e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7

Analysis

max time kernel
153s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
18-08-2023 20:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DiscordSetup.exe
Size

91.1MB
MD5

e566828b19ea32efd096d427f1350c08
SHA1

cf4f02f6613059942da0c32356db5ac1dce43b56
SHA256

e4521f4f089eb7993188901318b2823c9f5293193ffe7cc6d85921c76ac372f7
SHA512

4044d03d755525b2ad893318f270458b10b6e52455fe35717a1db5a6bfbc0c5cd4d6fd5d18813f9d1efe76f5f90edb6de96fd8e7a7e15057c713faf341bcfc79
SSDEEP

1572864:WnKEvGyXi+aPcu1n0ckUoJr0p03kRPoNnn+d3MGpHKmLYj/:TyXBoDn0lO03kRPh3bpHEj/

Score

8^/10

persistence

Malware Config

Signatures

Downloads MZ/PE file

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe"	reg.exe

Executes dropped EXE 6 IoCs

pid	Process
2840	Update.exe
3988	Discord.exe
1280	Discord.exe
4556	Update.exe
2636	Discord.exe
1988	Discord.exe

Loads dropped DLL 8 IoCs

pid	Process
3988	Discord.exe
1280	Discord.exe
2636	Discord.exe
2636	Discord.exe
2636	Discord.exe
2636	Discord.exe
2636	Discord.exe
1988	Discord.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133368646276430630"	chrome.exe

Modifies registry class 11 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\URL Protocol	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9013\\Discord.exe\",-1"	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\shell	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\shell\open	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9013\\Discord.exe\" --url -- \"%1\""	reg.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\ = "URL:Discord Protocol"	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\DefaultIcon	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord\shell\open\command	reg.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\Discord	reg.exe

Modifies registry key 1 TTPs 5 IoCs

Modify Registry

T1112

pid	Process
3680	reg.exe
3340	reg.exe
4340	reg.exe
3940	reg.exe
1652	reg.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

pid	Process
3536	chrome.exe
3536	chrome.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3988	Discord.exe
3536	chrome.exe
3536	chrome.exe
1780	chrome.exe
1780	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3988	Discord.exe
Token: SeCreatePagefilePrivilege	3988	Discord.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe
Token: SeShutdownPrivilege	3536	chrome.exe
Token: SeCreatePagefilePrivilege	3536	chrome.exe

Suspicious use of FindShellTrayWindow 55 IoCs

pid	Process
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
2840	Update.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe

Suspicious use of SendNotifyMessage 42 IoCs

pid	Process
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe
3536	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3816 wrote to memory of 2840	3816	DiscordSetup.exe	85
PID 3816 wrote to memory of 2840	3816	DiscordSetup.exe	85
PID 3816 wrote to memory of 2840	3816	DiscordSetup.exe	85
PID 3536 wrote to memory of 4960	3536	chrome.exe	88
PID 3536 wrote to memory of 4960	3536	chrome.exe	88
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4188	3536	chrome.exe	90
PID 3536 wrote to memory of 4968	3536	chrome.exe	91
PID 3536 wrote to memory of 4968	3536	chrome.exe	91
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92
PID 3536 wrote to memory of 2180	3536	chrome.exe	92

C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe
"C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3816
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  PID:2840
- - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --squirrel-install 1.0.9013
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    PID:3988
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9013 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.2 --initial-client-data=0x4a4,0x4a8,0x4ac,0x4a0,0x4b0,0x846ff78,0x846ff88,0x846ff94
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1280
  - - C:\Users\Admin\AppData\Local\Discord\Update.exe
      C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
      4⤵
      Executes dropped EXE
      PID:4556
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1820,i,10738683946533148094,15565845746141227279,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2636
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:4340
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe\" --url -- \"%1\"" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:3940
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe\",-1" /f
      4⤵
      Modifies registry class
      Modifies registry key
      PID:1652
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
      4⤵
      Modifies registry key
      PID:3680
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
      4⤵
      Adds Run key to start application
      Modifies registry key
      PID:3340
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --mojo-platform-channel-handle=2100 --field-trial-handle=1820,i,10738683946533148094,15565845746141227279,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1988

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffdc07d9758,0x7ffdc07d9768,0x7ffdc07d9778
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:2
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2256 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4600 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4768 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4908 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5300 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3256 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3264 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=856 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5536 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5464 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5696 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=988 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5868 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5848 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4624 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1648 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3768 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5820 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=1352 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4756 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5832 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5580 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3064 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:8
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3128 --field-trial-handle=1908,i,16410295527605331091,12628695013083961789,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1780

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:396

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\D3DCompiler_47.dll

Filesize
3.9MB

MD5
3b4647bcb9feb591c2c05d1a606ed988

SHA1
b42c59f96fb069fd49009dfd94550a7764e6c97c

SHA256
35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

SHA512
00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\Discord.exe

Filesize
130.3MB

MD5
0c6891f8c5638f646b927500c6f6323b

SHA1
33dedf5af77f04e268d9d9aefdfb02478eb849bd

SHA256
f4764bfcd3e2d42a69c5858cf2b2a17ff80ebfe36337d3cdea4207c24eed0b40

SHA512
eadb706f80771f96e4444cfbb695833e7a673d14c236c40153b21bb8c92abcee50ee283b855552e78f4d820e9284b1112776f67ec89a2005792e8584881102b6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\app.ico

Filesize
278KB

MD5
084f9bc0136f779f82bea88b5c38a358

SHA1
64f210b7888e5474c3aabcb602d895d58929b451

SHA256
dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43

SHA512
65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\chrome_100_percent.pak

Filesize
126KB

MD5
d31f3439e2a3f7bee4ddd26f46a2b83f

SHA1
c5a26f86eb119ae364c5bf707bebed7e871fc214

SHA256
9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

SHA512
aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\chrome_200_percent.pak

Filesize
175KB

MD5
5604b67e3f03ab2741f910a250c91137

SHA1
a4bb15ac7914c22575f1051a29c448f215fe027f

SHA256
1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c

SHA512
5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\d3dcompiler_47.dll

Filesize
3.9MB

MD5
3b4647bcb9feb591c2c05d1a606ed988

SHA1
b42c59f96fb069fd49009dfd94550a7764e6c97c

SHA256
35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

SHA512
00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\ffmpeg.dll

Filesize
3.1MB

MD5
8967377c84abc455f2b20b58d8af0dc3

SHA1
45fa04d5c3e521aa56d1fa8a6a542a8f153cd3c3

SHA256
d47c33052d7cb7ca7b8267339020541446ffda074a6d7c99b7fe7ed615931154

SHA512
41f84bb538999d8337eae893c05d8c56fbdd2fb59c43f410647a95f31ee89e787c8fdefc8b396200b9e3d526e6e30c9ea82010677ba61948f50efbb045dcd50b

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\icudtl.dat

Filesize
10.0MB

MD5
76bef9b8bb32e1e54fe1054c97b84a10

SHA1
05dfea2a3afeda799ab01bb7fbce628cacd596f4

SHA256
97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3

SHA512
7330df8129e7a0b7b3655498b2593321595ec29445ea193c8f473c593590f5701eb7125ff6e5cde970c54765f9565fa51c2c54af6e2127f582ab45efa7a3a0f6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libEGL.dll

Filesize
394KB

MD5
b1e94d2c5465efd8364c50864d753d47

SHA1
7bdca5b487b0b782c8942e2655b1934562af5307

SHA256
e28676cc24662a0dca7264af64a629769398cb6856c4b015c4139ad35846d635

SHA512
4fc7abbd8a397eca852fedd30a8f442f39c2ab6b978585f596acb0f58c34c0014d4561245f0a6ffac191a2ca7a65a5e1d2d4c2af348fd9c651074a2e96beaf96

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libGLESv2.dll

Filesize
6.4MB

MD5
d10aa3388c04ed6c28c0e280a050e83b

SHA1
4c53a9657f11fe3412f4ae810628955437e2e2ac

SHA256
13dc4387ac9b6abb2c638637f16eb4b553e4f7b9a167644cb21d46a816fdf805

SHA512
221ef26ba7586550a4a97583fbf648e3c358a1de3e9718101a7c3e2a8e0e83eae17fe6647d1d3ac32911763fec4f0a5262a7239f5ad11ce6c8ac6d14be877dc7

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libegl.dll

Filesize
394KB

MD5
b1e94d2c5465efd8364c50864d753d47

SHA1
7bdca5b487b0b782c8942e2655b1934562af5307

SHA256
e28676cc24662a0dca7264af64a629769398cb6856c4b015c4139ad35846d635

SHA512
4fc7abbd8a397eca852fedd30a8f442f39c2ab6b978585f596acb0f58c34c0014d4561245f0a6ffac191a2ca7a65a5e1d2d4c2af348fd9c651074a2e96beaf96

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\libglesv2.dll

Filesize
6.4MB

MD5
d10aa3388c04ed6c28c0e280a050e83b

SHA1
4c53a9657f11fe3412f4ae810628955437e2e2ac

SHA256
13dc4387ac9b6abb2c638637f16eb4b553e4f7b9a167644cb21d46a816fdf805

SHA512
221ef26ba7586550a4a97583fbf648e3c358a1de3e9718101a7c3e2a8e0e83eae17fe6647d1d3ac32911763fec4f0a5262a7239f5ad11ce6c8ac6d14be877dc7

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\locales\en-US.pak

Filesize
313KB

MD5
3f6f4b2c2f24e3893882cdaa1ccfe1a3

SHA1
b021cca30e774e0b91ee21b5beb030fea646098f

SHA256
bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f

SHA512
bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources.pak

Filesize
5.1MB

MD5
7fd8c5f2e763aa919775b9dccac733de

SHA1
0192874c667b10b9da77e97b9897e794121f4e5c

SHA256
5cffe876882d9f5acf5e2dbc5629b0083a2d3c87e7f57c0992ea5a4c720bf38a

SHA512
977881e62fb96130f9a042b015e7e22ad4ae5ec63b6a73946783d63dd983b8edca021cd6d822ce51828451b2a94c4a20584802b495feaa863aaf6b2660643ff5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources\app.asar

Filesize
4.6MB

MD5
601c17da36e2291f43925ef313b338d4

SHA1
cbcc577b9640c02bd0342387ed280b0bfb9f68d7

SHA256
c9389005bbe6e9321bc3771f96f900c881196b9266cc5f8330c987b78b4b2609

SHA512
e7faaf0446ce7403fce90a2d15a3a2dee50b2f244c19f25c48d68fcfdf264559d964e421f9f884f443f242dce6256a0d888d42a8835c35511fbb88d7220066d7

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\resources\build_info.json

Filesize
85B

MD5
c80c4f7cde5a7207861dc9509792629c

SHA1
fcd0d8b3dcf21c1fd4ae26f46496294a0ccbcd1e

SHA256
9f57e7a708998fd5b0dde9bd4102c446cf428d99ba74b58fab5e1f74b21c1d0f

SHA512
f1702ac91f2ab1962651634ff7a13625f6dfa136b46fc3e2da5d03f8a2186b0991313596311583ab6206ec7ba68761d7cb7bd51eeffb8204c44b6bee291303b0

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\v8_context_snapshot.bin

Filesize
585KB

MD5
b59edfc69aba2f4c433d5b0861d9ac31

SHA1
a2adeb4d3b45170351d1c8ba0dafde71fe35b9c7

SHA256
82c3df9c5e8f300b1af7b1d070163b43648a762acff0ce78f801382d9cd58d16

SHA512
b737160e99b6baa6f960316a223b47690335372ee2d9bf0331e331041dd2e8f727805377ee673e3ace494af01914d301b7e27c5fe5f6642ee5d08afa5442f8f9

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\vk_swiftshader.dll

Filesize
4.3MB

MD5
ead6d1beae6064f66863d9008ebcce13

SHA1
1a5118000490e4887e1fc16fc4c0ff1594a022c9

SHA256
370c32dca7ff5105972b62d4185384b0d19f361d5e51454931779ab639b88e11

SHA512
4e059cb97877b2872717aed09eb14f3be9709506e95277c349429906fcad72ab206e096219806a4d868c247eca06a5e79d3fc7773fcd2811886c1654f9215452

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9013\vk_swiftshader.dll

Filesize
4.3MB

MD5
ead6d1beae6064f66863d9008ebcce13

SHA1
1a5118000490e4887e1fc16fc4c0ff1594a022c9

SHA256
370c32dca7ff5105972b62d4185384b0d19f361d5e51454931779ab639b88e11

SHA512
4e059cb97877b2872717aed09eb14f3be9709506e95277c349429906fcad72ab206e096219806a4d868c247eca06a5e79d3fc7773fcd2811886c1654f9215452

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9013-full.nupkg

Filesize
90.2MB

MD5
62ae8da110ba3b8634d00cbcbb436ff4

SHA1
a73292eb7b261d649c969f36d802562f1b65752e

SHA256
fc49f3a87706894cb6ea1252ae8e0806d3f439ab14e458e30fb4438534672adc

SHA512
1538d46cafd5cde728acbf8d527cac471992ed967cb0f2f9c3fd51c636ac5adc45bb278eb8e181456b5aa81fda6b4b1691ec3cee8d64c9f1bb28d26806bc1e0d

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES

Filesize
80B

MD5
d634439696544cf2b474a1177f99f3bb

SHA1
77e448b51ffb7928b9bb794fed6a976df8bf50f4

SHA256
b48098fab12e9cfb5fe016c64cd22d089eacc4b942202745a5a9fb756b7d8aaf

SHA512
a76558119c3eeaf120b27653af2b275e960fb10e1c094cd9b0fd5ca37fb84febb3e3ae7946d8ad9a97677d32a634b397d3b9cc1ec58dbb0dfd9ff14adfe4230d

Download Submit
C:\Users\Admin\AppData\Local\Discord\update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
39KB

MD5
6a3bb9c5ba28ee73af6c1b53e281b0cf

SHA1
d96e403c99c1707f82ea29c2c1f134e792c64097

SHA256
2f5adfc38558162578ffe112229f10417fbc4b3df025d153d4e22a0c95177740

SHA512
6c4844f70969938339cb6716a834a79e1a8379459c87b983c2518b9cbb560cb2f101aff980f682989928523be6cdc99bde3bfd8137f9c54a58191b900b580fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
1.1MB

MD5
115c64871c0bb9d4470f64f1ee9d44df

SHA1
be0a739f3845d5056efb2723872044352ffdb217

SHA256
251cec697c21ac035cf058fc820107ae68a6dc31c2258f62b8ca31d9e7330587

SHA512
a4ab98c810dc572d53dd56c3af7f8dd1f937d7711eb386bbee0f65fd485fa265073c3c94facb961117055303a628695e11c24070c0d71c8f91375e8e46b77022

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
180KB

MD5
7f4148385408f18e61c997a6bd4d52f5

SHA1
aaac74a9531ee11228d2845f0096e2acdaf68242

SHA256
c882c824f1c1eca6536012defd98c86e2c44fb3969f9bbbed90e5df6968f551c

SHA512
0447fa8d70e41a684b2fcfbe03672d1551048249aeb506d9d94e2185000dd31e2cebcadccf2c388e67364ef7cf1f87e5fa0aba4685768e7c835c3e24f3717176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0fb441e4cb8f75e6239b8aa1de4f34c5

SHA1
b7e5fe3a3392d420c5dd7122e7b5b7153f410fad

SHA256
3580a318242742f99d633b642ef69bdf6d7e2c047fa4aceea5b83c8acdfe7d70

SHA512
d91bb8ccc5633fc5719e5e04d41ce6501186c53d328994d5008605b1b46a48e2c786ea4b8d788d23f10e25b3dbe41cc454e2559968459ffa08a90c209858c068

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
c4ec9328dcd0170219f5b1c85efdab2a

SHA1
1af89c427cab543325fcfff659fb968a68ab805b

SHA256
944d462f8da5277f9c38056b5074146bb400c6b8c107ff9e000a2c2719a52ecc

SHA512
b8d596252d69113c90e7b0427af24a9b496302052e8e010399905b10c0ae0c1c9dfd5838340112dfeb7f9c07c0486a7504fbe22c16a8cedb086c72b4bc06caa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ec66a5037cf4d433d453c3867800de1e

SHA1
2c33d2038bf0c5099cc74ead1922f3516aded389

SHA256
9b6b96c0e12faaf4b7f6360364921f2cd7d1a55fa9f8ecc2ce1fd0a9ccc551ef

SHA512
80b8c343f9030f97880edf852b46dc2f0ab638082882e47137e726649d526488b24ed5f81fd7ded058d26f90be485208c758289776de443b98c6a1147d5deac6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
e01de9ca38eda70e8cffed1696a44567

SHA1
5fc8339c8fda991d051065f469c7a98972b6cdf2

SHA256
81a1b3193339ae3f20b96e9175e387fda089a9696e70863dd025ecba50f7c3cc

SHA512
1485339028380ac48e480d8ff692fd08b75a571b1b513f57085e1d21c3916acdeadc3461bc3ef7f2783d110c2f20386dbc18205235e79c961431a5aff42c8582

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
182487a141dbec6a6a224938546ea167

SHA1
83c43d89b772cb91f4ea5b5465e3a3431a1a76d1

SHA256
703d7345c3bc03728d1bbcf5588948fc9aa745dcd061cb455884bd292de2d51c

SHA512
aa155a688788818525242dc761ae075378951d7752bc08c9e23401fbdd7b5062f09ddb9c37ab09fd6176890086d2004dfa72ff440325579f836f86f00fc12571

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
174f4dc4972cae61b77154ece3345c48

SHA1
ad834b49d83324d8f35385718d8b58139d6e69dc

SHA256
3962ed4cf7769b33dd09b2fbfdfff231b41844435b95832f4f8baa05d768b9c0

SHA512
e2823b8ad3f056aee08d076795752d56deb7b6e21269dbe4b30b46a942426fa5e52afcdc5c1b434ed71293906fe3ba27c4d612baa49bf0a612ea5c43140ccb8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
59aad8a86b0b325ce5dac55bf371604a

SHA1
33137a4bd9b357bb902134fedb4cb00dccf8c405

SHA256
15e7b49bc5d31588bbd59604e2c95fa0df48f698e2ccb4dac3dbc860cf677fba

SHA512
a70aadce62471bd0044fb924000417b062ce5de073955b0a9beae49db7802481398ffa12b0b96933dc50955675afb3ef3cd00ca0699b4ebb9e6c831456762a9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1532922ed4717451b8be03b91e310216

SHA1
3ecbfc3745435b3eda4ebc190f6c0e6a62bbeae8

SHA256
2ac67670531a7ea7eedc8c79ddf0e9df58f47be1e1cecdc607ba175fe0cb1f36

SHA512
6c782e158f9552a57c958a540acc3079d7f6dd21dab67a50bce57d2b2ceb8f1e21bfc5e09e7306f5c8658441aadcecd204da5f2f04a9826d7fe95e6bbec6ecaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1f6309359ec069ef9ca98e7b25ffccfb

SHA1
f3c0b14e51e4ba7a2f57978339161a6a0ffe635c

SHA256
a63b950b4ae25430ea7b034531e523c33682742bfe64ee5844a059668860c936

SHA512
7a4f02cff375ce5a5a47595d3e20b54fa578fd72b8e9de0bf53e691349371017e4d461b1b61823aa4efd84856cc3786444d81b7c8e2ea87bbb7b65ce734efbf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
3271df96d6a30833f9f5d38ac1180ce1

SHA1
27d2dc337a3f6abf776e42f306af96ac40e1691e

SHA256
39c52dbef85a0c128a3715b79b89457815539d1b4d026599fa9c375413646d4a

SHA512
9872ed787b6a4b427e28d338ddd8ff866f632ecf62657c5b358d4e4c3d02c3670ee43083b7094ed0546dcdbb25ee001477a9052e186c8e76c25b590cc3e0d61e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a37f695d2427d6c131354f0daa3e36a2

SHA1
fa561f36b6bd90baae821e11c881c72568b5fdcf

SHA256
621b774844afeef02d723cd9994b48192c714b23ec4be632dcc096f521de7f7e

SHA512
2c454608763bb587f97c353e66d4cc794ad014ecef699dfb765327078d5ba945901a1b8e8de0c942d833f9e0aa23b339780e87e665733c928319ae92ccf9d9c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
614ead88cab85f862569713b2f30cd07

SHA1
df37f2dc95494eeb4be4fbbc37377be7298b1864

SHA256
8b2dd18a31e9ff32cc34d6c10ecd2728b43c21676f8efdc04176bc52874e2070

SHA512
2279d68ad36a6af80ccca0e28d9cb30158c473cd3395c8f9d0a56afe87d127505c1488abd8a8555510d7ba20501de98db7599afaa8a485cd6105064f4f01b3cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
690767bbd6da688fa9e83ec29532c87e

SHA1
76eb1b0b884886bbf019324b6fc5137555c6946f

SHA256
fe71092bb5c4b842ce48312b855d19054f83304f5ef92aada7360e75c3f29cac

SHA512
477c04b5c69f0519bd7bb8540db5580d55cf017c36e2bc4caf7d28dac85436c28353fa1d04b5e08822eda6c443914451e9a4119f0af0e28bc8207737bd86851d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ed9c99695ef4d3de8eef6dbd77f1f7a8

SHA1
8a0e1289a98b604b3eade3e97a45836c1af75cc7

SHA256
de32d99dadd422312f9c9550d6596faec7dfd00fe3ad64346e1d2a5fb68c1d28

SHA512
83a16b6770d1138c40300fba645681aec0bcba8a4132ab14404faccc11ded4717a6217fe1d7f47ac0e51168a7af5902cbcbcf392616bd4229ed91b0294fb4100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
2b6a3cba556b1586994a6c856bc5e092

SHA1
cb1c35b1347d8424cf51f11a86374299a14f7cc9

SHA256
2b8bbaeff8cbbb260430512d3c5c4751bf84e6adca682d19af3a201268b8de88

SHA512
9fd114111461b92f17c0ab9e2f441e318e4935d436056175cbadd94ffff06bf15ab70f4189d78fa4a065da0b1dc54012b4112962ff9df98795fab486fe1dbacc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
64ad09c265edd3a7864c404ba86d9235

SHA1
c83b929a5350a35f4ae38b173dad514d3265524a

SHA256
7f9c0bac67bafde833968e79ad39b8ed194ee58fc60eacf3997a7f1b6b67057a

SHA512
0b6f75f2972e6db058705cd4d4f4a28538ac55122afc4e883314e9008a488d0ac04daf1dc5c4fc5428bd579336b23b73471df06de83b5578be81235f5d253bcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59577d.TMP

Filesize
48B

MD5
3858eec331c768ad8152cc7a1cb96ab5

SHA1
4ff4fe3ebc6e7fbdd7ae01ed02c328c2abc756c6

SHA256
935e3dabac23cd1cc57c802bc3099b13c620f81cccbb70e6caf3e51b70f9229f

SHA512
0f71b326f25f3c841ac5d0f6ce03f9c62c39494909f4e9f9fc8dad3ea7d9edb6a0083b3825b75c4467678d79bfabdb82f59583190923e74cddeebdafca419bc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
249KB

MD5
e7f6c589fa5c442acac9b1fffe95b164

SHA1
726515f3fd5f15eff7cda03b68084e5d46fd11fd

SHA256
7bb3ae1140130ce618b6719ce62578c0463d1deb5175f9c876dabb2cc31db755

SHA512
b1830ec7e673c88607b122d20e101f1043fab2a2f7da60b9b308f1da106e43ea58eec25fc0ee9e787b119ffc77ede5414361d38624e963cabf4a5df50f28b67f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
c0a6076e5dfd3d4632afe51953d288d3

SHA1
ee44287af64d0f4f56849184e7f3291db3ea44d1

SHA256
0a9546adbdf0a4787e653ddc02245779f01d9d060ab9e5d6d747d9c8ff997159

SHA512
c609081f44752c111c5946d427b0f64a429ef51d31bc39ad8769fa841d49aabaa9984d710ea29b3f7718a44deeef0c3a9f6d38aca0fcade0840ae17cc2be519e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
88KB

MD5
ebe2582787a5d411911dbd21076b662a

SHA1
a306ec22348ce9195d4209b4d1ac13cc5f557511

SHA256
eda89023def05a2d9426a2bb2e3b2f3bb8608a0f12ca0489fd04d0ae459d20a1

SHA512
94d917c8a0b0840a220d796a40a8e8bbf39d611dd3db8b515fa26ac17242c80d533a3b15bcf842f7daa4d85b266926e5a7b995d63ed7d50d319fcf88748a8a21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
dbb9542ae75de59ba99a62cd1586c66c

SHA1
cd39629ea7fb1fd7e374e7b539a1ecc377a41011

SHA256
0b7e4c69f15060fcb71d57df2d71b53a10bb43fa10c6248ab3af8887980c5274

SHA512
cbca664dc543cfad66d393e20d223826db740547f5a62273e6c3408f9c6859ae189fe9421fab279c20f260d6c693eb93a6b5163c4f62fde4e064c9201ac05f08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
e0cccc642e2b0d92fb67a90243cfe299

SHA1
44267ece728e3fac040999d9515084d3574183f0

SHA256
238cdd65ffaa3a29711698410ad878f69836d82eb41ca92db87cd9a09e5c8d67

SHA512
269af5c77a20a6f494f783512dca5dd1daf06bda49cb1804381b1a12aa73084fdfe086ad250b568d700afe99f6b91c9d704dbbcfc2f724baf6facdd87386b6d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
69ac6aa5030f3a4570b9e7c936984bb8

SHA1
8dbc28d46750f0232cf00ede0c957ceea880d1d4

SHA256
f43495d48b31ffeb43ce34ea94952a3082c184788f7284990c9e225857aac8c0

SHA512
538e992aadff364a6e909042dba00042bd48d98dc78ac1f84cdb286855e6d73134b3a8ba90ad6510dcb35b39e36dd4b7410e5d549206be349c968452bf556c82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
85ebb51b944f5ee9082a3ff85e800006

SHA1
6dff585b86aa2a9aa05f7b0e615b32f51678073b

SHA256
586c52490e446a8a5734a58f31bfb11e617dc0c941de288baa751abfad4fed8c

SHA512
f0d8cd09ed51adad946b3d2565c7325bf26baeec6ea3e0d5ffc99fe6983afd46cf64d0e6692b25ea1c871d51163a6d370aa24b611d365b6cc382bed1d6a11a85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5896cc.TMP

Filesize
97KB

MD5
a375555324f5bc35b70ab1160af3ebbc

SHA1
72c43f0609585121a919902e8300043f5f35a888

SHA256
352e121d70bfcb4b6125829d895460605efcc6ab442ac2564b780671b7a7a9c0

SHA512
600862c02dca85db902e7f2d531fbf766d377e9b88ccb65b88f204675e164969a4db6baba9bb452596a5db5c051ff791db39f3e15efc04e92cffd3749d412d80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9013-full.nupkg

Filesize
90.2MB

MD5
62ae8da110ba3b8634d00cbcbb436ff4

SHA1
a73292eb7b261d649c969f36d802562f1b65752e

SHA256
fc49f3a87706894cb6ea1252ae8e0806d3f439ab14e458e30fb4438534672adc

SHA512
1538d46cafd5cde728acbf8d527cac471992ed967cb0f2f9c3fd51c636ac5adc45bb278eb8e181456b5aa81fda6b4b1691ec3cee8d64c9f1bb28d26806bc1e0d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
80B

MD5
d634439696544cf2b474a1177f99f3bb

SHA1
77e448b51ffb7928b9bb794fed6a976df8bf50f4

SHA256
b48098fab12e9cfb5fe016c64cd22d089eacc4b942202745a5a9fb756b7d8aaf

SHA512
a76558119c3eeaf120b27653af2b275e960fb10e1c094cd9b0fd5ca37fb84febb3e3ae7946d8ad9a97677d32a634b397d3b9cc1ec58dbb0dfd9ff14adfe4230d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
0baeac29996d82b96e7599e8ffb35376

SHA1
647154e3e84cfb3160cacef05137d61a70329189

SHA256
0ddb31c14fa6ec35e0caaf85f23423d3dc33fb30d6dfdcb7361694de4d7e2ad9

SHA512
a0f578e269cae62732e90647fa0c51225a8db6859f73c2db0e44cd91a1beb2676899239dba7d826976436148773e79f2ce92feb817520c9f7ca8a0ab3ea65615

Download Submit
C:\Users\Admin\Downloads\VencordInstaller.exe

Filesize
9.7MB

MD5
6159c234d82519deb907928827ea2344

SHA1
d0983cfd2d5493c430e36307223c160e67dbea99

SHA256
d0674d9d07c2c47cc8eff05dc601766775b1a73febb800216fa9415811cc47f0

SHA512
e97df398e4db6338a83d5af41c6fcc63a150be1bebad284bb526b60a0ce9b45804f86e35bc71a1ef5371e3dba0bdece83b228a4371018aeb3dd1ab2d443da9fb

Download Submit
memory/2840-190-0x00000000073D0000-0x0000000007408000-memory.dmp

Filesize
224KB

Download
memory/2840-184-0x00000000073C0000-0x00000000073C8000-memory.dmp

Filesize
32KB

Download
memory/2840-191-0x0000000005470000-0x000000000547E000-memory.dmp

Filesize
56KB

Download
memory/2840-142-0x00000000001F0000-0x0000000000366000-memory.dmp

Filesize
1.5MB

Download
memory/2840-354-0x0000000073C20000-0x00000000743D0000-memory.dmp

Filesize
7.7MB

Download
memory/2840-144-0x0000000004D80000-0x0000000004D90000-memory.dmp

Filesize
64KB

Download
memory/2840-356-0x0000000004D80000-0x0000000004D90000-memory.dmp

Filesize
64KB

Download
memory/2840-143-0x0000000073C20000-0x00000000743D0000-memory.dmp

Filesize
7.7MB

Download
memory/4556-504-0x0000000073C20000-0x00000000743D0000-memory.dmp

Filesize
7.7MB

Download
memory/4556-474-0x0000000004D10000-0x0000000004D30000-memory.dmp

Filesize
128KB

Download
memory/4556-615-0x0000000073C20000-0x00000000743D0000-memory.dmp

Filesize
7.7MB

Download