a7c997ba3c3e91c048f80f96f08754948428f6d3fe4001bab79c4ae09d06c5e0

Analysis

max time kernel
149s
max time network
166s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
13/07/2023, 14:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

LegacyLauncher_Installer_legacy.exe
Size

112.3MB
MD5

53eea8664d54198e1989301b12f795da
SHA1

00bddca8bba387a76d6f18fc942859acf9ff5a60
SHA256

a7c997ba3c3e91c048f80f96f08754948428f6d3fe4001bab79c4ae09d06c5e0
SHA512

e05bd2e369b19b818f715a14ceb2c35b2f8409e5524d347d3093ef82667675bf719af17ab77412156aa62748aa17572d622b163bb6d187d917282f49e56ff831
SSDEEP

3145728:kNS0yY1k/bQS8yJQZI3XeKBPKi2O3hE4AGzUVeQgnFV:koqcQ+3XHD2OxEfPQQgnFV

Score

7^/10

discovery persistence

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2969888527-3102471180-2307688834-1000\Control Panel\International\Geo\Nation	java.exe

Executes dropped EXE 4 IoCs

pid	Process
2844	LegacyLauncher_Installer_legacy.tmp
2016	TL.exe
2232	javaw.exe
2160	java.exe

Loads dropped DLL 64 IoCs

pid	Process
2952	LegacyLauncher_Installer_legacy.exe
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2016	TL.exe
2016	TL.exe
2016	TL.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2232	javaw.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe
2160	java.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2969888527-3102471180-2307688834-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 9 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	javaw.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	java.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	javaw.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	java.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	java.exe

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2969888527-3102471180-2307688834-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2840	chrome.exe
2840	chrome.exe

Suspicious use of AdjustPrivilegeToken 24 IoCs

description	pid	Process
Token: SeBackupPrivilege	2160	java.exe
Token: SeBackupPrivilege	2160	java.exe
Token: SeSecurityPrivilege	2160	java.exe
Token: SeDebugPrivilege	2160	java.exe
Token: SeShutdownPrivilege	2596	chrome.exe
Token: SeShutdownPrivilege	2596	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2596	chrome.exe
Token: SeShutdownPrivilege	2596	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeDebugPrivilege	2192	firefox.exe
Token: SeDebugPrivilege	2192	firefox.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe
Token: SeShutdownPrivilege	2840	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2844	LegacyLauncher_Installer_legacy.tmp
2840	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe
2840	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2160	java.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2952 wrote to memory of 2844	2952	LegacyLauncher_Installer_legacy.exe	28
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2844 wrote to memory of 2016	2844	LegacyLauncher_Installer_legacy.tmp	33
PID 2016 wrote to memory of 2232	2016	TL.exe	34
PID 2016 wrote to memory of 2232	2016	TL.exe	34
PID 2016 wrote to memory of 2232	2016	TL.exe	34
PID 2016 wrote to memory of 2232	2016	TL.exe	34
PID 2232 wrote to memory of 2160	2232	javaw.exe	36
PID 2232 wrote to memory of 2160	2232	javaw.exe	36
PID 2232 wrote to memory of 2160	2232	javaw.exe	36
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 772 wrote to memory of 2192	772	firefox.exe	39
PID 2596 wrote to memory of 332	2596	chrome.exe	40
PID 2596 wrote to memory of 332	2596	chrome.exe	40
PID 2596 wrote to memory of 332	2596	chrome.exe	40
PID 2840 wrote to memory of 2812	2840	chrome.exe	42
PID 2840 wrote to memory of 2812	2840	chrome.exe	42
PID 2840 wrote to memory of 2812	2840	chrome.exe	42
PID 2192 wrote to memory of 2900	2192	firefox.exe	44
PID 2192 wrote to memory of 2900	2192	firefox.exe	44
PID 2192 wrote to memory of 2900	2192	firefox.exe	44
PID 2840 wrote to memory of 2888	2840	chrome.exe	45
PID 2840 wrote to memory of 2888	2840	chrome.exe	45
PID 2840 wrote to memory of 2888	2840	chrome.exe	45
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46
PID 2596 wrote to memory of 1260	2596	chrome.exe	46

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe
"C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2952
- C:\Users\Admin\AppData\Local\Temp\is-9PV8B.tmp\LegacyLauncher_Installer_legacy.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-9PV8B.tmp\LegacyLauncher_Installer_legacy.tmp" /SL5="$4018C,115841256,1202688,C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2844
- - C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe
    "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:2016
  - - C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe
      "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe" -Xmx128m -Dtlauncher.bootstrap.restartExec=TL.exe -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Checks processor information in registry
      Suspicious use of WriteProcessMemory
      PID:2232
    - - C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.exe
        
        C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.exe -Xmx128m -Dfile.encoding=UTF-8 -Dtlauncher.systemCharset=windows-1252 -Dtlauncher.logFolder=C:\Users\Admin\AppData\Roaming\.tlauncher\logs --add-exports java.desktop/sun.awt=javafx.swing -Dtlauncher.bootstrap.restartExec=TL.exe -classpath C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar ru.turikhay.tlauncher.bootstrap.Bootstrap --packageMode windows --targetJar launcher/launcher.jar --targetLibFolder launcher/libraries -- --settings tl.properties
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        Checks processor information in registry
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of SetWindowsHookEx
        
        PID:2160

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6549758,0x7fef6549768,0x7fef6549778
  2⤵
  PID:332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1124 --field-trial-handle=1216,i,9879528892107230772,17538445583593999850,131072 /prefetch:2
  2⤵
  PID:1260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1216,i,9879528892107230772,17538445583593999850,131072 /prefetch:8
  2⤵
  PID:3060

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:772
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2192
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.0.600258425\408896458" -parentBuildID 20221007134813 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 20860 -prefMapSize 232645 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3a5831d-67dc-4e53-b9de-4c04d2742242} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 1292 11dbbf58 gpu
    3⤵
    PID:2900
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.1.1863101175\1033740370" -parentBuildID 20221007134813 -prefsHandle 1472 -prefMapHandle 1468 -prefsLen 20941 -prefMapSize 232645 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4080c63d-a4c9-4083-bef2-9356ce9e5cf4} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 1484 e70758 socket
    3⤵
    PID:2660
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.2.1267159839\1646805057" -childID 1 -isForBrowser -prefsHandle 2260 -prefMapHandle 2032 -prefsLen 20979 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2baaeb61-f0f0-4000-bf3a-91b60ca11d1e} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 2272 1b0ab858 tab
    3⤵
    PID:2740
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.3.853350171\185043370" -childID 2 -isForBrowser -prefsHandle 2540 -prefMapHandle 780 -prefsLen 26404 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56213c20-9df3-4078-97f7-5035d8dca1f5} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 2556 1bb1dc58 tab
    3⤵
    PID:2752
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.4.1931110191\1464070087" -childID 3 -isForBrowser -prefsHandle 2832 -prefMapHandle 2828 -prefsLen 26404 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1953b233-51ff-4f99-97eb-a936147bb23f} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 2844 e62858 tab
    3⤵
    PID:2252
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.5.2023878689\1728596541" -childID 4 -isForBrowser -prefsHandle 3204 -prefMapHandle 3616 -prefsLen 26463 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {688d2a43-3928-44e7-b00a-a895e907a211} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3624 19d52958 tab
    3⤵
    PID:3136
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.6.966571198\477744914" -childID 5 -isForBrowser -prefsHandle 3544 -prefMapHandle 3212 -prefsLen 26463 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5235186-f2ce-4baa-86d8-8b876c8cfe60} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3640 1b1f4a58 tab
    3⤵
    PID:3148
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.7.237062629\534232693" -childID 6 -isForBrowser -prefsHandle 3812 -prefMapHandle 3808 -prefsLen 26463 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4e335353-661c-4d09-867f-2fd948d6cb49} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3824 1b175858 tab
    3⤵
    PID:3176
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.8.1750430583\987794882" -childID 7 -isForBrowser -prefsHandle 2568 -prefMapHandle 856 -prefsLen 26463 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3392fb26-1696-402c-93eb-1ca818285b20} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 2612 123bc358 tab
    3⤵
    PID:3912
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.9.931969807\1772933098" -childID 8 -isForBrowser -prefsHandle 3496 -prefMapHandle 2852 -prefsLen 26638 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e64c6-fa85-4148-8ca7-dafdabb0ddbd} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 4424 21dcf058 tab
    3⤵
    PID:2272
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.10.261398192\2090386400" -parentBuildID 20221007134813 -prefsHandle 8232 -prefMapHandle 8288 -prefsLen 26638 -prefMapSize 232645 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14ff25f8-481a-4c95-87a7-91836cbf7777} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 8316 2201fe58 rdd
    3⤵
    PID:572
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.11.1554316613\78854376" -childID 9 -isForBrowser -prefsHandle 8136 -prefMapHandle 3736 -prefsLen 26638 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {08cf8287-e748-4fff-9d4c-0d3ec3274133} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 8128 21d3ab58 tab
    3⤵
    PID:3904
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.12.803181497\992713731" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 3428 -prefMapHandle 3460 -prefsLen 26638 -prefMapSize 232645 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b662f5a3-90bd-4518-a861-d7c1e4320d75} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3440 21ee4a58 utility
    3⤵
    PID:3820
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.15.323798332\1883964003" -childID 12 -isForBrowser -prefsHandle 7728 -prefMapHandle 7724 -prefsLen 26903 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ac82cf7-5e39-4bca-aa2d-9a1bcaa462ff} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 7740 22780258 tab
    3⤵
    PID:1644
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.14.924252066\1016673675" -childID 11 -isForBrowser -prefsHandle 7900 -prefMapHandle 7896 -prefsLen 26903 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8722aa7c-c4d5-49a5-8f4f-e28adb00a54a} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 7912 21ee3b58 tab
    3⤵
    PID:3952
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.13.233181885\1043973471" -childID 10 -isForBrowser -prefsHandle 8072 -prefMapHandle 3920 -prefsLen 26903 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f91b5bd6-0cfc-4049-a7c9-adc359e3e70c} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3664 19711e58 tab
    3⤵
    PID:3924
- - C:\Users\Admin\Downloads\MediaCreationTool22H2.exe
    "C:\Users\Admin\Downloads\MediaCreationTool22H2.exe"
    3⤵
    PID:4080
- - C:\Users\Admin\Downloads\MediaCreationTool22H2.exe
    "C:\Users\Admin\Downloads\MediaCreationTool22H2.exe"
    3⤵
    PID:3660
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.16.1975410653\862090225" -childID 13 -isForBrowser -prefsHandle 3972 -prefMapHandle 4180 -prefsLen 27135 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {71e8bc3b-fbc4-420e-aaf9-ddeeaa4214b1} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3928 22108c58 tab
    3⤵
    PID:3376
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2192.17.1309904767\1452506445" -childID 14 -isForBrowser -prefsHandle 8388 -prefMapHandle 2944 -prefsLen 27135 -prefMapSize 232645 -jsInitHandle 884 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5656d9b-80f1-471b-89eb-723146834e5e} 2192 "\\.\pipe\gecko-crash-server-pipe.2192" 3828 20806b58 tab
    3⤵
    PID:2628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6549758,0x7fef6549768,0x7fef6549778
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1196 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:2
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1448 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1524 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2244 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2224 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1380 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:2
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3220 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3320 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3224 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:1
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3560 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3600 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3312 --field-trial-handle=1208,i,1755508474220912228,1317721807695074671,131072 /prefetch:8
  2⤵
  PID:3096

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1216

C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe
"C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe"
1⤵
PID:3448
- C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe
  "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe" -Xmx128m -Dtlauncher.bootstrap.restartExec=TL.exe -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar"
  2⤵
  PID:1216

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\28803f71-c392-4c48-ac75-362af5738083.tmp

Filesize
175KB

MD5
df0124dfdad45c4ee1521c05e123c35d

SHA1
d3f0c5171fae80f924d1d54c9ffcc62c19cb0aaf

SHA256
dfce512a0f2f12475fba6f673500c6621ec58ab4bb4cba89b7b4f6f0745aeca1

SHA512
ebdfeff9b292f65306e876bf7f7a2f613115a11ea3f68335b2da7dada16a1693af3f504f0adde8e8914645fbe8a5afbfc13805db5177cd3ef4313caf3028483c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
42331574d3f8c4ddcba60aed83f41b05

SHA1
d7d2d81de26e4ac6a55e5b0f1b5cf38274b85c9c

SHA256
2d7526aa6a2977ea798e49c16ad2fc8d00f05bbbb3da81f9538b7d851678520b

SHA512
14589ddd33fac345ec303e711ab5eeb8ad6cd9b63ef7de6c885e995612be748b777ac07f928099201fb4b23d06ab6d02b1a74a042d30491c769ede762f24def3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d13dfd8b-2770-4f0f-b4f3-ee57c3b294a7.tmp

Filesize
89KB

MD5
807e10bba8ce6c5401d3e85afbf1ea70

SHA1
251ceda5c13a694879be7b8ff074e9dae564d9ea

SHA256
db7bbc1ceb64a3eea8336b9dbc650a47d95fd4595dd73f9eceb87558d027945c

SHA512
a7713a9fe9a0d5d60d4868c4396ff8aef1059d369f04ceae371ccafda89fd254c6d438493d23827bf9760b7bb5a3782633926fd5fde08f91ce8a3ba50a7f3819

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\activity-stream.discovery_stream.json.tmp

Filesize
148KB

MD5
d73c800b3d84e33fe3e4b88ba10fc2ee

SHA1
5b18651bb583fe17873dea723b31541e94f1ec00

SHA256
0c343b3c1020e33eed173bbebb5165c48ba090971a983a2a1e1c3f75dd11c2f3

SHA512
466a451281eaca2bbc73f2bde96ee1f3a10fd7f86d0a6a61eed9f1e332e2a49d9e150742a03b0d4125b61466ca3ffab12f358cfd30b231986fd154b2aa80b8fc

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\cache2\doomed\10654

Filesize
15KB

MD5
de710dcecba95ecb5f7a8f0a1c5d7415

SHA1
4729fa9938bc6e9fed7bd23279f58d29c0b23880

SHA256
bb83e683d8d99af3eb33a4ffe3205bf326c4ecab6fd818d6b6b0f7aa48c7ad5d

SHA512
5b312507f27cdd748f587d0be45d7a896281bfa133a55458188314539b17a9f3d05262e0a1f210b53ce76170be069a2b603f2752e9f30f2bb8277529bb10cf6b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\cache2\doomed\15298

Filesize
15KB

MD5
f0389f8ef7f12cc459659ec27dec56a8

SHA1
d0a7402693fa7403e6c5db8623edd40ea9a86fd1

SHA256
cc6f19be9cece807f52c105cfeaf1d3f3f0a32a06424ace25b4d809c2499a67f

SHA512
955fc6e3247b66111252ca3995f15dd2f2bbc0a3a42c27f2fc2d89a043b1b3c3e1288cf237b8b92c83abcd7d2241d39f97aa9c084c9633acdc0deb647388236d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\cache2\doomed\31416

Filesize
15KB

MD5
ea7a0ed643066b84443b39338ed4ed1e

SHA1
f1ce574afc6d7f68469258ea32659eeb66c9ff52

SHA256
83b89a87ad8f39ed5b288f664987a68a30e19f42dbed98c6107cac5381a7053f

SHA512
67d8d168acdae8d546a3e9292a956eb6bcfb5f2acbf3e7ba77c0de77c541a5fb171c57192fbe97bb20e04014500433f68451bb9fa66787685f7defec0fd0ad7b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\cache2\doomed\9181

Filesize
17KB

MD5
d35b3c6537e7df765b023fea430a63b6

SHA1
a343c4cb4e84054c7abfe0c5024dd7adf53a1d78

SHA256
a2c7b63db651dc39b864b75881df396b7e6cd92777b554ef56fdee2496359cf4

SHA512
fe9e3a28dee78e5bf8636da5d661d67874f67e63b7eb56a05a9b8583950582b5dfdd70ff161b221af4012c9cd8627c3733c5147a2dfe1e5b67ecbf39a0d628a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab4127.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar413A.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-9PV8B.tmp\LegacyLauncher_Installer_legacy.tmp

Filesize
3.4MB

MD5
07b96c2d1823a0a548832c1062799d85

SHA1
65a35826b0e6d93700256fd8a4710cc039bd7b8d

SHA256
c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

SHA512
abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-9PV8B.tmp\LegacyLauncher_Installer_legacy.tmp

Filesize
3.4MB

MD5
07b96c2d1823a0a548832c1062799d85

SHA1
65a35826b0e6d93700256fd8a4710cc039bd7b8d

SHA256
c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

SHA512
abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\is-QDLET.tmp

Filesize
33B

MD5
d51ea22e55089cabbd364622b7bbf48c

SHA1
248e9a020adb095108ce10ded2297ee4026002d4

SHA256
cfdc0a6c68f1eecee2f30eaca09037cee55686ae0ced791d6ae823b0dcb283fb

SHA512
c120a865cce8fc06bd0416865ef495a1718eb04603ce25b9d34d76fb141d09cc148f92fe93036926dc1904e6639971ff92f4424b37a5c4a2945106324f3ee0fd

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\VCRUNTIME140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
b59d773b0848785a76baba82d3f775fa

SHA1
1b8dcd7f0e2ab0ba9ba302aa4e9c4bfa8da74a82

SHA256
0dc1f695befddb8ee52a308801410f2f1d115fc70668131075c2dbcfa0b6f9a0

SHA512
cbd52ed8a7471187d74367aa03bf097d9eac3e0d6dc64baf835744a09da0b050537ea6092dcb8b1e0365427e7f27315be2145c6f853ef936755ad07ef17d4a26

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
4c9bf992ae40c7460a029b1046a7fb5e

SHA1
79e13947af1d603c964cce3b225306cadff4058b

SHA256
18655793b4d489f769327e3c8710aced6b763c7873b6a8dc5ae6f28d228647f4

SHA512
c36d455ac79a73758f6090977c204764a88e929e8eaa7ce27a9c9920451c014e84ae98beb447e8345a8fa186b8c668b076c0ed27047a0e23ad2eeaf2cbc3a8d8

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
9d8e7a90dd0d54b7ccde435b977ee46d

SHA1
15cd12089c63f4147648856b16193cf014e6764f

SHA256
dc570708327c4c8419d4cced2a162d7ca112a168301134dd1fb5e2040eee45b6

SHA512
339fe195602355bce26a2526613a212271e7f8c7518d591b9e3c795c154d93b29b8c524b2c3678c799d0ea0101eabea918564e49def0b915af0619e975f1c34b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
d399c926466f044f183faa723ba59120

SHA1
a9534b4910888d70eefba6fcc3376f2549cb4a05

SHA256
19b018be16afe143fb107ef1dd5b8e6c6cb45966806eb3d31ec09ff0dc2b70d1

SHA512
fc55f4cfe7c6c63e0720971d920c5c6ead4db74a671f7bb8dc830aa87cb54459a62e974456875bdfda449d82a0acb368e3b6c2cc20c32b1b407e8de7cc532057

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-synch-l1-2-0.dll

Filesize
20KB

MD5
da5d400ade0d2288b17dcc11ed339e25

SHA1
f4a340079477a2c91e091968fe2d252cb01eeae2

SHA256
69dd52caffe1ea6e0900fb9604a57a87618f8468dc68cbb2a9bcefd1265f3f49

SHA512
3bfa3b4f93a0a68e1c0ac17c74c91c0a01b779961af4811756223fd1f47a86ce1f3ebd7ee4190a2edb84a50b1b444318965cad3a74d1ed4acfa014d0f5bbe34a

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
ea5f768b9a1664884ae4ae62cec90678

SHA1
ae08e80431da7f4e8f1e5457c255cc360ef1cac0

SHA256
24f4530debf2161e0d0256f923b836aeccc3278a6ff2c9400e415600276b5a6d

SHA512
411db31e994ebbc69971972e45d6e51186d8f8790e8c67660b6a846e48a5a5c53a113916a5a15d14c33d8c88037d7f252135e699cb526c4bb3b5abd2e2dfee7c

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-convert-l1-1-0.dll

Filesize
24KB

MD5
cf95a8f66313283f046ba9e6e5cdbba4

SHA1
b25c686fcc6729a88a8776cdb75ff21cbceb1c5d

SHA256
2ccb01b62188ddc051a582c128bf880608111c602534e487ec09a7cf67c22d17

SHA512
59f5901e513aceeeb819c73c5b9fe2504e80af28df54db19775d7c0e0481f14c21ce38e6db207672cc10facfdd217638829af2d3f0f85a0a413d10e3a81dae9c

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-environment-l1-1-0.dll

Filesize
20KB

MD5
71407c52ff12b113cc0498fdd42db8dc

SHA1
f0c6a3c1308177b090b2a94fee90156e1df6bb9b

SHA256
5a2ae5b270c1eaf467878e7f5dbdc689b71914bdf30293d7d46c01d9dd11bdd4

SHA512
b9bb29d76a144c10b234835b6006637c84103abeb8f5db19991f3ab2baaabe3ea3fc1a87132263d097addd01afcad08e77c9834dccd4c6723b3ca204f50aac1e

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
20KB

MD5
bbbf361746440219a3f7933ced5234bb

SHA1
1e3ededaa28e41f51e903c2ca66e7bd048fbaee7

SHA256
42a99227775e85ca8c197811a86aad0e2af496bd21623e4c9a2dd747571c8990

SHA512
f6681875bc02903676cd3ea3303920202c563a1a6e82dd687ed9bd0fafe92c9abba4a6df3e9c93f2bb0da9dccf0abb4543b6a5e5f0c92fa06e809b30b84085aa

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-heap-l1-1-0.dll

Filesize
20KB

MD5
bacc491eb1dee4786ade841e7b480cd8

SHA1
84cb8f770cdf873415403edf48e625514aecad02

SHA256
43c80120970be1efed3ea60bf7aa37b46fcce946b94fb11ca6e3ffff2f16bb29

SHA512
7832912f38cd6ba145af57548c2a1d4da3bed9392a0ab3a0faffe18fab40087e1d74676e2af004627a37f7e079b9146dccf7aaa04e360a88443196fede4ccadc

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-locale-l1-1-0.dll

Filesize
20KB

MD5
fb992bbb73e0127c70d075f81e52aaf9

SHA1
e9d326d436e2e55c521261ad9a5b73d2e998f644

SHA256
6011ece89f4833dcb4cefb02ea366b828725205eae6f25ab704b76fd9e5d86eb

SHA512
f568898a660c3850998b71a854fb5b8ffee59f02ebe7bc8c12ad9bc68f5472a0c812cf0a8ebc096fcc462e941a86a2a46619d4f03030e7ab69a0e4a9e7b1e0b6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
0936c89e36a8bac313de187e50c61078

SHA1
7f0e64a66301e1926fa9acdc36ad728958ce6d78

SHA256
5ba8f9c2842990ccdb447fc6d22023103b03f5387f341d3375809f060b5bb4ef

SHA512
a72fcadc55d12c97770f1222bb3b605b7d58157f6f55814d900fe0f1b5ff8075f84914c7ac66d4b0e59ef41c01504a35c391bfb182e2e9019d152037ef4ec20f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
24KB

MD5
01380df01b9e61fc241f82f8fb984c2d

SHA1
18f92390b292af0db8aaa7c7e6f6aa24463f9b84

SHA256
698fa887c5b994375c9271222e21d0d4c74810e73d377ad898927549fb69dcb3

SHA512
743d45fae759d8ff3ef862ffa70584696824b86991f262ddc897f6f469fbb4264cf7da3fe001f33c6305523753d37a7a64874c5010cc7fe63252c53cd96b06f0

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
24KB

MD5
a3f3ffcde3dd59cc94fb7dba16715671

SHA1
bbf272dab014d4cde1a57831a2daf4fde03b4884

SHA256
c1541ed4dc6879a136bf532393f7cefd3c48ad371d2ed9965e7cbd44c87a1137

SHA512
0e323b44b4ed7959c5f6409e565707e6e402382c950d2a0fc18d18f56ab588a49a260c99ecbda1bdb3778be131fb71b1b1158d852981e2e86d0b989b05496e02

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-string-l1-1-0.dll

Filesize
24KB

MD5
535d1195f493f7d92fe9007258494ebc

SHA1
1bf95ec546a6c1a8832d9002b7cd01265a1bbdad

SHA256
4429b8e6707645fb503ebc3bd50ce2a84f559b6a2ed778196835808bdfec2f48

SHA512
cd47f34032fc59a89dd286115db2cc2d1918f6ecc069fa37d2295126876fc5c931d6272892fb22db5eff1f810de818e64e6140617786a4d3fb153fd80c107468

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
ed44b4aac3c881a9bc524d15ae3f3944

SHA1
a87983d6c714aac9242bb60037864139863b1848

SHA256
f3e6f692cec86adb3985b929345c731469777aeaeb088e3ce070957df481f924

SHA512
25513c666f228365ce7e092782a92fb7eb144f6b3293f896b08317c36323006ba10f4133bbfdadd2576053c1d6ac0e28cc3ad5798b92eec34fc8fa36e8d83047

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-utility-l1-1-0.dll

Filesize
20KB

MD5
e79464524fbc2c266da52d0a903d85d3

SHA1
6bad715617992277751a8ddfc180ba291ba75d59

SHA256
6c78d4aba91877c5bb33e545b6a69a818f377e07ff62e791b804fa5b4d2bcf02

SHA512
def71789e238ecd3b2d68dbd204acc62537ad39ce50a5bf09f320fc8cacc1b3f561822784d006ab2145eab5ab7be3f74c1c773fbe814efa040a1dbb3ffa6744e

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.dll

Filesize
140KB

MD5
0fe24d48daeb2dbd44c5971545ff4387

SHA1
e43792d276ba212ad84cfbef6d6b5405fc4b76c0

SHA256
86b0f15814202f36fbcb4d220bb37445aec6c03d5473744ab4f567670c142adb

SHA512
e9fd5c87832063a040acc77043d88fae198b7d1d664142144b24954305b2191051bcdca1bd0ad067dc80ef3c9b4cb45f2fc9be1a2c4087407ce883c8c9fd96ca

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jimage.dll

Filesize
30KB

MD5
36eaca4b8c0e14921e79a47f91f3a3b3

SHA1
ffdf367e09a2d365de26527b53bf04758b7bfd76

SHA256
8e8903cc2231f28e682df62ec7623fabfa6a2112bcd14cee6f79e6924239b75f

SHA512
32d20959585aea57554f74baa36ea0dd54d47aa9f055cea39182267d70034d99a2d7aa3e8935dcdb2ea32c6b03c0485132404cd9717593e16f7a0ae5b7bda748

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jli.dll

Filesize
83KB

MD5
e9c6f790d97a491dc6dba58605d0a48f

SHA1
8d39cf612880ab33b4c247997649e12035783c2f

SHA256
d6eae7c72044fdd83eea7ae2c36dfa163b6093df19e360f980980334b14ff934

SHA512
a47c38871f08d47ac4b0e59f8a01dc9865dc730afceb66337f046a28a0e90c34700cffe00dc85be2294713fb507d3d89ab0142797beb490b6394575cde1b2091

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\msvcp140.dll

Filesize
552KB

MD5
cb75d6437418afe1a7b52acf75730ff1

SHA1
54c2da9552671b161cc87eb50fbdb86319b00f56

SHA256
7c4ce9d6bfcd6d9db4eef4e75ecdcf5a8e5320106e80f1eca617439fa43f33e8

SHA512
f58abb740a30467e2d8aedd7eed357da020fdc7d966e245890d102a52e96fea296e122c1d2bc112423fc64b6f5e70b7df3f3eb7de1bf5c2f5f0eb3644f1e06d6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\server\jvm.dll

Filesize
12.1MB

MD5
be9c05daabf6ee77db5564b5ebcf7f4c

SHA1
96d487233a3f47f3441679470359c1528658b064

SHA256
064a55423c55802d3ae7147c4f33d30d79d9b7f4f339c99fcb30c8759d0f8268

SHA512
e082b3bc5bdb332bf4281e3ff52cfea6e5b176cbf2a466c7826c6ffd386a326ec469ac1aa410bd6696b0d4f7bf36d174363ecea7df21285bca4ce6484722b3d7

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\ucrtbase.DLL

Filesize
1.1MB

MD5
b0397bb83c9d579224e464eebf40a090

SHA1
81efdfe57225dfe581aafb930347535f08f2f4ce

SHA256
d2ebd8719455ae4634d00fd0d0eb0c3ad75054fee4ff545346a1524e5d7e3a66

SHA512
e72a4378ed93cfb3da60d69af8103a0dcb9a69a86ee42f004db29771b00a606fbc9cbc37f3daa155d1d5fe85f82c87ca9898a39c7274462fcf5c4420f0581ab3

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
37c372da4b1adb96dc995ecb7e68e465

SHA1
6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

SHA256
1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

SHA512
926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-7CHV0.tmp

Filesize
33B

MD5
16989bab922811e28b64ac30449a5d05

SHA1
51ab20e8c19ee570bf6c496ec7346b7cf17bd04a

SHA256
86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192

SHA512
86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-CN1HT.tmp

Filesize
44B

MD5
7caf4cdbb99569deb047c20f1aad47c4

SHA1
24e7497426d27fe3c17774242883ccbed8f54b4d

SHA256
b998cda101e5a1ebcfb5ff9cddd76ed43a2f2169676592d428b7c0d780665f2a

SHA512
a1435e6f1e4e9285476a0e7bc3b4f645bbafb01b41798a2450390e16b18b242531f346373e01d568f6cc052932a3256e491a65e8b94b118069853f2b0c8cd619

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-U9H15.tmp

Filesize
49B

MD5
19c9d1d2aad61ce9cb8fb7f20ef1ca98

SHA1
2db86ab706d9b73feeb51a904be03b63bee92baf

SHA256
ebf9777bd307ed789ceabf282a9aca168c391c7f48e15a60939352efb3ea33f9

SHA512
7ec63b59d8f87a42689f544c2e8e7700da5d8720b37b41216cbd1372c47b1bc3b892020f0dd3a44a05f2a7c07471ff484e4165427f1a9cad0d2393840cd94e5b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\lib\jvm.cfg

Filesize
29B

MD5
7ce21bdcfa333c231d74a77394206302

SHA1
c5a940d2dee8e7bfc01a87d585ddca420d37e226

SHA256
aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0

SHA512
8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar

Filesize
9.2MB

MD5
45e7627b8542f033fc67ac7fb6d22537

SHA1
e6149d3d7d34f1ba3d8214e66433ce7dd25fb0bb

SHA256
df2d2516e905cdc87a68ec456f881664a5b158ba810934251d7b70a740679588

SHA512
a573ce983c6c93ef53459bffe16b9d442ca1906e58064e53444f74573f43ea2e62c7516823a3eb0f17fc3beadf6dc4fb4ba9b0094b6ef7f02c26d97e0f579f48

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\prefs-1.js

Filesize
6KB

MD5
5aa281fc995e75b8075b77ceb111d007

SHA1
20e405451849e7ca80463c64ba2806f1e0614966

SHA256
6e0c89b5f8982e19e57e45070951f727a32692b1909652fedea43b1b2f5291ea

SHA512
40f1e381b1dd5d46e304a27c0ffd8cd271b5a01eb1031c5857a9f860963c0121900837cebf3377184e37769194826746c1afac13c1a73838fed403c6351d1ce4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\prefs-1.js

Filesize
7KB

MD5
6953d5b8d927af0bda7d82e28071c92f

SHA1
5ef3cd73d15103fc8a179b1bb7bf773f92657474

SHA256
c873a77dac3f10900522bd4485444ad7f7f7ad6d4ac9dd7804e7908315b45d2f

SHA512
4885254f5849f2a45d1dc22df508015d247b2dedba119cf21ed0d176b94ab5c498f90aa044c0e2042adde0c5012904079d7991246975971e3c0d9c113f91bf5a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\prefs.js

Filesize
6KB

MD5
335aef7b2a23c64419db4def0800d3b5

SHA1
88649f0cb026b698218038bec2d4e215fa1fcf7f

SHA256
09485772a895d3c105bce1407172a05ff07c3e05435a4104ac598ab4c8f0c79c

SHA512
9a8d35eaf50020f44c2faeba4a838e784ece5c809b5a7a8a98365bad89ea15922006723415991e49d8797810fbb84b5b01828f749c09725ff0ace8856687a688

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\prefs.js

Filesize
6KB

MD5
6711094330ccaff8625df513abdce68d

SHA1
93ec3d0e1980578be6e72290bd49cb4a237c1b0c

SHA256
5dac5a5d3f5f77fdb58a469d87db66853cf368d92240c22587a5a12fde62177f

SHA512
24c542f706890ffe27e58856cc6c5b40b861b596e4ca1f5f21e6a2eb10175d15823b8a2f90cae61f007b0c2183d252a9de9b392add658f09169eba7e64beeaa1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
1cee339650b171c83b2bb730d5987559

SHA1
0b12edaa727a96fe664df667d61ec1831c3ca740

SHA256
569644c2915b46f6f19f4390a6c2123b4b6f664271276f5cd9225e14ce73e0c8

SHA512
b6c34bfa34dc63a4ede1ea7640386e0c5fad0d067491f9369781ac47b43049026bd56174188ed17386c1186d45e3e64b45d18917994efdf7b970beb843e5d5eb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
5KB

MD5
5fcbfe48224fc6df44b0ef25a836c1fa

SHA1
40a2c311a998b18f7d87d8f42d0e85f98cbb9867

SHA256
8e6d1cbd30dafd624706bc6864f2b478fd8739ca09eee71bd30ed30e433052ba

SHA512
709bb4bedb56b835542b688d677469bad02d7b6a580905f363f8a1605f9d32f646a5573d23ce301b0c88e0f6f0a0dfbf491d88154eb62e8b10ab368629993998

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
38260074984a246fea9ca4b429de76e0

SHA1
3737461822d44fce0404012881e111e381877e79

SHA256
f94756b8c27298e1a7de623a08f6b633396ff08f8fb4f21c3b1a3574472db54b

SHA512
148a4331d67ceb36caca2fbbb487bb06655aa1bc421cccaf7e55680f5038e174e60cbb5fd86915acb84c6d6ec51bcea16147b07a5ed8c00ee699321d8ccbdf7d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
5KB

MD5
6cd624c533c4b31c4f9941678d20fa74

SHA1
b28fdd46e905fe041de404822893fe5dc6c0d053

SHA256
8eea076e44bd98e92b48f2a5a139fd7fa4cf7f3a182256c488b1a53a8dc3d957

SHA512
863e42d87bfeca983a64bb9bd6b549f9bca625df72edd745693950da88cb53243e80cee4d1140cd7386af669db2de082be38250df977e09358d61cb0bf73bb87

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
8KB

MD5
a636465591f9cb9e15700f71bede4c00

SHA1
96ede4de507f0fd6e5e30906aea7a9e612a2bf28

SHA256
f8f710a611140ccbc4c13382243e7c33e94b821f943db3620aa0737c30043d8a

SHA512
01c084f27bb2ea298a3b569a60f4c023dce5a7c26065525306df4106b72af0e7b960c149f0794296fce4033493f424d837cfa55392df5c7310718d8246d32282

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\sessionstore.jsonlz4

Filesize
8KB

MD5
998cc2a0f158426060d30c3059612876

SHA1
84980a183bec861b25072b2aa7d5fef30f1a43ca

SHA256
684d3e2069c469fd113ebea12eecb1fc3da7918deadd4eabf8b98c5b9e13878e

SHA512
fa3bb54c00740732154f37336424a92e38b3fa03ec2986518056a1ee2125f72a0b04ca141447712a7819c8f06b4f02ee184838fbe973789355356bd684bb7eae

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9q2c1tqt.default-release\storage\default\https+++vlscppe.microsoft.com\idb\1620950971tbmdx-.sqlite

Filesize
48KB

MD5
ec70c452d8b27bcb5433fb0426fa861e

SHA1
b2c7b4f4416990b7aca4c4403bd570ef322aa7e0

SHA256
0b2ce9df20339215931ac7d1e3301704141efa660707938c075f90bb107dabdc

SHA512
751cf2e13c75506cc9e186c976aecee898777e136d4b12780e9331df858a9c5e09f527fd0865af93a6965c9d2c157e9491f2d2c735c043d635586351a6ed1eaa

Download Submit
C:\Users\Admin\Downloads\MediaCreationTool22H2.rbpwkhP6.exe.part

Filesize
18.6MB

MD5
aa2ad37bb74c05a49417e3d2f1bd89ce

SHA1
1bf5f814ffe801b4e6f118e829c0d2821d78a60a

SHA256
690c8a63769d444fad47b7ddecee7f24c9333aa735d0bd46587d0df5cf15cde5

SHA512
fab34ccbefbcdcec8f823840c16ae564812d0e063319c4eb4cc1112cf775b8764fea59d0bbafd4774d84b56e08c24056fa96f27425c4060e12eb547c2ae086cc

Download Submit
\Users\Admin\AppData\Local\Temp\is-9PV8B.tmp\LegacyLauncher_Installer_legacy.tmp

Filesize
3.4MB

MD5
07b96c2d1823a0a548832c1062799d85

SHA1
65a35826b0e6d93700256fd8a4710cc039bd7b8d

SHA256
c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

SHA512
abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
b59d773b0848785a76baba82d3f775fa

SHA1
1b8dcd7f0e2ab0ba9ba302aa4e9c4bfa8da74a82

SHA256
0dc1f695befddb8ee52a308801410f2f1d115fc70668131075c2dbcfa0b6f9a0

SHA512
cbd52ed8a7471187d74367aa03bf097d9eac3e0d6dc64baf835744a09da0b050537ea6092dcb8b1e0365427e7f27315be2145c6f853ef936755ad07ef17d4a26

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
4c9bf992ae40c7460a029b1046a7fb5e

SHA1
79e13947af1d603c964cce3b225306cadff4058b

SHA256
18655793b4d489f769327e3c8710aced6b763c7873b6a8dc5ae6f28d228647f4

SHA512
c36d455ac79a73758f6090977c204764a88e929e8eaa7ce27a9c9920451c014e84ae98beb447e8345a8fa186b8c668b076c0ed27047a0e23ad2eeaf2cbc3a8d8

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
9d8e7a90dd0d54b7ccde435b977ee46d

SHA1
15cd12089c63f4147648856b16193cf014e6764f

SHA256
dc570708327c4c8419d4cced2a162d7ca112a168301134dd1fb5e2040eee45b6

SHA512
339fe195602355bce26a2526613a212271e7f8c7518d591b9e3c795c154d93b29b8c524b2c3678c799d0ea0101eabea918564e49def0b915af0619e975f1c34b

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
d399c926466f044f183faa723ba59120

SHA1
a9534b4910888d70eefba6fcc3376f2549cb4a05

SHA256
19b018be16afe143fb107ef1dd5b8e6c6cb45966806eb3d31ec09ff0dc2b70d1

SHA512
fc55f4cfe7c6c63e0720971d920c5c6ead4db74a671f7bb8dc830aa87cb54459a62e974456875bdfda449d82a0acb368e3b6c2cc20c32b1b407e8de7cc532057

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-synch-l1-2-0.dll

Filesize
20KB

MD5
da5d400ade0d2288b17dcc11ed339e25

SHA1
f4a340079477a2c91e091968fe2d252cb01eeae2

SHA256
69dd52caffe1ea6e0900fb9604a57a87618f8468dc68cbb2a9bcefd1265f3f49

SHA512
3bfa3b4f93a0a68e1c0ac17c74c91c0a01b779961af4811756223fd1f47a86ce1f3ebd7ee4190a2edb84a50b1b444318965cad3a74d1ed4acfa014d0f5bbe34a

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
ea5f768b9a1664884ae4ae62cec90678

SHA1
ae08e80431da7f4e8f1e5457c255cc360ef1cac0

SHA256
24f4530debf2161e0d0256f923b836aeccc3278a6ff2c9400e415600276b5a6d

SHA512
411db31e994ebbc69971972e45d6e51186d8f8790e8c67660b6a846e48a5a5c53a113916a5a15d14c33d8c88037d7f252135e699cb526c4bb3b5abd2e2dfee7c

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-convert-l1-1-0.dll

Filesize
24KB

MD5
cf95a8f66313283f046ba9e6e5cdbba4

SHA1
b25c686fcc6729a88a8776cdb75ff21cbceb1c5d

SHA256
2ccb01b62188ddc051a582c128bf880608111c602534e487ec09a7cf67c22d17

SHA512
59f5901e513aceeeb819c73c5b9fe2504e80af28df54db19775d7c0e0481f14c21ce38e6db207672cc10facfdd217638829af2d3f0f85a0a413d10e3a81dae9c

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-environment-l1-1-0.dll

Filesize
20KB

MD5
71407c52ff12b113cc0498fdd42db8dc

SHA1
f0c6a3c1308177b090b2a94fee90156e1df6bb9b

SHA256
5a2ae5b270c1eaf467878e7f5dbdc689b71914bdf30293d7d46c01d9dd11bdd4

SHA512
b9bb29d76a144c10b234835b6006637c84103abeb8f5db19991f3ab2baaabe3ea3fc1a87132263d097addd01afcad08e77c9834dccd4c6723b3ca204f50aac1e

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-filesystem-l1-1-0.dll

Filesize
20KB

MD5
bbbf361746440219a3f7933ced5234bb

SHA1
1e3ededaa28e41f51e903c2ca66e7bd048fbaee7

SHA256
42a99227775e85ca8c197811a86aad0e2af496bd21623e4c9a2dd747571c8990

SHA512
f6681875bc02903676cd3ea3303920202c563a1a6e82dd687ed9bd0fafe92c9abba4a6df3e9c93f2bb0da9dccf0abb4543b6a5e5f0c92fa06e809b30b84085aa

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-heap-l1-1-0.dll

Filesize
20KB

MD5
bacc491eb1dee4786ade841e7b480cd8

SHA1
84cb8f770cdf873415403edf48e625514aecad02

SHA256
43c80120970be1efed3ea60bf7aa37b46fcce946b94fb11ca6e3ffff2f16bb29

SHA512
7832912f38cd6ba145af57548c2a1d4da3bed9392a0ab3a0faffe18fab40087e1d74676e2af004627a37f7e079b9146dccf7aaa04e360a88443196fede4ccadc

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-locale-l1-1-0.dll

Filesize
20KB

MD5
fb992bbb73e0127c70d075f81e52aaf9

SHA1
e9d326d436e2e55c521261ad9a5b73d2e998f644

SHA256
6011ece89f4833dcb4cefb02ea366b828725205eae6f25ab704b76fd9e5d86eb

SHA512
f568898a660c3850998b71a854fb5b8ffee59f02ebe7bc8c12ad9bc68f5472a0c812cf0a8ebc096fcc462e941a86a2a46619d4f03030e7ab69a0e4a9e7b1e0b6

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-math-l1-1-0.dll

Filesize
28KB

MD5
0936c89e36a8bac313de187e50c61078

SHA1
7f0e64a66301e1926fa9acdc36ad728958ce6d78

SHA256
5ba8f9c2842990ccdb447fc6d22023103b03f5387f341d3375809f060b5bb4ef

SHA512
a72fcadc55d12c97770f1222bb3b605b7d58157f6f55814d900fe0f1b5ff8075f84914c7ac66d4b0e59ef41c01504a35c391bfb182e2e9019d152037ef4ec20f

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-runtime-l1-1-0.dll

Filesize
24KB

MD5
01380df01b9e61fc241f82f8fb984c2d

SHA1
18f92390b292af0db8aaa7c7e6f6aa24463f9b84

SHA256
698fa887c5b994375c9271222e21d0d4c74810e73d377ad898927549fb69dcb3

SHA512
743d45fae759d8ff3ef862ffa70584696824b86991f262ddc897f6f469fbb4264cf7da3fe001f33c6305523753d37a7a64874c5010cc7fe63252c53cd96b06f0

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-stdio-l1-1-0.dll

Filesize
24KB

MD5
a3f3ffcde3dd59cc94fb7dba16715671

SHA1
bbf272dab014d4cde1a57831a2daf4fde03b4884

SHA256
c1541ed4dc6879a136bf532393f7cefd3c48ad371d2ed9965e7cbd44c87a1137

SHA512
0e323b44b4ed7959c5f6409e565707e6e402382c950d2a0fc18d18f56ab588a49a260c99ecbda1bdb3778be131fb71b1b1158d852981e2e86d0b989b05496e02

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-string-l1-1-0.dll

Filesize
24KB

MD5
535d1195f493f7d92fe9007258494ebc

SHA1
1bf95ec546a6c1a8832d9002b7cd01265a1bbdad

SHA256
4429b8e6707645fb503ebc3bd50ce2a84f559b6a2ed778196835808bdfec2f48

SHA512
cd47f34032fc59a89dd286115db2cc2d1918f6ecc069fa37d2295126876fc5c931d6272892fb22db5eff1f810de818e64e6140617786a4d3fb153fd80c107468

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-time-l1-1-0.dll

Filesize
20KB

MD5
ed44b4aac3c881a9bc524d15ae3f3944

SHA1
a87983d6c714aac9242bb60037864139863b1848

SHA256
f3e6f692cec86adb3985b929345c731469777aeaeb088e3ce070957df481f924

SHA512
25513c666f228365ce7e092782a92fb7eb144f6b3293f896b08317c36323006ba10f4133bbfdadd2576053c1d6ac0e28cc3ad5798b92eec34fc8fa36e8d83047

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\api-ms-win-crt-utility-l1-1-0.dll

Filesize
20KB

MD5
e79464524fbc2c266da52d0a903d85d3

SHA1
6bad715617992277751a8ddfc180ba291ba75d59

SHA256
6c78d4aba91877c5bb33e545b6a69a818f377e07ff62e791b804fa5b4d2bcf02

SHA512
def71789e238ecd3b2d68dbd204acc62537ad39ce50a5bf09f320fc8cacc1b3f561822784d006ab2145eab5ab7be3f74c1c773fbe814efa040a1dbb3ffa6744e

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.dll

Filesize
140KB

MD5
0fe24d48daeb2dbd44c5971545ff4387

SHA1
e43792d276ba212ad84cfbef6d6b5405fc4b76c0

SHA256
86b0f15814202f36fbcb4d220bb37445aec6c03d5473744ab4f567670c142adb

SHA512
e9fd5c87832063a040acc77043d88fae198b7d1d664142144b24954305b2191051bcdca1bd0ad067dc80ef3c9b4cb45f2fc9be1a2c4087407ce883c8c9fd96ca

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.dll

Filesize
140KB

MD5
0fe24d48daeb2dbd44c5971545ff4387

SHA1
e43792d276ba212ad84cfbef6d6b5405fc4b76c0

SHA256
86b0f15814202f36fbcb4d220bb37445aec6c03d5473744ab4f567670c142adb

SHA512
e9fd5c87832063a040acc77043d88fae198b7d1d664142144b24954305b2191051bcdca1bd0ad067dc80ef3c9b4cb45f2fc9be1a2c4087407ce883c8c9fd96ca

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jimage.dll

Filesize
30KB

MD5
36eaca4b8c0e14921e79a47f91f3a3b3

SHA1
ffdf367e09a2d365de26527b53bf04758b7bfd76

SHA256
8e8903cc2231f28e682df62ec7623fabfa6a2112bcd14cee6f79e6924239b75f

SHA512
32d20959585aea57554f74baa36ea0dd54d47aa9f055cea39182267d70034d99a2d7aa3e8935dcdb2ea32c6b03c0485132404cd9717593e16f7a0ae5b7bda748

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jli.dll

Filesize
83KB

MD5
e9c6f790d97a491dc6dba58605d0a48f

SHA1
8d39cf612880ab33b4c247997649e12035783c2f

SHA256
d6eae7c72044fdd83eea7ae2c36dfa163b6093df19e360f980980334b14ff934

SHA512
a47c38871f08d47ac4b0e59f8a01dc9865dc730afceb66337f046a28a0e90c34700cffe00dc85be2294713fb507d3d89ab0142797beb490b6394575cde1b2091

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\msvcp140.dll

Filesize
552KB

MD5
cb75d6437418afe1a7b52acf75730ff1

SHA1
54c2da9552671b161cc87eb50fbdb86319b00f56

SHA256
7c4ce9d6bfcd6d9db4eef4e75ecdcf5a8e5320106e80f1eca617439fa43f33e8

SHA512
f58abb740a30467e2d8aedd7eed357da020fdc7d966e245890d102a52e96fea296e122c1d2bc112423fc64b6f5e70b7df3f3eb7de1bf5c2f5f0eb3644f1e06d6

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\server\jvm.dll

Filesize
12.1MB

MD5
be9c05daabf6ee77db5564b5ebcf7f4c

SHA1
96d487233a3f47f3441679470359c1528658b064

SHA256
064a55423c55802d3ae7147c4f33d30d79d9b7f4f339c99fcb30c8759d0f8268

SHA512
e082b3bc5bdb332bf4281e3ff52cfea6e5b176cbf2a466c7826c6ffd386a326ec469ac1aa410bd6696b0d4f7bf36d174363ecea7df21285bca4ce6484722b3d7

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\ucrtbase.dll

Filesize
1.1MB

MD5
b0397bb83c9d579224e464eebf40a090

SHA1
81efdfe57225dfe581aafb930347535f08f2f4ce

SHA256
d2ebd8719455ae4634d00fd0d0eb0c3ad75054fee4ff545346a1524e5d7e3a66

SHA512
e72a4378ed93cfb3da60d69af8103a0dcb9a69a86ee42f004db29771b00a606fbc9cbc37f3daa155d1d5fe85f82c87ca9898a39c7274462fcf5c4420f0581ab3

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
37c372da4b1adb96dc995ecb7e68e465

SHA1
6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

SHA256
1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

SHA512
926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

Download Submit
memory/1216-2130-0x0000000008460000-0x0000000009460000-memory.dmp

Filesize
16.0MB

Download
memory/2016-921-0x0000000000400000-0x0000000000472000-memory.dmp

Filesize
456KB

Download
memory/2160-1013-0x00000000086B0000-0x00000000096B0000-memory.dmp

Filesize
16.0MB

Download
memory/2160-1001-0x00000000086B0000-0x00000000096B0000-memory.dmp

Filesize
16.0MB

Download
memory/2232-994-0x00000000083D0000-0x00000000093D0000-memory.dmp

Filesize
16.0MB

Download
memory/2232-980-0x00000000083D0000-0x00000000093D0000-memory.dmp

Filesize
16.0MB

Download
memory/2844-974-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2844-752-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2844-67-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/2844-66-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/2844-62-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/2952-978-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/2952-65-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/2952-64-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/2952-55-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download