcc6cd59e22d843d0db080606defae32923fc712c75a

SHA512
030e5ce81e36bd55f69d55cbb8385820eb7c1f95342c1a32058f49abeabb485b1c4a30877c07a56c9d909228e45a4196872e14ded4f87adaa8b6ad97463e5c69

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_hashlib.pyd

Filesize
63KB

MD5
4255c44dc64f11f32c961bf275aab3a2

SHA1
c1631b2821a7e8a1783ecfe9a14db453be54c30a

SHA256
e557873d5ad59fd6bd29d0f801ad0651dbb8d9ac21545defe508089e92a15e29

SHA512
7d3a306755a123b246f31994cd812e7922943cdbbc9db5a6e4d3372ea434a635ffd3945b5d2046de669e7983ef2845bd007a441d09cfe05cf346523c12bdad52

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_lzma.pyd

Filesize
155KB

MD5
e5abc3a72996f8fde0bcf709e6577d9d

SHA1
15770bdcd06e171f0b868c803b8cf33a8581edd3

SHA256
1796038480754a680f33a4e37c8b5673cc86c49281a287dc0c5cae984d0cb4bb

SHA512
b347474dc071f2857e1e16965b43db6518e35915b8168bdeff1ead4dff710a1cc9f04ca0ced23a6de40d717eea375eedb0bf3714daf35de6a77f071db33dfae6

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_queue.pyd

Filesize
31KB

MD5
f00133f7758627a15f2d98c034cf1657

SHA1
2f5f54eda4634052f5be24c560154af6647eee05

SHA256
35609869edc57d806925ec52cca9bc5a035e30d5f40549647d4da6d7983f8659

SHA512
1c77dd811d2184beedf3c553c3f4da2144b75c6518543f98c630c59cd597fcbf6fd22cfbb0a7b9ea2fdb7983ff69d0d99e8201f4e84a0629bc5733aa09ffc201

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_socket.pyd

Filesize
77KB

MD5
1eea9568d6fdef29b9963783827f5867

SHA1
a17760365094966220661ad87e57efe09cd85b84

SHA256
74181072392a3727049ea3681fe9e59516373809ced53e08f6da7c496b76e117

SHA512
d9443b70fcdc4d0ea1cb93a88325012d3f99db88c36393a7ded6d04f590e582f7f1640d8b153fe3c5342fa93802a8374f03f6cd37dd40cdbb5ade2e07fad1e09

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\_ssl.pyd

Filesize
157KB

MD5
208b0108172e59542260934a2e7cfa85

SHA1
1d7ffb1b1754b97448eb41e686c0c79194d2ab3a

SHA256
5160500474ec95d4f3af7e467cc70cb37bec1d12545f0299aab6d69cea106c69

SHA512
41abf6deab0f6c048967ca6060c337067f9f8125529925971be86681ec0d3592c72b9cc85dd8bdee5dd3e4e69e3bb629710d2d641078d5618b4f55b8a60cc69d

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\charset_normalizer\md.pyd

Filesize
10KB

MD5
fa50d9f8bce6bd13652f5090e7b82c4d

SHA1
ee137da302a43c2f46d4323e98ffd46d92cf4bef

SHA256
fff69928dea1432e0c7cb1225ab96f94fd38d5d852de9a6bb8bf30b7d2bedceb

SHA512
341cec015e74348eab30d86ebb35c028519703006814a2ecd19b9fe5e6fcb05eda6dde0aaf4fe624d254b0d0180ec32adf3b93ee96295f8f0f4c9d4ed27a7c0c

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\charset_normalizer\md__mypyc.pyd

Filesize
113KB

MD5
2d1f2ffd0fecf96a053043daad99a5df

SHA1
b03d5f889e55e802d3802d0f0caa4d29c538406b

SHA256
207bbae9ddf8bdd64e65a8d600fe1dd0465f2afcd6dc6e28d4d55887cd6cbd13

SHA512
4f7d68f241a7f581e143a010c78113154072c63adff5f200ef67eb34d766d14ce872d53183eb2b96b1895aa9c8d4ca82ee5e61e1c5e655ff5be56970be9ebe3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\libcrypto-1_1.dll

Filesize
3.3MB

MD5
e94733523bcd9a1fb6ac47e10a267287

SHA1
94033b405386d04c75ffe6a424b9814b75c608ac

SHA256
f20eb4efd8647b5273fdaafceb8ccb2b8ba5329665878e01986cbfc1e6832c44

SHA512
07dd0eb86498497e693da0f9dd08de5b7b09052a2d6754cfbc2aa260e7f56790e6c0a968875f7803cb735609b1e9b9c91a91b84913059c561bffed5ab2cbb29f

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\libssl-1_1.dll

Filesize
688KB

MD5
25bde25d332383d1228b2e66a4cb9f3e

SHA1
cd5b9c3dd6aab470d445e3956708a324e93a9160

SHA256
c8f7237e7040a73c2bea567acc9cec373aadd48654aaac6122416e160f08ca13

SHA512
ca2f2139bb456799c9f98ef8d89fd7c09d1972fa5dd8fc01b14b7af00bf8d2c2175fb2c0c41e49a6daf540e67943aad338e33c1556fd6040ef06e0f25bfa88fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\base.pyd

Filesize
30KB

MD5
138fd37d2dedb55cad4becd19dfe1701

SHA1
67d5300a9421003fc25adde5639c20ba677c08df

SHA256
68b6df48912cab0d66ca24fae2cd88f4b0a28661bee76f6917ec6567c34906d3

SHA512
f4f780c3ac498bca935a4a27150c6e8197507bd94f905498bccfbf3a750f47232b57524c9d57f7c65d1f2771492de13a65bc1dca5fba7bc98666b9bfc06be362

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\bufferproxy.pyd

Filesize
18KB

MD5
56e1c16195cb6ef06aa5d6cbe0f5396f

SHA1
15cf001326122ade0b0a50d66e68edd780f1d09e

SHA256
842f601cfdefacf2680cdef1572e1ab2b54d72252629b0e5e23e177a9c4b4a3d

SHA512
594b3bcba13c0a011c70080bb478ad360ab49b9cce4492d23c79b5c904538efd0f83b8873495366147531926bb6a87c81c3f5e402d7b1256bda4592c46dc79ae

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\color.pyd

Filesize
34KB

MD5
400254dae524e7b5cfc48e083c70cf2d

SHA1
06dd9ae3cafca7c8a0c2ff472b33ef59bb11a630

SHA256
3d0a42aa5b47a07448521c4467e7b85f4f3ecb815cb09531d8fce0fe47b31fc9

SHA512
a64ce806bcfd3f87deecebee46bc1198288eefde7213e0922773d5f5d98080e2e0f25021f0e7b8e1acdf6dd7410ae75f4dce3111af1c230917538bceae9f9f55

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\constants.pyd

Filesize
49KB

MD5
7a74caa70749d692f65ba9a72d72f68a

SHA1
4c2d487bf7a6e10245e8b0fbb43c95563e83e2e9

SHA256
17d4d7d5e2758c41fe2cd123b83e453f6c0eb176f0e1dfbaaea28992818d1d1d

SHA512
f5a1cb1b838e36d2ab87e99317720c4a3ae42907254bf0a5c8cb88fb3d6beaa0cada1f762c1cbe9199d8abed96a0fd580e85381d5a7e749225efdc7055b872cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\display.pyd

Filesize
43KB

MD5
42dfb07fdec05f80161c4d8c78f0c7ee

SHA1
ca10cb102fd7052f8be7b5b64a34003d6dc1b58d

SHA256
e466678f013d80af46766daccb24f7feb3b38b8fd8d0754ddc99f8df60131123

SHA512
982edb43a382bd0b9e2b254d278559358b999326037fcc93f97cfbcb6f2d6c077e87d02151deed9374040a5a58d02788a551b251504b3b5fe7a9d2bf2ffb6135

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\draw.pyd

Filesize
48KB

MD5
eca64cf85d3be9e1ba2518c67fd54f52

SHA1
1ca4edf6973550d448467bf201da83059dd7fb64

SHA256
fc5be1cdd2b3a577e9fae91211e6a65c37afdb6cf554f28898338e8ba078acb7

SHA512
7b5192e56e80848a8e81cfc877f0cdd10523c496ec715deb3f0c39a0bef64be884434c14780e53fb6579e9fa2c6e33e8bb3f2c085d64d2a0ce8aa4d76beab434

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\event.pyd

Filesize
43KB

MD5
674fe500bda0369d41635df4c59922fe

SHA1
fabfa7a1d6c53daf9af04d95e665b8c9f02e0836

SHA256
4772da14fe80da602d7b133f4c57309206ee56190a609728e9fbd99d11a56ba6

SHA512
da0630c02ad729e2a31ee6ad63060b0403e1bbe947fc08f55d6af62a0547c1d64460b7cbf89dc78b43a3f6a080bb4fc6ca16e95ebef79a836ccf7b9a0ec21e85

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\image.pyd

Filesize
29KB

MD5
c6079cf3ce68c8585c3c7a62e40fc41f

SHA1
d4713b22b041b80d1163132bc6933c9e803e06b5

SHA256
fd2146e62b9348f72238cbac486682983097e284d0d2b1875704eb0e21f71c74

SHA512
82ef4c1dd2b1de63437aba0b74b9ce3faf844d0ee6d3325744c1f3bb8812b33979ef0301abd6b5d05e287148647b7808d825b2ed9d27e6fe05b6ee08c982ed4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\imageext.pyd

Filesize
17KB

MD5
cf7d1bf9f97fd57b568f85c8472969fb

SHA1
f3621f16c4d9f9e1e93eb8a0c760cf16abcd6792

SHA256
dc20efec940803a7ca7da4afb3a6f85751c3838785dfa8cc19d96eff722ded1b

SHA512
5838569f39f05debcb16a0042e13cc2f326eb371a8c8127452d55db261e95759c2c12a2bb321d53381ab7f9191d2f44017632ab6cc2c776867ce69c92fbd1a28

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\math.pyd

Filesize
74KB

MD5
209299013485adfe9d13458f8e8bad5a

SHA1
17244829b177fa2cf8af8ca7d5386d9149767cd6

SHA256
9b2a7030329d33fe55a17db2cc2de0ab1777f0710c4009ebf51aa91635296576

SHA512
3b0d292ccf39b12d236df3f925602260f2d0ffedebf4faa0718d5577e00c0f85666f2ce28e145ae3932d5a8425bda14c48ae5befe051f1243364809d116f5714

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\rect.pyd

Filesize
44KB

MD5
529958675ca33d27d9c076e66140442d

SHA1
168f86b312c7b13d9d3914ccb151cfe7b93d7817

SHA256
a951bc8f366b15dafbca736f00aa5d847a28458b123fce243084950236947bbd

SHA512
8aabfb678b1240730c6bd6048875a58964eeb26224a60c2f59df7f62429d774b7f257c4041d30df35e0ba1f03a46ff5ed1e3624fc48dc996c7ec941db1ccabb7

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\rwobject.pyd

Filesize
19KB

MD5
fdc80a03ee3c210bdea9958af8303534

SHA1
2da3c645956787e82c96053a5a3a161e4e39d161

SHA256
b7f875b78c10ac3098348c702bc6abb8709c6958c9e17f0b540ff3c834b79aa1

SHA512
07b225acebe48502f9198a5475fdee472b95a127f93dd0b8e47604a01392fb3e67462f4fa9a9f1e161a2ce994ed30f25dda8123d9876e31ac12e1a944ce9942c

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\surface.pyd

Filesize
234KB

MD5
bba2bd996872aa58918c82bf19d623d0

SHA1
f479a40caff0ca8a8fb670c99079a784e9b7d0cd

SHA256
c5061dd199c7c8fa8edd23c33521ee73ada44dce8a3a268c64c7df26eca04d51

SHA512
4bd8f53376d8ffa9411b702f03943facbbd11c84eebb1a4a98146625b9d75fc3ce4d5c5d0390042e8b328d9b03c7f7d9e8cacdc3b8b85ee3a93180c4b6a4c041

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\pygame\surflock.pyd

Filesize
13KB

MD5
d6461f8add9fd49fa892819fcf014a3c

SHA1
6011e31ed3d6ff7a2975f4d33cca48bc242cefe4

SHA256
7f7edb191c906f6dd2dc2334be3884fa196cdf73ee1c51edb6a286895886296b

SHA512
305d3750122ec4193294af67ad2cc8b27281c85df01aaa7a0c0c278c7a09985773a5417fdbd07eb22f77b078e1777be4613455407de3767b73b0a5f45114fab6

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\select.pyd

Filesize
29KB

MD5
c97a587e19227d03a85e90a04d7937f6

SHA1
463703cf1cac4e2297b442654fc6169b70cfb9bf

SHA256
c4aa9a106381835cfb5f9badfb9d77df74338bc66e69183757a5a3774ccdaccf

SHA512
97784363f3b0b794d2f9fd6a2c862d64910c71591006a34eedff989ecca669ac245b3dfe68eaa6da621209a3ab61d36e9118ebb4be4c0e72ce80fab7b43bde12

Download Submit
C:\Users\Admin\AppData\Local\Temp\ONEFIL~1\unicodedata.pyd

Filesize
1.1MB

MD5
aa13ee6770452af73828b55af5cd1a32

SHA1
c01ece61c7623e36a834d8b3c660e7f28c91177e

SHA256
8fbed20e9225ff82132e97b4fefbb5ddbc10c062d9e3f920a6616ab27bb5b0fb

SHA512
b2eeb9a7d4a32e91084fdae302953aac57388a5390f9404d8dfe5c4a8f66ca2ab73253cf5ba4cc55350d8306230dd1114a61e22c23f42fbcc5c0098046e97e0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\Foodie Dash.exe

Filesize
24.5MB

MD5
1005b66cccead3a0f3ed46bb0c4eb821

SHA1
57e23cb43e4ee70d7fbf0802a801460139fb8f0e

SHA256
8be5244f874897cdb137e16f4dfe096293ed2f2827d218b258c2cfea4eaee209

SHA512
f72f95927a4fa3eb49215892b58e241e45ca502a5868ac07d333de41423f86df417a326a6e4db8d588789f1e4834cd8c8a6bf7c67c00f5b2fec100c47353b164

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\Foodie Dash.exe

Filesize
24.5MB

MD5
1005b66cccead3a0f3ed46bb0c4eb821

SHA1
57e23cb43e4ee70d7fbf0802a801460139fb8f0e

SHA256
8be5244f874897cdb137e16f4dfe096293ed2f2827d218b258c2cfea4eaee209

SHA512
f72f95927a4fa3eb49215892b58e241e45ca502a5868ac07d333de41423f86df417a326a6e4db8d588789f1e4834cd8c8a6bf7c67c00f5b2fec100c47353b164

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\SDL2.dll

Filesize
2.4MB

MD5
c7625512215f34fad03c3dae088256e2

SHA1
d6dd56a5d683358ebe84ecf50c6acd8c6a72e0fe

SHA256
b03f188230610d8865fa5150a772a5d4fad6c9d9f9eecfabc7372000f51c5630

SHA512
05a86261211749379e69d8b965f806af01647b1683c4191504af75798ea71ba9f5d6e5d5835763bcc5efd095a240485f5911dc3f5ec60542517203ca7aec738a

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\SDL2_image.dll

Filesize
122KB

MD5
b8d249a5e394b4e6a954c557af1b80e6

SHA1
b03bb9d09447114a018110bfb91d56ef8d5ec3bb

SHA256
1e364af75fee0c83506fbdfd4d5b0e386c4e9c6a33ddbddac61ddb131e360194

SHA512
2f2e248c3963711f1a9f5d8baea5b8527d1df1748cd7e33bf898a380ae748f7a65629438711ff9a5343e64762ec0b5dc478cdf19fbf7111dac9d11a8427e0007

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\VCRUNTIME140.dll

Filesize
106KB

MD5
4585a96cc4eef6aafd5e27ea09147dc6

SHA1
489cfff1b19abbec98fda26ac8958005e88dd0cb

SHA256
a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736

SHA512
d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_bz2.pyd

Filesize
82KB

MD5
3859239ced9a45399b967ebce5a6ba23

SHA1
6f8ff3df90ac833c1eb69208db462cda8ca3f8d6

SHA256
a4dd883257a7ace84f96bcc6cd59e22d843d0db080606defae32923fc712c75a

SHA512
030e5ce81e36bd55f69d55cbb8385820eb7c1f95342c1a32058f49abeabb485b1c4a30877c07a56c9d909228e45a4196872e14ded4f87adaa8b6ad97463e5c69

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_hashlib.pyd

Filesize
63KB

MD5
4255c44dc64f11f32c961bf275aab3a2

SHA1
c1631b2821a7e8a1783ecfe9a14db453be54c30a

SHA256
e557873d5ad59fd6bd29d0f801ad0651dbb8d9ac21545defe508089e92a15e29

SHA512
7d3a306755a123b246f31994cd812e7922943cdbbc9db5a6e4d3372ea434a635ffd3945b5d2046de669e7983ef2845bd007a441d09cfe05cf346523c12bdad52

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_lzma.pyd

Filesize
155KB

MD5
e5abc3a72996f8fde0bcf709e6577d9d

SHA1
15770bdcd06e171f0b868c803b8cf33a8581edd3

SHA256
1796038480754a680f33a4e37c8b5673cc86c49281a287dc0c5cae984d0cb4bb

SHA512
b347474dc071f2857e1e16965b43db6518e35915b8168bdeff1ead4dff710a1cc9f04ca0ced23a6de40d717eea375eedb0bf3714daf35de6a77f071db33dfae6

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_queue.pyd

Filesize
31KB

MD5
f00133f7758627a15f2d98c034cf1657

SHA1
2f5f54eda4634052f5be24c560154af6647eee05

SHA256
35609869edc57d806925ec52cca9bc5a035e30d5f40549647d4da6d7983f8659

SHA512
1c77dd811d2184beedf3c553c3f4da2144b75c6518543f98c630c59cd597fcbf6fd22cfbb0a7b9ea2fdb7983ff69d0d99e8201f4e84a0629bc5733aa09ffc201

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_socket.pyd

Filesize
77KB

MD5
1eea9568d6fdef29b9963783827f5867

SHA1
a17760365094966220661ad87e57efe09cd85b84

SHA256
74181072392a3727049ea3681fe9e59516373809ced53e08f6da7c496b76e117

SHA512
d9443b70fcdc4d0ea1cb93a88325012d3f99db88c36393a7ded6d04f590e582f7f1640d8b153fe3c5342fa93802a8374f03f6cd37dd40cdbb5ade2e07fad1e09

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\_ssl.pyd

Filesize
157KB

MD5
208b0108172e59542260934a2e7cfa85

SHA1
1d7ffb1b1754b97448eb41e686c0c79194d2ab3a

SHA256
5160500474ec95d4f3af7e467cc70cb37bec1d12545f0299aab6d69cea106c69

SHA512
41abf6deab0f6c048967ca6060c337067f9f8125529925971be86681ec0d3592c72b9cc85dd8bdee5dd3e4e69e3bb629710d2d641078d5618b4f55b8a60cc69d

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\charset_normalizer\md.pyd

Filesize
10KB

MD5
fa50d9f8bce6bd13652f5090e7b82c4d

SHA1
ee137da302a43c2f46d4323e98ffd46d92cf4bef

SHA256
fff69928dea1432e0c7cb1225ab96f94fd38d5d852de9a6bb8bf30b7d2bedceb

SHA512
341cec015e74348eab30d86ebb35c028519703006814a2ecd19b9fe5e6fcb05eda6dde0aaf4fe624d254b0d0180ec32adf3b93ee96295f8f0f4c9d4ed27a7c0c

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\charset_normalizer\md__mypyc.pyd

Filesize
113KB

MD5
2d1f2ffd0fecf96a053043daad99a5df

SHA1
b03d5f889e55e802d3802d0f0caa4d29c538406b

SHA256
207bbae9ddf8bdd64e65a8d600fe1dd0465f2afcd6dc6e28d4d55887cd6cbd13

SHA512
4f7d68f241a7f581e143a010c78113154072c63adff5f200ef67eb34d766d14ce872d53183eb2b96b1895aa9c8d4ca82ee5e61e1c5e655ff5be56970be9ebe3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\libcrypto-1_1.dll

Filesize
3.3MB

MD5
e94733523bcd9a1fb6ac47e10a267287

SHA1
94033b405386d04c75ffe6a424b9814b75c608ac

SHA256
f20eb4efd8647b5273fdaafceb8ccb2b8ba5329665878e01986cbfc1e6832c44

SHA512
07dd0eb86498497e693da0f9dd08de5b7b09052a2d6754cfbc2aa260e7f56790e6c0a968875f7803cb735609b1e9b9c91a91b84913059c561bffed5ab2cbb29f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\libpng16-16.dll

Filesize
206KB

MD5
3a26cd3f92436747d2285dcef1fae67f

SHA1
e3d1403be06beb32fc8dc7e8a58c31e18b586a70

SHA256
e688b4a4d18f4b6ccc99c6ca4980f51218cb825610775192d9b60b2f05eff2d5

SHA512
73d651f063246723807d837811ead30e3faca8cb0581603f264c28fea1b2bdb6d874a73c1288c7770e95463786d6945b065d4ca1cf553e08220aea4e78a6f37f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\libpng16-16.dll

Filesize
206KB

MD5
3a26cd3f92436747d2285dcef1fae67f

SHA1
e3d1403be06beb32fc8dc7e8a58c31e18b586a70

SHA256
e688b4a4d18f4b6ccc99c6ca4980f51218cb825610775192d9b60b2f05eff2d5

SHA512
73d651f063246723807d837811ead30e3faca8cb0581603f264c28fea1b2bdb6d874a73c1288c7770e95463786d6945b065d4ca1cf553e08220aea4e78a6f37f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\libssl-1_1.dll

Filesize
688KB

MD5
25bde25d332383d1228b2e66a4cb9f3e

SHA1
cd5b9c3dd6aab470d445e3956708a324e93a9160

SHA256
c8f7237e7040a73c2bea567acc9cec373aadd48654aaac6122416e160f08ca13

SHA512
ca2f2139bb456799c9f98ef8d89fd7c09d1972fa5dd8fc01b14b7af00bf8d2c2175fb2c0c41e49a6daf540e67943aad338e33c1556fd6040ef06e0f25bfa88fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\base.pyd

Filesize
30KB

MD5
138fd37d2dedb55cad4becd19dfe1701

SHA1
67d5300a9421003fc25adde5639c20ba677c08df

SHA256
68b6df48912cab0d66ca24fae2cd88f4b0a28661bee76f6917ec6567c34906d3

SHA512
f4f780c3ac498bca935a4a27150c6e8197507bd94f905498bccfbf3a750f47232b57524c9d57f7c65d1f2771492de13a65bc1dca5fba7bc98666b9bfc06be362

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\bufferproxy.pyd

Filesize
18KB

MD5
56e1c16195cb6ef06aa5d6cbe0f5396f

SHA1
15cf001326122ade0b0a50d66e68edd780f1d09e

SHA256
842f601cfdefacf2680cdef1572e1ab2b54d72252629b0e5e23e177a9c4b4a3d

SHA512
594b3bcba13c0a011c70080bb478ad360ab49b9cce4492d23c79b5c904538efd0f83b8873495366147531926bb6a87c81c3f5e402d7b1256bda4592c46dc79ae

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\color.pyd

Filesize
34KB

MD5
400254dae524e7b5cfc48e083c70cf2d

SHA1
06dd9ae3cafca7c8a0c2ff472b33ef59bb11a630

SHA256
3d0a42aa5b47a07448521c4467e7b85f4f3ecb815cb09531d8fce0fe47b31fc9

SHA512
a64ce806bcfd3f87deecebee46bc1198288eefde7213e0922773d5f5d98080e2e0f25021f0e7b8e1acdf6dd7410ae75f4dce3111af1c230917538bceae9f9f55

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\constants.pyd

Filesize
49KB

MD5
7a74caa70749d692f65ba9a72d72f68a

SHA1
4c2d487bf7a6e10245e8b0fbb43c95563e83e2e9

SHA256
17d4d7d5e2758c41fe2cd123b83e453f6c0eb176f0e1dfbaaea28992818d1d1d

SHA512
f5a1cb1b838e36d2ab87e99317720c4a3ae42907254bf0a5c8cb88fb3d6beaa0cada1f762c1cbe9199d8abed96a0fd580e85381d5a7e749225efdc7055b872cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\display.pyd

Filesize
43KB

MD5
42dfb07fdec05f80161c4d8c78f0c7ee

SHA1
ca10cb102fd7052f8be7b5b64a34003d6dc1b58d

SHA256
e466678f013d80af46766daccb24f7feb3b38b8fd8d0754ddc99f8df60131123

SHA512
982edb43a382bd0b9e2b254d278559358b999326037fcc93f97cfbcb6f2d6c077e87d02151deed9374040a5a58d02788a551b251504b3b5fe7a9d2bf2ffb6135

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\draw.pyd

Filesize
48KB

MD5
eca64cf85d3be9e1ba2518c67fd54f52

SHA1
1ca4edf6973550d448467bf201da83059dd7fb64

SHA256
fc5be1cdd2b3a577e9fae91211e6a65c37afdb6cf554f28898338e8ba078acb7

SHA512
7b5192e56e80848a8e81cfc877f0cdd10523c496ec715deb3f0c39a0bef64be884434c14780e53fb6579e9fa2c6e33e8bb3f2c085d64d2a0ce8aa4d76beab434

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\event.pyd

Filesize
43KB

MD5
674fe500bda0369d41635df4c59922fe

SHA1
fabfa7a1d6c53daf9af04d95e665b8c9f02e0836

SHA256
4772da14fe80da602d7b133f4c57309206ee56190a609728e9fbd99d11a56ba6

SHA512
da0630c02ad729e2a31ee6ad63060b0403e1bbe947fc08f55d6af62a0547c1d64460b7cbf89dc78b43a3f6a080bb4fc6ca16e95ebef79a836ccf7b9a0ec21e85

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\image.pyd

Filesize
29KB

MD5
c6079cf3ce68c8585c3c7a62e40fc41f

SHA1
d4713b22b041b80d1163132bc6933c9e803e06b5

SHA256
fd2146e62b9348f72238cbac486682983097e284d0d2b1875704eb0e21f71c74

SHA512
82ef4c1dd2b1de63437aba0b74b9ce3faf844d0ee6d3325744c1f3bb8812b33979ef0301abd6b5d05e287148647b7808d825b2ed9d27e6fe05b6ee08c982ed4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\imageext.pyd

Filesize
17KB

MD5
cf7d1bf9f97fd57b568f85c8472969fb

SHA1
f3621f16c4d9f9e1e93eb8a0c760cf16abcd6792

SHA256
dc20efec940803a7ca7da4afb3a6f85751c3838785dfa8cc19d96eff722ded1b

SHA512
5838569f39f05debcb16a0042e13cc2f326eb371a8c8127452d55db261e95759c2c12a2bb321d53381ab7f9191d2f44017632ab6cc2c776867ce69c92fbd1a28

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\math.pyd

Filesize
74KB

MD5
209299013485adfe9d13458f8e8bad5a

SHA1
17244829b177fa2cf8af8ca7d5386d9149767cd6

SHA256
9b2a7030329d33fe55a17db2cc2de0ab1777f0710c4009ebf51aa91635296576

SHA512
3b0d292ccf39b12d236df3f925602260f2d0ffedebf4faa0718d5577e00c0f85666f2ce28e145ae3932d5a8425bda14c48ae5befe051f1243364809d116f5714

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\rect.pyd

Filesize
44KB

MD5
529958675ca33d27d9c076e66140442d

SHA1
168f86b312c7b13d9d3914ccb151cfe7b93d7817

SHA256
a951bc8f366b15dafbca736f00aa5d847a28458b123fce243084950236947bbd

SHA512
8aabfb678b1240730c6bd6048875a58964eeb26224a60c2f59df7f62429d774b7f257c4041d30df35e0ba1f03a46ff5ed1e3624fc48dc996c7ec941db1ccabb7

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\rwobject.pyd

Filesize
19KB

MD5
fdc80a03ee3c210bdea9958af8303534

SHA1
2da3c645956787e82c96053a5a3a161e4e39d161

SHA256
b7f875b78c10ac3098348c702bc6abb8709c6958c9e17f0b540ff3c834b79aa1

SHA512
07b225acebe48502f9198a5475fdee472b95a127f93dd0b8e47604a01392fb3e67462f4fa9a9f1e161a2ce994ed30f25dda8123d9876e31ac12e1a944ce9942c

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\surface.pyd

Filesize
234KB

MD5
bba2bd996872aa58918c82bf19d623d0

SHA1
f479a40caff0ca8a8fb670c99079a784e9b7d0cd

SHA256
c5061dd199c7c8fa8edd23c33521ee73ada44dce8a3a268c64c7df26eca04d51

SHA512
4bd8f53376d8ffa9411b702f03943facbbd11c84eebb1a4a98146625b9d75fc3ce4d5c5d0390042e8b328d9b03c7f7d9e8cacdc3b8b85ee3a93180c4b6a4c041

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\pygame\surflock.pyd

Filesize
13KB

MD5
d6461f8add9fd49fa892819fcf014a3c

SHA1
6011e31ed3d6ff7a2975f4d33cca48bc242cefe4

SHA256
7f7edb191c906f6dd2dc2334be3884fa196cdf73ee1c51edb6a286895886296b

SHA512
305d3750122ec4193294af67ad2cc8b27281c85df01aaa7a0c0c278c7a09985773a5417fdbd07eb22f77b078e1777be4613455407de3767b73b0a5f45114fab6

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\python311.dll

Filesize
5.5MB

MD5
5a5dd7cad8028097842b0afef45bfbcf

SHA1
e247a2e460687c607253949c52ae2801ff35dc4a

SHA256
a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

SHA512
e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\python311.dll

Filesize
5.5MB

MD5
5a5dd7cad8028097842b0afef45bfbcf

SHA1
e247a2e460687c607253949c52ae2801ff35dc4a

SHA256
a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

SHA512
e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\sdl2.dll

Filesize
2.4MB

MD5
c7625512215f34fad03c3dae088256e2

SHA1
d6dd56a5d683358ebe84ecf50c6acd8c6a72e0fe

SHA256
b03f188230610d8865fa5150a772a5d4fad6c9d9f9eecfabc7372000f51c5630

SHA512
05a86261211749379e69d8b965f806af01647b1683c4191504af75798ea71ba9f5d6e5d5835763bcc5efd095a240485f5911dc3f5ec60542517203ca7aec738a

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\sdl2_image.dll

Filesize
122KB

MD5
b8d249a5e394b4e6a954c557af1b80e6

SHA1
b03bb9d09447114a018110bfb91d56ef8d5ec3bb

SHA256
1e364af75fee0c83506fbdfd4d5b0e386c4e9c6a33ddbddac61ddb131e360194

SHA512
2f2e248c3963711f1a9f5d8baea5b8527d1df1748cd7e33bf898a380ae748f7a65629438711ff9a5343e64762ec0b5dc478cdf19fbf7111dac9d11a8427e0007

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\select.pyd

Filesize
29KB

MD5
c97a587e19227d03a85e90a04d7937f6

SHA1
463703cf1cac4e2297b442654fc6169b70cfb9bf

SHA256
c4aa9a106381835cfb5f9badfb9d77df74338bc66e69183757a5a3774ccdaccf

SHA512
97784363f3b0b794d2f9fd6a2c862d64910c71591006a34eedff989ecca669ac245b3dfe68eaa6da621209a3ab61d36e9118ebb4be4c0e72ce80fab7b43bde12

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\unicodedata.pyd

Filesize
1.1MB

MD5
aa13ee6770452af73828b55af5cd1a32

SHA1
c01ece61c7623e36a834d8b3c660e7f28c91177e

SHA256
8fbed20e9225ff82132e97b4fefbb5ddbc10c062d9e3f920a6616ab27bb5b0fb

SHA512
b2eeb9a7d4a32e91084fdae302953aac57388a5390f9404d8dfe5c4a8f66ca2ab73253cf5ba4cc55350d8306230dd1114a61e22c23f42fbcc5c0098046e97e0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\onefile_5024_133323486971513529\vcruntime140.dll

Filesize
106KB

MD5
4585a96cc4eef6aafd5e27ea09147dc6

SHA1
489cfff1b19abbec98fda26ac8958005e88dd0cb

SHA256
a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736

SHA512
d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

Download Submit
memory/1792-272-0x00007FFC2C640000-0x00007FFC2C8AB000-memory.dmp

Filesize
2.4MB

Download
memory/1792-273-0x000000006A880000-0x000000006A8A7000-memory.dmp

Filesize
156KB

Download
memory/1792-274-0x0000000068B40000-0x0000000068B7C000-memory.dmp

Filesize
240KB

Download
memory/1792-276-0x00007FFC2C490000-0x00007FFC2C612000-memory.dmp

Filesize
1.5MB

Download
memory/1792-277-0x00007FFC2C400000-0x00007FFC2C451000-memory.dmp

Filesize
324KB

Download
memory/1792-275-0x0000000062E80000-0x0000000062EA4000-memory.dmp

Filesize
144KB

Download
memory/1792-278-0x00007FFC2A4D0000-0x00007FFC2C3AA000-memory.dmp

Filesize
30.9MB

Download
memory/1792-281-0x00007FFC2C640000-0x00007FFC2C8AB000-memory.dmp

Filesize
2.4MB

Download
memory/1792-282-0x000000006A880000-0x000000006A8A7000-memory.dmp

Filesize
156KB

Download
memory/1792-283-0x0000000068B40000-0x0000000068B7C000-memory.dmp

Filesize
240KB

Download
memory/1792-284-0x0000000062E80000-0x0000000062EA4000-memory.dmp

Filesize
144KB

Download
memory/1792-285-0x00007FFC2C490000-0x00007FFC2C612000-memory.dmp

Filesize
1.5MB

Download
memory/1792-286-0x00007FFC2C400000-0x00007FFC2C451000-memory.dmp

Filesize
324KB

Download
memory/1792-287-0x00007FFC2A4D0000-0x00007FFC2C3AA000-memory.dmp

Filesize
30.9MB

Download