e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7

Analysis

max time kernel
118s
max time network
125s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
18/08/2023, 20:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DiscordSetup.exe
Size

91.1MB
MD5

e566828b19ea32efd096d427f1350c08
SHA1

cf4f02f6613059942da0c32356db5ac1dce43b56
SHA256

e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7
SHA512

4044d03d755525b2ad893318f270458b10b6e52455fe35717a1db5a6bfbc0c5cd4d6fd5d18813f9d1efe76f5f90edb6de96fd8e7a7e15057c713faf341bcfc79
SSDEEP

1572864:WnKEvGyXi+aPcu1n0ckUoJr0p03kRPoNnn+d3MGpHKmLYj/:TyXBoDn0lO03kRPh3bpHEj/

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe"	reg.exe

Executes dropped EXE 6 IoCs

pid	Process
1200	Update.exe
2420	Discord.exe
2460	Discord.exe
1872	Update.exe
2392	Discord.exe
484	Discord.exe

Loads dropped DLL 17 IoCs

pid	Process
2636	DiscordSetup.exe
1200	Update.exe
1200	Update.exe
1200	Update.exe
2420	Discord.exe
2460	Discord.exe
2420	Discord.exe
1872	Update.exe
1872	Update.exe
2392	Discord.exe
1872	Update.exe
1872	Update.exe
1872	Update.exe
1872	Update.exe
2392	Discord.exe
2392	Discord.exe
2392	Discord.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 11 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\ = "URL:Discord Protocol"	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\URL Protocol	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\shell	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\shell\open	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9013\\Discord.exe\" --url -- \"%1\""	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\DefaultIcon	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9013\\Discord.exe\",-1"	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord\shell\open\command	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-4159544280-4273523227-683900707-1000_CLASSES\Discord	reg.exe

Modifies registry key 1 TTPs 5 IoCs

Modify Registry

T1112

pid	Process
2852	reg.exe
2204	reg.exe
2896	reg.exe
2900	reg.exe
2972	reg.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2420	Discord.exe
2420	Discord.exe
2420	Discord.exe
2420	Discord.exe
2420	Discord.exe

Suspicious use of AdjustPrivilegeToken 16 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe
Token: SeShutdownPrivilege	2420	Discord.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1200	Update.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 2636 wrote to memory of 1200	2636	DiscordSetup.exe	28
PID 1200 wrote to memory of 2420	1200	Update.exe	29
PID 1200 wrote to memory of 2420	1200	Update.exe	29
PID 1200 wrote to memory of 2420	1200	Update.exe	29
PID 1200 wrote to memory of 2420	1200	Update.exe	29
PID 2420 wrote to memory of 2460	2420	Discord.exe	32
PID 2420 wrote to memory of 2460	2420	Discord.exe	32
PID 2420 wrote to memory of 2460	2420	Discord.exe	32
PID 2420 wrote to memory of 2460	2420	Discord.exe	32
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 1872	2420	Discord.exe	33
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 2392	2420	Discord.exe	34
PID 2420 wrote to memory of 484	2420	Discord.exe	36

C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe
"C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2636
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:1200
- - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --squirrel-install 1.0.9013
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2420
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://insecure.sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9013 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.2 --initial-client-data=0x310,0x314,0x318,0x30c,0x31c,0x7ebff78,0x7ebff88,0x7ebff94
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2460
  - - C:\Users\Admin\AppData\Local\Discord\Update.exe
      C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1872
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1052 --field-trial-handle=1232,i,11119527059329575643,18312001657275878469,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2392
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1476 --field-trial-handle=1232,i,11119527059329575643,18312001657275878469,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      PID:484
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
      4⤵
      Adds Run key to start application
      Modifies registry key
      PID:2204
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:2896
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:2900
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe\",-1" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:2972
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe\" --url -- \"%1\"" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:2852

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\D3DCompiler_47.dll

Filesize
3.9MB

MD5
3b4647bcb9feb591c2c05d1a606ed988

SHA1
b42c59f96fb069fd49009dfd94550a7764e6c97c

SHA256
35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

SHA512
00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\app.ico

Filesize
278KB

MD5
084f9bc0136f779f82bea88b5c38a358

SHA1
64f210b7888e5474c3aabcb602d895d58929b451

SHA256
dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43

SHA512
65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\chrome_100_percent.pak

Filesize
126KB

MD5
d31f3439e2a3f7bee4ddd26f46a2b83f

SHA1
c5a26f86eb119ae364c5bf707bebed7e871fc214

SHA256
9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

SHA512
aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\chrome_200_percent.pak

Filesize
175KB

MD5
5604b67e3f03ab2741f910a250c91137

SHA1
a4bb15ac7914c22575f1051a29c448f215fe027f

SHA256
1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c

SHA512
5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\icudtl.dat

Filesize
10.0MB

MD5
76bef9b8bb32e1e54fe1054c97b84a10

SHA1
05dfea2a3afeda799ab01bb7fbce628cacd596f4

SHA256
97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3

SHA512
7330df8129e7a0b7b3655498b2593321595ec29445ea193c8f473c593590f5701eb7125ff6e5cde970c54765f9565fa51c2c54af6e2127f582ab45efa7a3a0f6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libegl.dll

Filesize
394KB

MD5
b1e94d2c5465efd8364c50864d753d47

SHA1
7bdca5b487b0b782c8942e2655b1934562af5307

SHA256
e28676cc24662a0dca7264af64a629769398cb6856c4b015c4139ad35846d635

SHA512
4fc7abbd8a397eca852fedd30a8f442f39c2ab6b978585f596acb0f58c34c0014d4561245f0a6ffac191a2ca7a65a5e1d2d4c2af348fd9c651074a2e96beaf96

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libglesv2.dll

Filesize
6.4MB

MD5
d10aa3388c04ed6c28c0e280a050e83b

SHA1
4c53a9657f11fe3412f4ae810628955437e2e2ac

SHA256
13dc4387ac9b6abb2c638637f16eb4b553e4f7b9a167644cb21d46a816fdf805

SHA512
221ef26ba7586550a4a97583fbf648e3c358a1de3e9718101a7c3e2a8e0e83eae17fe6647d1d3ac32911763fec4f0a5262a7239f5ad11ce6c8ac6d14be877dc7

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\locales\en-US.pak

Filesize
313KB

MD5
3f6f4b2c2f24e3893882cdaa1ccfe1a3

SHA1
b021cca30e774e0b91ee21b5beb030fea646098f

SHA256
bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f

SHA512
bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources.pak

Filesize
5.1MB

MD5
7fd8c5f2e763aa919775b9dccac733de

SHA1
0192874c667b10b9da77e97b9897e794121f4e5c

SHA256
5cffe876882d9f5acf5e2dbc5629b0083a2d3c87e7f57c0992ea5a4c720bf38a

SHA512
977881e62fb96130f9a042b015e7e22ad4ae5ec63b6a73946783d63dd983b8edca021cd6d822ce51828451b2a94c4a20584802b495feaa863aaf6b2660643ff5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources\app.asar

Filesize
4.6MB

MD5
601c17da36e2291f43925ef313b338d4

SHA1
cbcc577b9640c02bd0342387ed280b0bfb9f68d7

SHA256
c9389005bbe6e9321bc3771f96f900c881196b9266cc5f8330c987b78b4b2609

SHA512
e7faaf0446ce7403fce90a2d15a3a2dee50b2f244c19f25c48d68fcfdf264559d964e421f9f884f443f242dce6256a0d888d42a8835c35511fbb88d7220066d7

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources\build_info.json

Filesize
85B

MD5
c80c4f7cde5a7207861dc9509792629c

SHA1
fcd0d8b3dcf21c1fd4ae26f46496294a0ccbcd1e

SHA256
9f57e7a708998fd5b0dde9bd4102c446cf428d99ba74b58fab5e1f74b21c1d0f

SHA512
f1702ac91f2ab1962651634ff7a13625f6dfa136b46fc3e2da5d03f8a2186b0991313596311583ab6206ec7ba68761d7cb7bd51eeffb8204c44b6bee291303b0

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\v8_context_snapshot.bin

Filesize
585KB

MD5
b59edfc69aba2f4c433d5b0861d9ac31

SHA1
a2adeb4d3b45170351d1c8ba0dafde71fe35b9c7

SHA256
82c3df9c5e8f300b1af7b1d070163b43648a762acff0ce78f801382d9cd58d16

SHA512
b737160e99b6baa6f960316a223b47690335372ee2d9bf0331e331041dd2e8f727805377ee673e3ace494af01914d301b7e27c5fe5f6642ee5d08afa5442f8f9

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9013-full.nupkg

Filesize
90.2MB

MD5
62ae8da110ba3b8634d00cbcbb436ff4

SHA1
a73292eb7b261d649c969f36d802562f1b65752e

SHA256
fc49f3a87706894cb6ea1252ae8e0806d3f439ab14e458e30fb4438534672adc

SHA512
1538d46cafd5cde728acbf8d527cac471992ed967cb0f2f9c3fd51c636ac5adc45bb278eb8e181456b5aa81fda6b4b1691ec3cee8d64c9f1bb28d26806bc1e0d

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES

Filesize
80B

MD5
d634439696544cf2b474a1177f99f3bb

SHA1
77e448b51ffb7928b9bb794fed6a976df8bf50f4

SHA256
b48098fab12e9cfb5fe016c64cd22d089eacc4b942202745a5a9fb756b7d8aaf

SHA512
a76558119c3eeaf120b27653af2b275e960fb10e1c094cd9b0fd5ca37fb84febb3e3ae7946d8ad9a97677d32a634b397d3b9cc1ec58dbb0dfd9ff14adfe4230d

Download Submit
C:\Users\Admin\AppData\Local\Discord\update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9013-full.nupkg

Filesize
90.2MB

MD5
62ae8da110ba3b8634d00cbcbb436ff4

SHA1
a73292eb7b261d649c969f36d802562f1b65752e

SHA256
fc49f3a87706894cb6ea1252ae8e0806d3f439ab14e458e30fb4438534672adc

SHA512
1538d46cafd5cde728acbf8d527cac471992ed967cb0f2f9c3fd51c636ac5adc45bb278eb8e181456b5aa81fda6b4b1691ec3cee8d64c9f1bb28d26806bc1e0d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
80B

MD5
d634439696544cf2b474a1177f99f3bb

SHA1
77e448b51ffb7928b9bb794fed6a976df8bf50f4

SHA256
b48098fab12e9cfb5fe016c64cd22d089eacc4b942202745a5a9fb756b7d8aaf

SHA512
a76558119c3eeaf120b27653af2b275e960fb10e1c094cd9b0fd5ca37fb84febb3e3ae7946d8ad9a97677d32a634b397d3b9cc1ec58dbb0dfd9ff14adfe4230d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\d3dcompiler_47.dll

Filesize
3.9MB

MD5
3b4647bcb9feb591c2c05d1a606ed988

SHA1
b42c59f96fb069fd49009dfd94550a7764e6c97c

SHA256
35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

SHA512
00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\libEGL.dll

Filesize
394KB

MD5
b1e94d2c5465efd8364c50864d753d47

SHA1
7bdca5b487b0b782c8942e2655b1934562af5307

SHA256
e28676cc24662a0dca7264af64a629769398cb6856c4b015c4139ad35846d635

SHA512
4fc7abbd8a397eca852fedd30a8f442f39c2ab6b978585f596acb0f58c34c0014d4561245f0a6ffac191a2ca7a65a5e1d2d4c2af348fd9c651074a2e96beaf96

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9013\libGLESv2.dll

Filesize
6.4MB

MD5
d10aa3388c04ed6c28c0e280a050e83b

SHA1
4c53a9657f11fe3412f4ae810628955437e2e2ac

SHA256
13dc4387ac9b6abb2c638637f16eb4b553e4f7b9a167644cb21d46a816fdf805

SHA512
221ef26ba7586550a4a97583fbf648e3c358a1de3e9718101a7c3e2a8e0e83eae17fe6647d1d3ac32911763fec4f0a5262a7239f5ad11ce6c8ac6d14be877dc7

Download Submit
\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
memory/1200-266-0x0000000000600000-0x000000000060A000-memory.dmp

Filesize
40KB

Download
memory/1200-200-0x0000000000600000-0x000000000060A000-memory.dmp

Filesize
40KB

Download
memory/1200-265-0x0000000000600000-0x000000000060A000-memory.dmp

Filesize
40KB

Download
memory/1200-247-0x0000000004E00000-0x0000000004E40000-memory.dmp

Filesize
256KB

Download
memory/1200-226-0x0000000004E00000-0x0000000004E40000-memory.dmp

Filesize
256KB

Download
memory/1200-202-0x00000000740F0000-0x00000000747DE000-memory.dmp

Filesize
6.9MB

Download
memory/1200-66-0x00000000740F0000-0x00000000747DE000-memory.dmp

Filesize
6.9MB

Download
memory/1200-65-0x0000000000E70000-0x0000000000FE6000-memory.dmp

Filesize
1.5MB

Download
memory/1200-201-0x0000000000600000-0x000000000060A000-memory.dmp

Filesize
40KB

Download
memory/1200-67-0x0000000004E00000-0x0000000004E40000-memory.dmp

Filesize
256KB

Download
memory/1200-280-0x0000000004E00000-0x0000000004E40000-memory.dmp

Filesize
256KB

Download
memory/1872-279-0x00000000740F0000-0x00000000747DE000-memory.dmp

Filesize
6.9MB

Download
memory/1872-277-0x0000000000980000-0x0000000000AF6000-memory.dmp

Filesize
1.5MB

Download
memory/1872-336-0x00000000740F0000-0x00000000747DE000-memory.dmp

Filesize
6.9MB

Download
memory/2392-287-0x0000000008650000-0x0000000008651000-memory.dmp

Filesize
4KB

Download