Overview

overview

10

Static

static

1

Skype_8.100.210.exe

windows10-2004-x64

10

Resubmissions

01-10-2023 16:32

231001-t2a6faca4y 10

28-09-2023 14:22

230928-rpyd4abh6w 7

Analysis

  • max time kernel
    137s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-10-2023 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Skype_8.100.210.exe

  • Size

    128.9MB

  • MD5

    d3c3efb0780a89f422ec534b2b074c46

  • SHA1

    d1ff15bd023db94036f9be3c4a2f940637fe01ba

  • SHA256

    0060f4b284311a1d9ada6de85715edfe17ff4cf9eb017f5dd8062a6f78c9e1af

  • SHA512

    d1199375f7247b8d3e2b2030e42178feb02c454f562ce74e36f70c9d755e82c6acaf0f239a73dffd47c935feb5961ff006d5e882690b08a5273adfb939954c15

  • SSDEEP

    3145728:OIw/6LnbjoLzQf7gMbmaBZQvS+IoqBCqJo2Wy9T4If:1hLnIQfkKCPqWEp

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Signatures

  • Generic Chinese Botnet

    A botnet originating from China which is currently unnamed publicly.

    botnetchinese_generic_botnet
  • Chinese Botnet payload 1 IoCs
    botnet
  • Checks computer location settings 2 TTPs 3 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 7 IoCs
  • Loads dropped DLL 33 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 64 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 19 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 5 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 7 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 24 IoCs
  • Modifies registry key 1 TTPs 5 IoCs
  • NTFS ADS 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\Skype_8.100.210.exe
    "C:\Users\Admin\AppData\Local\Temp\Skype_8.100.210.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Windows\SysWOW64\msiexec.exe
      "C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\Skype\Skype 07\install\Skype.msi" AI_SETUPEXEPATH=C:\Users\Admin\AppData\Local\Temp\Skype_8.100.210.exe SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1695937399 "
      2⤵
      • Enumerates connected drives
      • Suspicious use of FindShellTrayWindow
      PID:2356
  • C:\Windows\system32\msiexec.exe
    C:\Windows\system32\msiexec.exe /V
    1⤵
    • Enumerates connected drives
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding A9F85E29B00C33C7B8297E9450CDABE9 C
      2⤵
      • Loads dropped DLL
      PID:2488
    • C:\Windows\syswow64\MsiExec.exe
      C:\Windows\syswow64\MsiExec.exe -Embedding BD9660538652C7DE99E1A0646A0DC56F C
      2⤵
      • Loads dropped DLL
      PID:2392
    • C:\Windows\system32\srtasks.exe
      C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
      2⤵
        PID:1924
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding 70B6285001C3624386BFBDCBF0700FBF
        2⤵
        • Loads dropped DLL
        PID:4552
      • C:\Windows\syswow64\MsiExec.exe
        C:\Windows\syswow64\MsiExec.exe -Embedding 595249566F4FA51AE1E36FDE9D4E5206 E Global\MSI0000
        2⤵
        • Loads dropped DLL
        PID:4104
    • C:\Windows\system32\vssvc.exe
      C:\Windows\system32\vssvc.exe
      1⤵
      • Checks SCSI registry key(s)
      PID:116
    • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\SKLaunch.exe
      "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\SKLaunch.exe" skype_cn.dll cYreenQilloss
      1⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:216
      • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
        "Skype.exe"
        2⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        • Checks processor information in registry
        • NTFS ADS
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:4160
        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop" /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Crashpad" --url=appcenter://generic?aid=a7417433-29d9-4bc0-8826-af367733939d&iid=bcbed967-f0fb-4357-b211-22f744d4a90d&uid=bcbed967-f0fb-4357-b211-22f744d4a90d --annotation=IsOfficialBuild=1 --annotation=_companyName=Skype --annotation=_productName=skype-preview --annotation=_version=8.100.0.203 "--annotation=exe=C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=19.1.8 --initial-client-data=0x5a0,0x5a4,0x5a8,0x59c,0x5ac,0x78b3398,0x78b33a8,0x78b33b4
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          PID:2252
        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 --field-trial-handle=2220,i,15845421661899574779,17401461563629510886,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          PID:2592
        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop" --mojo-platform-channel-handle=2468 --field-trial-handle=2220,i,15845421661899574779,17401461563629510886,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          PID:2292
        • C:\Windows\SysWOW64\reg.exe
          C:\Windows\system32\reg.exe ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "Skype for Desktop" /t REG_SZ /d "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" /f
          3⤵
          • Adds Run key to start application
          • Modifies registry key
          PID:4620
        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop" --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --ms-disable-indexeddb-transaction-timeout --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2892 --field-trial-handle=2220,i,15845421661899574779,17401461563629510886,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --skype-process-type=Main --skype-window-id=__MAIN_ROOT_VIEW_ID__ /prefetch:1
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Loads dropped DLL
          PID:5088
        • C:\Windows\SysWOW64\reg.exe
          C:\Windows\system32\reg.exe QUERY HKCU\Software\Microsoft\Skype /v RestartForUpdate
          3⤵
          • Modifies registry key
          PID:468
        • C:\Windows\SysWOW64\reg.exe
          C:\Windows\system32\reg.exe QUERY HKCU\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice /v ProgId
          3⤵
          • Modifies registry key
          PID:4132
        • C:\Windows\SysWOW64\reg.exe
          C:\Windows\system32\reg.exe QUERY HKCU\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\microsoft-edge\UserChoice /v ProgId
          3⤵
          • Modifies registry key
          PID:2432
        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          "C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop" --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar" --no-sandbox --no-zygote --enable-blink-features --disable-blink-features --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --ms-disable-indexeddb-transaction-timeout --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=4080 --field-trial-handle=2220,i,15845421661899574779,17401461563629510886,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Loads dropped DLL
          PID:5052
        • C:\Windows\SysWOW64\reg.exe
          C:\Windows\system32\reg.exe QUERY "HKCU\Software\Microsoft\Windows\CurrentVersion\App Paths\msedge.exe" /ve
          3⤵
            PID:2264
          • C:\Windows\SysWOW64\reg.exe
            C:\Windows\system32\reg.exe QUERY "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\msedge.exe" /ve
            3⤵
              PID:1924
            • C:\Windows\SysWOW64\reg.exe
              C:\Windows\system32\reg.exe QUERY HKCU\Software\Microsoft\Edge\BLBeacon /v version
              3⤵
              • Modifies registry key
              PID:1352

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\SKLaunch.exe
          Filesize

          54KB

          MD5

          8b58f37fefc0665fff67f2b8c7d45d2b

          SHA1

          eac428a1b047cb58b211db3f3d0e2c188b0f6709

          SHA256

          4994600f901938b072bac73c78b2ca14302a54144fde1d9d53062be5df628b8b

          SHA512

          b897b68232db4281fb742ca7c678436a4f2745c7993f6fb7f44ade86f92c1dfd47e1e166bf9fe7808c5ee57b7be74dd067308caead23f684ce44d7243d3685ec

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\SKLaunch.exe
          Filesize

          54KB

          MD5

          8b58f37fefc0665fff67f2b8c7d45d2b

          SHA1

          eac428a1b047cb58b211db3f3d0e2c188b0f6709

          SHA256

          4994600f901938b072bac73c78b2ca14302a54144fde1d9d53062be5df628b8b

          SHA512

          b897b68232db4281fb742ca7c678436a4f2745c7993f6fb7f44ade86f92c1dfd47e1e166bf9fe7808c5ee57b7be74dd067308caead23f684ce44d7243d3685ec

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          Filesize

          117.6MB

          MD5

          188593a45e0f57549721c6b95bf4cdcf

          SHA1

          125a230b1aebb90e71dac65c8144d851e4e86f71

          SHA256

          ca04e2b1ea25c8c11b6d04f50087fbe13db53a31b6f4ae0e2feb370bbe4dd798

          SHA512

          1adf1d278baf1524dc15767cb3a1c6931d39517eea19bbd8fda12d4b90be221835b771138976d6ce5d212b23ea3154a6c68b7357bd204f694695762b0c872d43

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          Filesize

          117.6MB

          MD5

          188593a45e0f57549721c6b95bf4cdcf

          SHA1

          125a230b1aebb90e71dac65c8144d851e4e86f71

          SHA256

          ca04e2b1ea25c8c11b6d04f50087fbe13db53a31b6f4ae0e2feb370bbe4dd798

          SHA512

          1adf1d278baf1524dc15767cb3a1c6931d39517eea19bbd8fda12d4b90be221835b771138976d6ce5d212b23ea3154a6c68b7357bd204f694695762b0c872d43

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          Filesize

          117.6MB

          MD5

          188593a45e0f57549721c6b95bf4cdcf

          SHA1

          125a230b1aebb90e71dac65c8144d851e4e86f71

          SHA256

          ca04e2b1ea25c8c11b6d04f50087fbe13db53a31b6f4ae0e2feb370bbe4dd798

          SHA512

          1adf1d278baf1524dc15767cb3a1c6931d39517eea19bbd8fda12d4b90be221835b771138976d6ce5d212b23ea3154a6c68b7357bd204f694695762b0c872d43

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype.exe
          Filesize

          117.6MB

          MD5

          188593a45e0f57549721c6b95bf4cdcf

          SHA1

          125a230b1aebb90e71dac65c8144d851e4e86f71

          SHA256

          ca04e2b1ea25c8c11b6d04f50087fbe13db53a31b6f4ae0e2feb370bbe4dd798

          SHA512

          1adf1d278baf1524dc15767cb3a1c6931d39517eea19bbd8fda12d4b90be221835b771138976d6ce5d212b23ea3154a6c68b7357bd204f694695762b0c872d43

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\Skype_cn.dll
          Filesize

          5.6MB

          MD5

          060f6ef565cb76d8b67ea2a205de4197

          SHA1

          3acc92f472e3c3521e3b7eaf67c88bd06ad62568

          SHA256

          b1476403d69f836992f6b1b27d70504ed442225bb3565dd8efdf2f03379c44a0

          SHA512

          7530d48c2be0021daf39e9da38805de1f71f965ae0fda51abbcbaabf50b8fc4643558525d5ac23b44ebb057c9833893d200ff260c5277a1a6425cd6c14c76573

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\chrome_100_percent.pak
          Filesize

          125KB

          MD5

          0cf9de69dcfd8227665e08c644b9499c

          SHA1

          a27941acce0101627304e06533ba24f13e650e43

          SHA256

          d2c299095dbbd3a3cb2b4639e5b3bd389c691397ffd1a681e586f2cfe0e2ab88

          SHA512

          bb5d340009cef2bcb604ef38fdd7171fed0423c2dc6a01e590f8d15c4f6bc860606547550218db41fba554609e8395c9e3c3508dfa2d8b202e5059e7646bdcef

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\chrome_200_percent.pak
          Filesize

          174KB

          MD5

          d88936315a5bd83c1550e5b8093eb1e6

          SHA1

          6445d97ceb89635f6459bc2fb237324d66e6a4ee

          SHA256

          f49abd81e93a05c1e53c1201a5d3a12f2724f52b6971806c8306b512bf66aa25

          SHA512

          75142f03df6187fb75f887e4c8b9d5162902ba6aac86351186c85e5f0a2d3825ca312a36cf9f4bd656cdfc23a20cd38d4580ca1b41560d23ebaa0d41e4cf1dd2

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\ffmpeg.dll
          Filesize

          2.4MB

          MD5

          07b028b03161d193f49232cdfd9663c3

          SHA1

          c63a0c014d1dd989fed058007182482bb42caf9e

          SHA256

          174bd45ec7945dff159d41fb8c60a7eb88c2f6230a783a8f9d763817691246ed

          SHA512

          3c80b75bb9a11005908ad9b5e4d8e8a6c587b39b90f0d9dc34619d2e2144b36dc4d81f47c0854bd01a1e2664363376290c54741070dc35b7ba10d083ba96e65e

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\ffmpeg.dll
          Filesize

          2.4MB

          MD5

          07b028b03161d193f49232cdfd9663c3

          SHA1

          c63a0c014d1dd989fed058007182482bb42caf9e

          SHA256

          174bd45ec7945dff159d41fb8c60a7eb88c2f6230a783a8f9d763817691246ed

          SHA512

          3c80b75bb9a11005908ad9b5e4d8e8a6c587b39b90f0d9dc34619d2e2144b36dc4d81f47c0854bd01a1e2664363376290c54741070dc35b7ba10d083ba96e65e

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\ffmpeg.dll
          Filesize

          2.4MB

          MD5

          07b028b03161d193f49232cdfd9663c3

          SHA1

          c63a0c014d1dd989fed058007182482bb42caf9e

          SHA256

          174bd45ec7945dff159d41fb8c60a7eb88c2f6230a783a8f9d763817691246ed

          SHA512

          3c80b75bb9a11005908ad9b5e4d8e8a6c587b39b90f0d9dc34619d2e2144b36dc4d81f47c0854bd01a1e2664363376290c54741070dc35b7ba10d083ba96e65e

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\icudtl.dat
          Filesize

          9.9MB

          MD5

          d28641aac16f15b25a3370171299106f

          SHA1

          0aabe57f76173b2e21c8cd2d3ee6c9fe161425bc

          SHA256

          7de21b3192f4a99e3433dede998743ea9e896f5a70ce6c16bf159871fd5b0e00

          SHA512

          4a9afaecaf242812c788030efa59e9d8e57c361761a74399dbbff5869f00e37da18c0a3342353c38612455481b84b090aabae9caf58aa1302640ce308da4ba54

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\locales\en-US.pak
          Filesize

          112KB

          MD5

          a85c703969e69a5a6f7e379635fa42a5

          SHA1

          8c765404e54070c14ab49d2d1ef54d2a3a2f7ea6

          SHA256

          a9c5b333440a42b95b2ef043fecb95a2d2f4b2d0601be639643d01d86be3ba83

          SHA512

          8ab1106fd6f410164dece0e4f6cc67e57b8bfc72864b47a665f81d67d4028464e69f7c7f4e283956fe0556f71779cceb66466b0cd37f434dbdcb7d4f59492b82

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources.pak
          Filesize

          4.7MB

          MD5

          c98d9b704da20264eae352f9d2ef59df

          SHA1

          c21997a61346b8f12c9b3760fe4f4af67dd2ec53

          SHA256

          00f2f4e7825cde5e68e039f68cb0c41cbf72eef2013a0eb50995ae090735d251

          SHA512

          71f414f9537f1aa705f06d9fcd95769340c9464574f646b5805e90d43da1fd69af6493ad77e65c7632d0efe5dc397dcad2c05f2f147cf283b60b168b061728e3

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar
          Filesize

          50.4MB

          MD5

          4fd3239c13ceaed643fb422a49a4af5d

          SHA1

          c7c5229c7a88e2336a2cbe58fb0755cbccbbb9fd

          SHA256

          d18ee4c941f8ca6ade5b0b2b3ea3886e3c819d31590d5e89ac5f8eedf648cfa0

          SHA512

          5b7e6478c4ee686c2d5ca41c46dcb948f1a4924b040e5247b595eb0a659dd80be3330c22801887d337f61c64a021e87c0520bb300227266583580c4abab4821d

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\RtmControl.dll
          Filesize

          118KB

          MD5

          9bf73bd8f4200edc712ae195dac4975e

          SHA1

          de8efa7eae6e4dbb17d569a5faea5c60cfdb9066

          SHA256

          2803432011999ec68288a49fd901bd99e2059e95df24daeacb4ab44c6779860f

          SHA512

          d77d4a2ebf6ea504fac06535a2b87e24dd9eb503d4ba6c6e53bcd556689eb1e03443e44dd7a63bc8248e130641553c7f40b04d5d1d19f503ad20b4fc758dbba9

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\RtmControl.dll
          Filesize

          118KB

          MD5

          9bf73bd8f4200edc712ae195dac4975e

          SHA1

          de8efa7eae6e4dbb17d569a5faea5c60cfdb9066

          SHA256

          2803432011999ec68288a49fd901bd99e2059e95df24daeacb4ab44c6779860f

          SHA512

          d77d4a2ebf6ea504fac06535a2b87e24dd9eb503d4ba6c6e53bcd556689eb1e03443e44dd7a63bc8248e130641553c7f40b04d5d1d19f503ad20b4fc758dbba9

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\RtmPal.dll
          Filesize

          890KB

          MD5

          c050ae86e31a48937503a7271e37cfeb

          SHA1

          b86b5495d570fad442f611900295f28b4c75817c

          SHA256

          c6da73ed4a2f6524ba90e2f7944e967369348bd49002b1caba8831188071c837

          SHA512

          447787c877b524cc9c1e51c700dfe2dfee0195ea3f3e667700cc69e9023ac9f2d83d9738b4613c53c9a6a3119abcfec5c27bd909ec57562688d05765f7c734c8

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\RtmPal.dll
          Filesize

          890KB

          MD5

          c050ae86e31a48937503a7271e37cfeb

          SHA1

          b86b5495d570fad442f611900295f28b4c75817c

          SHA256

          c6da73ed4a2f6524ba90e2f7944e967369348bd49002b1caba8831188071c837

          SHA512

          447787c877b524cc9c1e51c700dfe2dfee0195ea3f3e667700cc69e9023ac9f2d83d9738b4613c53c9a6a3119abcfec5c27bd909ec57562688d05765f7c734c8

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\call_manager.node
          Filesize

          2.1MB

          MD5

          a513c5089351d9f9c5c2abfd25da9cdc

          SHA1

          db3c70dc101b94be0d939d075b8426e9ec617855

          SHA256

          dd85cc5855905490b41243895f2a8a28b8c96dc3dc5c31c821e1beb39f703497

          SHA512

          87eb286e199958d4334f2224c48f30a490ac54313513769f24b45d647c4be565dff082cff0f680f6e50a3f7484ff4683bc046fe10c579d4737639ecacf615f81

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\call_manager.node
          Filesize

          2.1MB

          MD5

          a513c5089351d9f9c5c2abfd25da9cdc

          SHA1

          db3c70dc101b94be0d939d075b8426e9ec617855

          SHA256

          dd85cc5855905490b41243895f2a8a28b8c96dc3dc5c31c821e1beb39f703497

          SHA512

          87eb286e199958d4334f2224c48f30a490ac54313513769f24b45d647c4be565dff082cff0f680f6e50a3f7484ff4683bc046fe10c579d4737639ecacf615f81

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\electron_utility.node
          Filesize

          825KB

          MD5

          3e146137835ffdc10e139fb0ea5536e6

          SHA1

          21ab924fe0f68a2db13aab800cf1638b5dacc927

          SHA256

          50950f25b60b078bbf7060ca6ba0a76b897ba9133f690b03b06e41443638abf9

          SHA512

          cafea8ed0552c05a77dc83316309d8aa5e2dea35284a5c850b66355889a400913b4aa44cf6fc4f881ea9fe1d4e6e5efb5ae6b10e14a3568a9937d7101b039e8b

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\electron_utility.node
          Filesize

          825KB

          MD5

          3e146137835ffdc10e139fb0ea5536e6

          SHA1

          21ab924fe0f68a2db13aab800cf1638b5dacc927

          SHA256

          50950f25b60b078bbf7060ca6ba0a76b897ba9133f690b03b06e41443638abf9

          SHA512

          cafea8ed0552c05a77dc83316309d8aa5e2dea35284a5c850b66355889a400913b4aa44cf6fc4f881ea9fe1d4e6e5efb5ae6b10e14a3568a9937d7101b039e8b

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\sharing-indicator.node
          Filesize

          104KB

          MD5

          b85aa65c3bccef462fac746706a25ebb

          SHA1

          4764f91be0d9fbdaf605b54d61f4358f66d2c7ec

          SHA256

          1d9aa19efa02d7ae0c70670d3d7a6a3021df86d5b3402f2a6c86eafeabd0f50d

          SHA512

          ca332e11e948e9fdfc043dbd50829e353707f276c9d8aa40f2d471d6eb16dec2d11bd33ce7e3e079c6461716dd1f4e5d524edafd11d3d3e03bf39624cf3a40c7

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\sharing-indicator.node
          Filesize

          104KB

          MD5

          b85aa65c3bccef462fac746706a25ebb

          SHA1

          4764f91be0d9fbdaf605b54d61f4358f66d2c7ec

          SHA256

          1d9aa19efa02d7ae0c70670d3d7a6a3021df86d5b3402f2a6c86eafeabd0f50d

          SHA512

          ca332e11e948e9fdfc043dbd50829e353707f276c9d8aa40f2d471d6eb16dec2d11bd33ce7e3e079c6461716dd1f4e5d524edafd11d3d3e03bf39624cf3a40c7

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\skypert.dll
          Filesize

          3.0MB

          MD5

          ab0997523bba3af630b94fae18432c60

          SHA1

          03e9d2dc63535334c9a96d637a45a6de5384b4a6

          SHA256

          1100fe8a94019041165823fc97d24c4d7c965d3641aadb10ac39093ac0143aae

          SHA512

          a243a3954d194aa26d6b17eb16a9c768e69aaa5e050320fcf2f2a8cca15ad3f2daf0d2d56992d8febdf3b9ca3e6a0f80ab425a2d836b72271cc1f7ffe002b0fc

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\skypert.dll
          Filesize

          3.0MB

          MD5

          ab0997523bba3af630b94fae18432c60

          SHA1

          03e9d2dc63535334c9a96d637a45a6de5384b4a6

          SHA256

          1100fe8a94019041165823fc97d24c4d7c965d3641aadb10ac39093ac0143aae

          SHA512

          a243a3954d194aa26d6b17eb16a9c768e69aaa5e050320fcf2f2a8cca15ad3f2daf0d2d56992d8febdf3b9ca3e6a0f80ab425a2d836b72271cc1f7ffe002b0fc

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\wam.node
          Filesize

          1.0MB

          MD5

          b0b03f8195ef9824e3cbd300eff2decd

          SHA1

          553040e525b5c53e3d2a076f347fd9c1606ea6ec

          SHA256

          35a6978279c219df1988ed6cb2972b5dddc504fdad90a773ec9f4b834d8bd314

          SHA512

          91e51a230c15a02b48cdca40db4d7879987a7563d24e9a8f6ccaed0b545eef4f80048e15ed3c47ec0d463ecce2bdb9896ff4d3dc3a399ee2b215db3d1a75d426

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\resources\app.asar.unpacked\modules\wam.node
          Filesize

          1.0MB

          MD5

          b0b03f8195ef9824e3cbd300eff2decd

          SHA1

          553040e525b5c53e3d2a076f347fd9c1606ea6ec

          SHA256

          35a6978279c219df1988ed6cb2972b5dddc504fdad90a773ec9f4b834d8bd314

          SHA512

          91e51a230c15a02b48cdca40db4d7879987a7563d24e9a8f6ccaed0b545eef4f80048e15ed3c47ec0d463ecce2bdb9896ff4d3dc3a399ee2b215db3d1a75d426

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\skype_cn.dll
          Filesize

          5.6MB

          MD5

          060f6ef565cb76d8b67ea2a205de4197

          SHA1

          3acc92f472e3c3521e3b7eaf67c88bd06ad62568

          SHA256

          b1476403d69f836992f6b1b27d70504ed442225bb3565dd8efdf2f03379c44a0

          SHA512

          7530d48c2be0021daf39e9da38805de1f71f965ae0fda51abbcbaabf50b8fc4643558525d5ac23b44ebb057c9833893d200ff260c5277a1a6425cd6c14c76573

          Download Submit

        • C:\Program Files (x86)\Common Files\Microsoft\Skype for Desktop\v8_context_snapshot.bin
          Filesize

          596KB

          MD5

          9cf618687bbd261c2027bf10671a7b73

          SHA1

          c0231f7fd1fb116067478338c9d69bbe0ec57d0d

          SHA256

          9cd23cfe0e627d930127cf27442be319a5548aa4f039d04a9216371236fede9f

          SHA512

          eceb31bd6974d2c16b3cabbf821c058845ca8c02f1482caa95bf3c5acd41c6a25c3d7940dd8f0ff510c05b41d7b8e2246e3e9e9a17e84d31e504104a2a9c4239

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI885B.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI885B.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8ACB.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8ACB.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8B2A.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8B2A.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8B2A.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8BD7.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8BD7.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8BF7.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8BF7.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8D7F.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\MSI8D7F.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\CS_skylib\CS_shared.tmp
          Filesize

          2B

          MD5

          99914b932bd37a50b983c5e7c90ae93b

          SHA1

          bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

          SHA256

          44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

          SHA512

          27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Crashpad\settings.dat
          Filesize

          152B

          MD5

          12be4c92c0414be4e149d0992ae75023

          SHA1

          5515f9bbae4864ecc4239d55bd2f08e742ce0b26

          SHA256

          32375dc9813976794d8146b93ec7042d649fd21162099ebe219b9f596c2ccf85

          SHA512

          3305af0b954ebc4da8ceeaa25a7dd8c484fba32ec73496bac1bf68bba2eb5a9137cb9dd12ee891177386d375a270cfb835a6f2bf305632a2d67c5a0e8f9e5cf7

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Network\TransportSecurity
          Filesize

          370B

          MD5

          dfdb8048433a846de6637c223ee6134d

          SHA1

          abe2492b0a981da9a530adb541a416c8a10c6961

          SHA256

          b26fc9b1937894ee32a444b4bb8a076ca364bc223a51ec548c4c41ba8f386faa

          SHA512

          185d9377e1da96e763ffc0d3c74a7fb759a0c82b0aedc9d988ba7bd7125e0a768ed23c9fe569b8f8effe16ca6c4b0dd4a6294c1c21d6f07a180bb9b632645a00

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Network\TransportSecurity~RFe595cdc.TMP
          Filesize

          203B

          MD5

          d63099f94bded745dfe697ff0e687146

          SHA1

          79a2961841485c83bcfb0704308319db0b0d720c

          SHA256

          55bc90051994cc2536f55557238829575b0092133dc7dd37dc032f273c6dd83c

          SHA512

          9814e9065a5e46620097bb5b3ffa48cf650e00e7fa9ae4f6323a099d2e74103a4ead7d1b4c04e6c05cee024ac19d195b75c8b744afd6aeb18b481ea473030548

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Partitions\6a85f13d-3d1a-4907-ba95-4475d48ab802\Local Storage\leveldb\CURRENT
          Filesize

          16B

          MD5

          46295cac801e5d4857d09837238a6394

          SHA1

          44e0fa1b517dbf802b18faf0785eeea6ac51594b

          SHA256

          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

          SHA512

          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Partitions\6a85f13d-3d1a-4907-ba95-4475d48ab802\Network\TransportSecurity
          Filesize

          369B

          MD5

          b36abb4a3c2966429bbf00a2998cdb2d

          SHA1

          2507ad5937c60d4134108e66368f109dee452bf4

          SHA256

          a1f431dbc43d6fe633ac2fe59da1123307b680993446fafa90e5abe35d31462f

          SHA512

          d117cc86474901d242d192d908961d7553ae0371eec45bea2563ad7e04424345b60f8441edb549fe33f8227471e8dadd3d6df86dd9dbb7d5e3e7ecd967d8020f

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Partitions\6a85f13d-3d1a-4907-ba95-4475d48ab802\Network\TransportSecurity~RFe5961ae.TMP
          Filesize

          203B

          MD5

          40da75f29ebd3ef2dd02590f2ec7b716

          SHA1

          00e21d94971e5f1b8476e66acede1355f150211b

          SHA256

          6a488f3fce231c71ffb76426c3a6f121ea325a949c2d1ba3e916dd570fefcb33

          SHA512

          0dab1a1fcabe9d0e00f9acc2f00d5723266c129a70d399be612f6904dce160176d2cf6149aa0fba0cf6d12075000d95c828c07ce26d00d27253988a90bef5d85

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Partitions\6a85f13d-3d1a-4907-ba95-4475d48ab802\Network\d910fd39-53b9-4640-a3d0-c65c7f751105.tmp
          Filesize

          59B

          MD5

          2800881c775077e1c4b6e06bf4676de4

          SHA1

          2873631068c8b3b9495638c865915be822442c8b

          SHA256

          226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

          SHA512

          e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Preferences
          Filesize

          132B

          MD5

          562f740dd21a64a3a938351079420bd2

          SHA1

          82deca24cfb4b47228a30339cf2ab5eafab2c89c

          SHA256

          d7b92bd319fd4d3fb81565bf88cd7aec6a68d824fdd2fc26ec1501ae03d6709b

          SHA512

          8edc4edc13dd142911b8f8f6c7695ef76e07d2b7ecc2d15fabaf62e8fa842632807d16f01d0595804c0253d7cc1268f9d8b4b8a39c0bce7decd925965b1d1a38

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Skype for Desktop\Preferences~RFe595ccc.TMP
          Filesize

          57B

          MD5

          58127c59cb9e1da127904c341d15372b

          SHA1

          62445484661d8036ce9788baeaba31d204e9a5fc

          SHA256

          be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de

          SHA512

          8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
          Filesize

          2B

          MD5

          f3b25701fe362ec84616a93a45ce9998

          SHA1

          d62636d8caec13f04e28442a0a6fa1afeb024bbb

          SHA256

          b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

          SHA512

          98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Skype\Skype 07\install\Skype.msi
          Filesize

          1.7MB

          MD5

          18194177dadf1e551a3c597f0c25f08c

          SHA1

          8523271b94c2d974535c0365e7856f625d79970a

          SHA256

          e93352a2cb8c988beb482ae4d6adeffb7ee2e9e3d4bb7261ef39d9db845bdcd2

          SHA512

          1ad4507207b36c9c1737e8e63d71cefaac13ed7c6f666ea6600a5df730520520abb3eda467cc16dfca92e860e0a74464909e503ce5b4900419bd2b8ab608f3c6

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Skype\Skype 07\install\Skype.msi
          Filesize

          1.7MB

          MD5

          18194177dadf1e551a3c597f0c25f08c

          SHA1

          8523271b94c2d974535c0365e7856f625d79970a

          SHA256

          e93352a2cb8c988beb482ae4d6adeffb7ee2e9e3d4bb7261ef39d9db845bdcd2

          SHA512

          1ad4507207b36c9c1737e8e63d71cefaac13ed7c6f666ea6600a5df730520520abb3eda467cc16dfca92e860e0a74464909e503ce5b4900419bd2b8ab608f3c6

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Skype\Skype 07\install\Skype1.cab
          Filesize

          125.0MB

          MD5

          ed5840f0684d994cfab23c04ce1f68d4

          SHA1

          1b55330c314cbc58a625701817819f3982ab4df9

          SHA256

          9593512c57e9121d0c7ec316fa6143eef80c5310e8854a52f7398971d38960a3

          SHA512

          9cf50106db7bd7c0e5eb8cb616552a97cd40875dda93f8294452a0766c47d71b263b310115c3569f85ccea440fa3aa6374831091486b428fb4aaabeb2daf6988

          Download Submit

        • C:\Users\Public\Desktop\Skype.lnk
          Filesize

          2KB

          MD5

          b391fe8a78dbce31a8b43f372b074bc6

          SHA1

          e768d9bce623f8d2e8dd96b634f98acee8a75a0f

          SHA256

          23859af4a5f2016cd050cfa69a241b83563788cb19b7f090f07f4411d0da1375

          SHA512

          36a7cc9735b5250fc8c254d7754c279a3137b2bf086486bcf2bc84e9e2ce77e32e0e602575b47b417ff5be87a89a03575a85df332871e5d4b39909120d79bea3

          Download Submit

        • C:\Windows\Installer\MSI1105.tmp
          Filesize

          533KB

          MD5

          2b6fa5bfa4831df74de91db162bfaad1

          SHA1

          83c0bf7bbdecd65bcae1757a6a400ed8606cf8ab

          SHA256

          005e3260c33fb8c8033dec123d4e71613523fc5d11b32c93c74e86a35c876740

          SHA512

          fc4739b9fc23fb13765c107aa61ea57ae965d329874c4a57a62b980bb363939c53d8a966c0bc9bb92a794ebe6e3b52672bb403f684a273bce7193164d19ecc1c

          Download Submit

        • C:\Windows\Installer\MSI1105.tmp
          Filesize

          533KB

          MD5

          2b6fa5bfa4831df74de91db162bfaad1

          SHA1

          83c0bf7bbdecd65bcae1757a6a400ed8606cf8ab

          SHA256

          005e3260c33fb8c8033dec123d4e71613523fc5d11b32c93c74e86a35c876740

          SHA512

          fc4739b9fc23fb13765c107aa61ea57ae965d329874c4a57a62b980bb363939c53d8a966c0bc9bb92a794ebe6e3b52672bb403f684a273bce7193164d19ecc1c

          Download Submit

        • C:\Windows\Installer\MSI11E1.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI11E1.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI13F5.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI13F5.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI1500.tmp
          Filesize

          533KB

          MD5

          2b6fa5bfa4831df74de91db162bfaad1

          SHA1

          83c0bf7bbdecd65bcae1757a6a400ed8606cf8ab

          SHA256

          005e3260c33fb8c8033dec123d4e71613523fc5d11b32c93c74e86a35c876740

          SHA512

          fc4739b9fc23fb13765c107aa61ea57ae965d329874c4a57a62b980bb363939c53d8a966c0bc9bb92a794ebe6e3b52672bb403f684a273bce7193164d19ecc1c

          Download Submit

        • C:\Windows\Installer\MSI1500.tmp
          Filesize

          533KB

          MD5

          2b6fa5bfa4831df74de91db162bfaad1

          SHA1

          83c0bf7bbdecd65bcae1757a6a400ed8606cf8ab

          SHA256

          005e3260c33fb8c8033dec123d4e71613523fc5d11b32c93c74e86a35c876740

          SHA512

          fc4739b9fc23fb13765c107aa61ea57ae965d329874c4a57a62b980bb363939c53d8a966c0bc9bb92a794ebe6e3b52672bb403f684a273bce7193164d19ecc1c

          Download Submit

        • C:\Windows\Installer\MSI496F.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI496F.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSI496F.tmp
          Filesize

          275KB

          MD5

          dcb6b94b4a41fabdbdbb6fe2a362681d

          SHA1

          efd8d4c271178a6cc37a265f287abfbc6ea91e13

          SHA256

          7a370cdf28500d571d1562a9ddb4977f6a837a7b095de9a7c469c7079923da95

          SHA512

          5dc3fda6012667cdf6f9a5ba96b01a4d74b0d4dc1f53ce2ad36296d79591c8eb34ec787ced4862b768523c3fa69ffef4b88ff653774357d7d5a052efde3bd87d

          Download Submit

        • C:\Windows\Installer\MSIEC0.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Windows\Installer\MSIEC0.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Windows\Installer\MSIF2F.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • C:\Windows\Installer\MSIF2F.tmp
          Filesize

          374KB

          MD5

          5e33a5224c4d523a2517ba8a96aaff42

          SHA1

          12e41a9380cc890053b5c7e19769c76bfa1608d4

          SHA256

          d64407a6d5a5d48ddefd8376d8e7732f6e5d2318cf1671cb367302d566ed958c

          SHA512

          bdb2d57de5104db15c06e5aa4b852a007ef29139750eec050cd3ee013b7df1e15376b01528e32a1859a2132452032f27a4fcd58d163dd927b4b00a6b1b2ad8f1

          Download Submit

        • \??\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\System Volume Information\SPP\metadata-2
          Filesize

          23.0MB

          MD5

          657ed601f7152f7b30460faf54d06f0e

          SHA1

          97e046afbae039387e97add44a941f47fe2e9ebe

          SHA256

          4d73b38c1f849d66a978f9f7e0086759851b0754a50a5816eff7d96e7ee512cd

          SHA512

          edf2233eb34bb4415c83e9465fbee8aa10aca889f2a382ac5c7df80e790b0d6c0456749c9d2a7559268d8b59da4986db9e2fa1508142ce1d2b848fd933854c17

          Download Submit

        • \??\Volume{692520d5-0000-0000-0000-d01200000000}\System Volume Information\SPP\OnlineMetadataCache\{98dd0a9a-e6f2-4507-af3a-d0e6ed04b605}_OnDiskSnapshotProp
          Filesize

          5KB

          MD5

          ddbed64def92a49ecb13b098ae961c0b

          SHA1

          6132b424dc707f785d1815a6099f23e9ec91a221

          SHA256

          95e4d230e4a6de2408c545268a9488ff0b5e920cb1a3e44fefe39b93dff44b3a

          SHA512

          4eb0150ba61f1fd20b00e63048dbbe00b7277c03dc7aeff5cf28cc426c8acaafd7b7e0cf21e77879c2220596464bc944e739b6bdbe536213e07c868ed4e77b3f

          Download Submit

        • memory/216-385-0x0000000074DA0000-0x00000000756B7000-memory.dmp

          Filesize

          9.1MB

          Download

        • memory/216-305-0x0000000000430000-0x0000000000431000-memory.dmp

          Filesize

          4KB

          Download

        • memory/216-306-0x00000000005B0000-0x00000000005B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/216-303-0x0000000074DA0000-0x00000000756B7000-memory.dmp

          Filesize

          9.1MB

          Download

        • memory/216-302-0x0000000074DA0000-0x00000000756B7000-memory.dmp

          Filesize

          9.1MB

          Download

        • memory/216-307-0x0000000074DA0000-0x00000000756B7000-memory.dmp

          Filesize

          9.1MB

          Download

        • memory/216-359-0x0000000010000000-0x0000000010017000-memory.dmp

          Filesize

          92KB

          Download