06035c50bb3e3f927f2b9921697438c9acead3722c70a6a35fd857f454ed7373

Analysis

max time kernel
130s
max time network
127s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11-10-2023 07:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

y8-browser-web-setup-1.0.10.exe
Size

637KB
MD5

cc6330972427884d4c58f7c0a063c815
SHA1

7d8a90cefcdf0b3291242ff1633f8942e8ba50a6
SHA256

06035c50bb3e3f927f2b9921697438c9acead3722c70a6a35fd857f454ed7373
SHA512

202f34e9c98ff25ead5a8d5153eecd50efb6dc1e8ad0fea5a1dcc50453d2fc556b1b999de6ca1f632b5b677f64d3c6755490200ca0a7100d1d52b9717ff108af
SSDEEP

12288:I+W/z69tQGx5SiDj8FrpugKgOv2PIS1uXv9LthszLPat:IvG9tQGx5BEFygOePRg63Ct

Score

4^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Executes dropped EXE 4 IoCs

pid	Process
300	Y8 Browser.exe
1696	Y8 Browser.exe
2656	Y8 Browser.exe
2544	Y8 Browser.exe

Loads dropped DLL 22 IoCs

pid	Process
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
1192	Process not Found
1192	Process not Found
1192	Process not Found
1192	Process not Found
1192	Process not Found
300	Y8 Browser.exe
1192	Process not Found
2656	Y8 Browser.exe
1696	Y8 Browser.exe
2544	Y8 Browser.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies system certificate store 2 TTPs 2 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde	y8-browser-web-setup-1.0.10.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436	y8-browser-web-setup-1.0.10.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe
2364	y8-browser-web-setup-1.0.10.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeSecurityPrivilege	2364	y8-browser-web-setup-1.0.10.exe

Suspicious use of WriteProcessMemory 47 IoCs

description	pid	Process	procid_target
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 1696	300	Y8 Browser.exe	32
PID 300 wrote to memory of 2656	300	Y8 Browser.exe	35
PID 300 wrote to memory of 2656	300	Y8 Browser.exe	35
PID 300 wrote to memory of 2656	300	Y8 Browser.exe	35
PID 300 wrote to memory of 2544	300	Y8 Browser.exe	34
PID 300 wrote to memory of 2544	300	Y8 Browser.exe	34
PID 300 wrote to memory of 2544	300	Y8 Browser.exe	34

C:\Users\Admin\AppData\Local\Temp\y8-browser-web-setup-1.0.10.exe
"C:\Users\Admin\AppData\Local\Temp\y8-browser-web-setup-1.0.10.exe"
1⤵
- Loads dropped DLL
- Modifies system certificate store
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2364

C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe
"C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:300
- C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe
  "C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe" --type=gpu-process --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=11671620544209623605 --mojo-platform-channel-handle=912 --ignored=" --type=renderer " /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1696
- C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe
  "C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe" --type=renderer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=2743363905587860295 --lang=en-US --app-path="C:\Users\Admin\AppData\Local\Programs\y8-browser\resources\app.asar" --enable-plugins --no-sandbox --no-zygote --background-color=#FFF --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2743363905587860295 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1532 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2544
- C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe
  "C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe" --type=gpu-process --disable-features=SpareRendererForSitePerProcess --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=2431930171898785480 --mojo-platform-channel-handle=1512 /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Programs\y8-browser\D3DCompiler_47.dll

Filesize
4.1MB

MD5
222d020bd33c90170a8296adc1b7036a

SHA1
612e6f443d927330b9b8ac13cc4a2a6b959cee48

SHA256
4432bbd1a390874f3f0a503d45cc48d346abc3a8c0213c289f4b615bf0ee84f3

SHA512
ad8c7ce7f6f353da5e2cf816e1a69f1ec14011612e8041e4f9bb6ebed3e0fa4e4ebc069155a0c66e23811467012c201893b9b3b7a947d089ce2c749d5e8910c6

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
59.4MB

MD5
0a81df7c71ffa789027e96d1ba866de6

SHA1
46fd08bada3da3fc55019fc7e9bcb03f2613f97e

SHA256
132a2ccdef2f910b7c170d8322c33b5ab53b647bbbf0f6f7f2ee1246791777b1

SHA512
39f9dbb8b988915d473e8ded832d9322e2b046eca9f238ddf175f06684fedea8dd9283cbae1ebb4d28e1d5ea8705330d92dc5ea4a83e315ba29adaa6d56d20a4

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
41.9MB

MD5
e370f80cc9b7d5b1a47ffcab845e9da1

SHA1
9616464cc4c8b18fd2a196650dd5a0ef57cf6e8c

SHA256
046f8bc456067e3b3e40d65089ecb1edeb80bf9c8273f95980a94ccd979c01b0

SHA512
27f3b8cccb28923c8582b5693393c39a296c23b489b2b74c81dba74fd6f2cd6fb504c23c5fbb4ba9f9ea4a0d0c474655365f284fc32fae4de6dc5495e56ad6b8

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
40.4MB

MD5
55d53465ed6d12a1217214e66697b6ae

SHA1
44bb31b285b2f97170f1520f2e75629f6ca2f076

SHA256
d8debf081357b8996af3aedfac91c2c7cf9e2ca3408ebda89c78327efe90f666

SHA512
b18db2c4fe209274a522e75f441bf9c2dc2d60501c9df802f02ebcbc776143a1f082bc33ee4490b6ab5dd1d4ed6bf32dc823b5022e8682f2af812e34c01d86d0

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
24.4MB

MD5
1a39f1a8ada58e204587b4045c7fb3e0

SHA1
eb4af041f19e7dbf12a9fcbecc76940f0a58d475

SHA256
5d2560ddbb6ca80a30ba72510e863796b341e47e4a9dab0e9f17b45735e48aa0

SHA512
4c14f48c4c01454f4207d59f64a3e6751c552ca1ecba020038c01c3dd97e62b9aeaa1653bffba630d91072c79e8c7e6570b95f8a424df86cbcd3a8f632212994

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
24.2MB

MD5
fd6a6e1bbec63ead813122c0b839e5bb

SHA1
e603fef87149fb53475d8a5b959c356465d960ed

SHA256
bd6b745e0b1b251e2aa1a836244b33de03fafd03a97a50f89dd6acf8e506ec52

SHA512
501ccf4641ac11370e499be9fcae3b7bfa0e4c024b2825c556fed7c5b576943b3a6d339b51c11e12f44a0e95093f33a5bb80c8004b576bccf4bc5919c8f1eb21

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
24.3MB

MD5
aa233a1b3fa18825bac08f80e609b02f

SHA1
7d3dfeefabc19691d739841994ef7375a2568e3d

SHA256
9fd53d72a8bbd75363f8320fca8058e72911d96b4ae3665af1b1b1ff428c9bf9

SHA512
b565acd3c857caad19db883f64534494f612e4331137583683aa4023809fdcaa69947b79fdac506b6875cbece11daba31ff9e19670fbbab70132af5a818107cc

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\chrome_100_percent.pak

Filesize
176KB

MD5
6bc3c299d9e24718c066edad063619b8

SHA1
65ae83f994992d032fbdd7544280f5cd5e240103

SHA256
971698362570b8e7dd79e9eed8aeb28443535053787e7b5e8bbf0cb477b5f99d

SHA512
99ddd1af09588b8bac7c293e3598db498f7279711ad691c80072987d55cfbe53651458a61e820d75f3bec04f119aab0f0e700a52c4b56cca2c0e3bacac19da90

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\chrome_200_percent.pak

Filesize
287KB

MD5
1cc200bc1a1c416a0f5b34d138c49d85

SHA1
777a70499eb27bda881104b581de1a242caf49b2

SHA256
7afe6e166dc44329e99c218b3f783c14ff0c67b036806d6a5247dbae694a649a

SHA512
31c4f06814ef4361a72e7bae264e754d4398d92ed5b2306ebed8625118655e8feda1df2f40c2f1a630ca2b62ee7fd34f3373203265835e791ebb90e0f979e0b1

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\ffmpeg.dll

Filesize
2.0MB

MD5
ae0c96d26055c49af357d08fae785cb0

SHA1
d31166a4c464ce11f052441d43b704c4eaf60a5b

SHA256
fc6b3f35ea158f1e7159b608116f7321ed6154f28fd475510343350bb491e5f3

SHA512
8aa2f315b8ffc7f750bc63dfa7a0731e0272e56e8056ecb3abfe8c73db210bb8e7b7a10439c31de34c79eb334ce2ec089e8676e68383f84274a94f9058c72d4e

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\icudtl.dat

Filesize
9.8MB

MD5
65c6337820fbe9bf2498a9395e3b20f2

SHA1
5cc62646e6c73b4be276d08719bc5e257af972bb

SHA256
33da1cdda18eaea52011d40ae9a610cac9f6466156e9803891ee77294607aee4

SHA512
4800f03577a46a98a4bd786dc37a380f4169540e243fdb7835e3146fba0d0e1d07a7e3ec8cd23566feb00d204d582d678698ae61db156339fe56229de0b267c9

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\locales\en-US.pak

Filesize
63KB

MD5
542df8e581c306511d5f8a9463724b84

SHA1
f0a0f22300151cd39f67e17043ef9f79ba57faa2

SHA256
52ece805cf288fdb16b60cf30ee0604583c1859d5986a7f5e42846eb5b83a7c2

SHA512
8577a4e2ee2078941816c816573bc1cfc296eaaa39ecb625783074bac47827fab3d2d0f757f528d1d556724388b15f0e10f1efb7ca1619db84fceca0471b41ef

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\natives_blob.bin

Filesize
81KB

MD5
e350965916554e65a47305a6ab27c2ba

SHA1
9d60e499a907811a3155e9a07f8645d6c83cb909

SHA256
1cae202ada016cf455abf69d583524a1d37a1371ad4efdfac4baed07c6402bdd

SHA512
c6044b769a00f887b573ad35a7f5b71f6134d2d596a54effa50710be2f528acefea53ae4a2847e16c1b4e56962d8b0fe24f1ea4a04bfe167514b0abddb4fb5a8

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\resources.pak

Filesize
8.1MB

MD5
ed65c233c69e7a685900ec99fc1d01c9

SHA1
98abbe55bdd38ce8bbba5cb383a949b6f4c76b92

SHA256
368a8cc3d0152088c28ccbd4d59323415b9c2ef3482fe9002caf3fb87fca5a38

SHA512
efe2b6fb7f658f7a561b5e29dde208a68ba4c46872995d9014107a0d06dbca0fd7d74ce30bfd73fa6aed47b2d67a5940e86359189ff1269f2f37023f4b21bc62

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\resources\app.asar

Filesize
3.9MB

MD5
fcd28a1bda6b575164ff95df26ecf0a4

SHA1
23fb706c21dc15e4a69869209b7338f85edddeec

SHA256
addd5cc586cc30ac469e805d18b408ad47f30fde3e8497434a4c70f386499849

SHA512
32c296cee6e881682572ad57cfbe91c2e522e26e89eb4916507385154a35813954fbca1480bd04fa74a6df036fae1750b322c86b31ec8e31bffe1a10a220d905

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\resources\electron.asar

Filesize
289KB

MD5
0215464aed9859ffffba7ae9f92d5a5f

SHA1
27f2ca2ef941c423788e0e5da50d43594210e2fe

SHA256
cd5c91c581616fe8a6dab41a312f63ae0fcf0f6ec1dbe6488e6f425c5f3da747

SHA512
e6c299b1fa8d59691d4420d24bf932be19e2da9bc8d4246fdaade070172cbb78d710f3cf3f7028685aa05eb2d5fc2744c7fc0ca9ba7c12d70b6edc679d987202

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\swiftshader\libegl.dll

Filesize
145KB

MD5
445cc30109fee82391cc0efbb7853eed

SHA1
b53dca42c36ff8971509cb2ac4573597b279048b

SHA256
899f8736f0689c19ab054a121d9151fe2220821d532b8a1eeb8f356494f995b6

SHA512
1ed08b28494b945f8ae714878e7c2ca21df5537d73ccf25f06f5d551d73d3173855825427c43705b08812d98885c1695f5cafbac4e7e2ced7602522d4932bf28

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\swiftshader\libglesv2.dll

Filesize
2.6MB

MD5
6c7306e21809e6eaef5da263d02a9412

SHA1
2dfa048ac73237fac4b1d63cbfe14d9b4d9cdef1

SHA256
78668930170dad42fa9ed89c1e57c1e0a5a99793721ae2d1162e903ae5886db9

SHA512
68f395a0a1ab4cb7d92b6cf772dd7f7ae1a15176c0bd7a6ea21c04c7c53b4fa0f1aeb759aa06c34cf0c00dbf9eec3a5c4c07ad364f94e654c748529da809a653

Download Submit
C:\Users\Admin\AppData\Local\Programs\y8-browser\v8_context_snapshot.bin

Filesize
672KB

MD5
672ea3db0155a4fafdf701d92349a3ce

SHA1
a819f43c28779e5560268880d001732f3fc9da27

SHA256
48b67d949d11961434bc2e738e7afee9d8bed80380f8a32ae6c281ca32cbd76a

SHA512
5c07cd9fc34897181a63aa3719be686f6e7ac56fc59df9b955f026af2d2eb5dc30942ffe1df09ec1d876bbca4c0f41b7dfaeb19a191e4823394836d90d387a0c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\INetC.dll

Filesize
24KB

MD5
640bff73a5f8e37b202d911e4749b2e9

SHA1
9588dd7561ab7de3bca392b084bec91f3521c879

SHA256
c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

SHA512
39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\StdUtils.dll

Filesize
101KB

MD5
33b4e69e7835e18b9437623367dd1787

SHA1
53afa03edaf931abdc2d828e5a2c89ad573d926c

SHA256
72d38ef115e71fc73dc5978987c583fc8c6b50ff12e4a5d30649a4d164a8b6ae

SHA512
ca890e785d1a0a7e0b4a748416fba417826ae66b46e600f407d4e795b444612a8b830f579f2cf5b6e051bea800604f34f8801cc3daf05c8d29ad05bcda454a77

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\System.dll

Filesize
11KB

MD5
75ed96254fbf894e42058062b4b4f0d1

SHA1
996503f1383b49021eb3427bc28d13b5bbd11977

SHA256
a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7

SHA512
58174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\nsProcess.dll

Filesize
4KB

MD5
f0438a894f3a7e01a4aae8d1b5dd0289

SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6

SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\nsis7z.dll

Filesize
391KB

MD5
c6a070b3e68b292bb0efc9b26e85e9cc

SHA1
5a922b96eda6595a68fd0a9051236162ff2e2ada

SHA256
66ac8bd1f273a73e17a3f31d6add739d3cb0330a6417faeda11a9cae00b62d8b

SHA512
8eff8fc16f5bb574bd9483e3b217b67a8986e31497368c06fdaa3a1e93a40aee94a5b31729d01905157b0ae1e556a402f43cd29a4d30a0587e1ec334458a44e8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\package.7z

Filesize
78.9MB

MD5
21a2f4952dfb7a2bd1e20110e80fce6f

SHA1
e7c35f6890ed876060b2162bb1055edf98916883

SHA256
9062a6dc6d95e8f302d4193ab2776bd301e00561ce6e7078fd579d2434fb6f1a

SHA512
268d8986b683e02394fdb1d98eaa7dca3e4e92d908b6a637b5744f41463d051eafb1e0e64504654a240bbcfadcee6043325a9bb5a5c62fcf75ed131d15907290

Download Submit
C:\Users\Admin\AppData\Roaming\y8-browser\Partitions\y8new\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Roaming\y8-browser\Partitions\y8new\CURRENT~RFf787e06.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
61.7MB

MD5
11a9ee0973eafd210611fd32ab5ed24f

SHA1
26f04e07a80835da2e88441ccaf1ccd07df8ae4f

SHA256
8c10b297e48dfa4be9ae32c45af46545977055e5bdaf822f7b0b45624e6d8cac

SHA512
f75a5be48abe2487d34ce65ddca96f63e1e7108d117253f5d488036aba7a89a69f04ab85f37686a16de79f5d69af0cbd3d5694a0950ee5a785af7e1539e07a40

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
51.2MB

MD5
773166d46b86fae66b8dbb071c9b293a

SHA1
54c02230ef44abcdb7af6f4f4d739ed0477fd48b

SHA256
fc66c0039f1eaab3495e104da788bc1e0cac559b5ac2fdcb8efc8d7514e6d266

SHA512
e58cec00707c8a3a3d82735817401f2f19ba76771a6886bdea5f328d24075ad8989ce2d4b392ed0fd1a42ace3718d333219e6378422bb627aa62bcf95e934b15

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
51.7MB

MD5
53c45dd1f9b3f4c6f3be2029e1729388

SHA1
158754870dc4033abfba1f152a72e13cd6e820fa

SHA256
867f17e82ed1f3d27bc3533e5e0bddb59b7560d10d65a597dfd1030f0f9d4b14

SHA512
3bcf0fe4b210a635608164d0e5710ca1a2b7577c22359dd46d41a42f954694331a2b33d110beac6762123e7883d89c3d824f161ea609c293274ddb3ce5fce418

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
51.8MB

MD5
7674ffddcad98ed8260cf7884fe4f719

SHA1
b3247f776f9dfdb1ae7057c2868d013f2f0f8469

SHA256
7d52f56823644fab57978a6c290ebbcf6af0f8695e72922f458396c3f9d59968

SHA512
3de4802cf240cbb74092382e01444f7a59aae83ae913a92e51fdfa544f92a91c9f975b47575ff56bb0503c96135ca617bb03ead4f04ad9516c6f09a64f4371a7

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
40.1MB

MD5
0c7d0e8e8bc39f9e0bd429fefe05be3f

SHA1
475191e45616168b2db351270c73444b602d208a

SHA256
5e1d3f8427a68b93b60213cf713f24a0d3f331aa701acba9bfce5951c4511ab4

SHA512
774d2b74ae8a07e941fb32586ca72db9c89fd05ff0c6d6cb93d9e3b6a662e494707013a2003cc82654d2a9d41c718170b422bab5898d6c405360159b8da269dc

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
43.1MB

MD5
393fd96f6c713092f498fff5832400b9

SHA1
53938f85e26d9ab60ae633cded3bc698b3df8c7f

SHA256
62268f624125f4649db6f01c1c3caa1e325194480fd92ee31e723ffb406615b2

SHA512
f7982fac77f2c8aa25549fde83e1a1ff5667948211a50ab83fe6cab74cd1dadf3356706cff64a1f75440fe26e10abb2ba887a5edc84d7b945122a48db44adebc

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
42.4MB

MD5
9ce3ad506ffcaa2a47736705f11863b8

SHA1
022e57f821cb5bd99a3285046aac521e138528aa

SHA256
d02834b54d0d6fc57aec4a2eff846565aaeb3f3ec199c89ccb6372b506dc731b

SHA512
4e5b1082b3ab2ecd20f54d763dc2c027f3148b3bd84eef4667464c63daa6b2dc64f15b708d95dccaf6306e28007459d6105ceb87a587f3a76312ca7c9c2a0689

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
24.5MB

MD5
09429ffedc2d612edfea8ce55d81ea6a

SHA1
179c2813f40c8ce0498ca92c4c24c93d5b087d24

SHA256
e2836a90d76f44aa475435b2ea68f5ec48bd11e94d138bc9f2acab95f61b7ee3

SHA512
8cc472655b830886f493924a521734c19729d068c686d2ef622df946a792eadfce21069afa47c0d7450807a0419ea7877a89d2114dfa589849af76a72a0dc481

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
43.0MB

MD5
b00e46afd4f6e1f80b314077bf2c9eed

SHA1
3fbdee01475cd30dcecf4494619d7e8720ab8fd6

SHA256
bf9521f0eac0f36a0968bb25674e53642be0367be2ce4c294561fe8f98bc7bf6

SHA512
3e2eb27177aa6c8012a9787ede13218fe09859a8cda6e1b59a9390599af11db233bc3a1eec5d9cae2f8ef3a69927efdbb5467b69684aeb36e0907361be4b5a4a

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\Y8 Browser.exe

Filesize
24.8MB

MD5
0f2467724785963527fec0e0f9d5fc5f

SHA1
8c709a84bb9c825a974ddbcb95f3fd5d9593d297

SHA256
9b04c72c6dc91f1b63133a0e72dbff62be952b646f0dbb7b0f2b1a618cdb11db

SHA512
62f289cc6607529e50ca33948d52688ad1b36e06bfd80335caad55d71fc1e9d9eada9a9d006bc838a78e4d948888d1f92ee0ee8de566fa3313cd80ba639e4ef2

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\d3dcompiler_47.dll

Filesize
4.1MB

MD5
222d020bd33c90170a8296adc1b7036a

SHA1
612e6f443d927330b9b8ac13cc4a2a6b959cee48

SHA256
4432bbd1a390874f3f0a503d45cc48d346abc3a8c0213c289f4b615bf0ee84f3

SHA512
ad8c7ce7f6f353da5e2cf816e1a69f1ec14011612e8041e4f9bb6ebed3e0fa4e4ebc069155a0c66e23811467012c201893b9b3b7a947d089ce2c749d5e8910c6

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\ffmpeg.dll

Filesize
2.0MB

MD5
ae0c96d26055c49af357d08fae785cb0

SHA1
d31166a4c464ce11f052441d43b704c4eaf60a5b

SHA256
fc6b3f35ea158f1e7159b608116f7321ed6154f28fd475510343350bb491e5f3

SHA512
8aa2f315b8ffc7f750bc63dfa7a0731e0272e56e8056ecb3abfe8c73db210bb8e7b7a10439c31de34c79eb334ce2ec089e8676e68383f84274a94f9058c72d4e

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\ffmpeg.dll

Filesize
2.0MB

MD5
ae0c96d26055c49af357d08fae785cb0

SHA1
d31166a4c464ce11f052441d43b704c4eaf60a5b

SHA256
fc6b3f35ea158f1e7159b608116f7321ed6154f28fd475510343350bb491e5f3

SHA512
8aa2f315b8ffc7f750bc63dfa7a0731e0272e56e8056ecb3abfe8c73db210bb8e7b7a10439c31de34c79eb334ce2ec089e8676e68383f84274a94f9058c72d4e

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\ffmpeg.dll

Filesize
2.0MB

MD5
ae0c96d26055c49af357d08fae785cb0

SHA1
d31166a4c464ce11f052441d43b704c4eaf60a5b

SHA256
fc6b3f35ea158f1e7159b608116f7321ed6154f28fd475510343350bb491e5f3

SHA512
8aa2f315b8ffc7f750bc63dfa7a0731e0272e56e8056ecb3abfe8c73db210bb8e7b7a10439c31de34c79eb334ce2ec089e8676e68383f84274a94f9058c72d4e

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\ffmpeg.dll

Filesize
2.0MB

MD5
ae0c96d26055c49af357d08fae785cb0

SHA1
d31166a4c464ce11f052441d43b704c4eaf60a5b

SHA256
fc6b3f35ea158f1e7159b608116f7321ed6154f28fd475510343350bb491e5f3

SHA512
8aa2f315b8ffc7f750bc63dfa7a0731e0272e56e8056ecb3abfe8c73db210bb8e7b7a10439c31de34c79eb334ce2ec089e8676e68383f84274a94f9058c72d4e

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\swiftshader\libEGL.dll

Filesize
145KB

MD5
445cc30109fee82391cc0efbb7853eed

SHA1
b53dca42c36ff8971509cb2ac4573597b279048b

SHA256
899f8736f0689c19ab054a121d9151fe2220821d532b8a1eeb8f356494f995b6

SHA512
1ed08b28494b945f8ae714878e7c2ca21df5537d73ccf25f06f5d551d73d3173855825427c43705b08812d98885c1695f5cafbac4e7e2ced7602522d4932bf28

Download Submit
\Users\Admin\AppData\Local\Programs\y8-browser\swiftshader\libGLESv2.dll

Filesize
2.6MB

MD5
6c7306e21809e6eaef5da263d02a9412

SHA1
2dfa048ac73237fac4b1d63cbfe14d9b4d9cdef1

SHA256
78668930170dad42fa9ed89c1e57c1e0a5a99793721ae2d1162e903ae5886db9

SHA512
68f395a0a1ab4cb7d92b6cf772dd7f7ae1a15176c0bd7a6ea21c04c7c53b4fa0f1aeb759aa06c34cf0c00dbf9eec3a5c4c07ad364f94e654c748529da809a653

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\INetC.dll

Filesize
24KB

MD5
640bff73a5f8e37b202d911e4749b2e9

SHA1
9588dd7561ab7de3bca392b084bec91f3521c879

SHA256
c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

SHA512
39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\StdUtils.dll

Filesize
101KB

MD5
33b4e69e7835e18b9437623367dd1787

SHA1
53afa03edaf931abdc2d828e5a2c89ad573d926c

SHA256
72d38ef115e71fc73dc5978987c583fc8c6b50ff12e4a5d30649a4d164a8b6ae

SHA512
ca890e785d1a0a7e0b4a748416fba417826ae66b46e600f407d4e795b444612a8b830f579f2cf5b6e051bea800604f34f8801cc3daf05c8d29ad05bcda454a77

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\System.dll

Filesize
11KB

MD5
75ed96254fbf894e42058062b4b4f0d1

SHA1
996503f1383b49021eb3427bc28d13b5bbd11977

SHA256
a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7

SHA512
58174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\nsProcess.dll

Filesize
4KB

MD5
f0438a894f3a7e01a4aae8d1b5dd0289

SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6

SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

Download Submit
\Users\Admin\AppData\Local\Temp\nsd3B5C.tmp\nsis7z.dll

Filesize
391KB

MD5
c6a070b3e68b292bb0efc9b26e85e9cc

SHA1
5a922b96eda6595a68fd0a9051236162ff2e2ada

SHA256
66ac8bd1f273a73e17a3f31d6add739d3cb0330a6417faeda11a9cae00b62d8b

SHA512
8eff8fc16f5bb574bd9483e3b217b67a8986e31497368c06fdaa3a1e93a40aee94a5b31729d01905157b0ae1e556a402f43cd29a4d30a0587e1ec334458a44e8

Download Submit
memory/300-314-0x0000000001CC0000-0x0000000001CC1000-memory.dmp

Filesize
4KB

Download
memory/1696-316-0x0000000077750000-0x0000000077751000-memory.dmp

Filesize
4KB

Download
memory/1696-263-0x0000000000060000-0x0000000000061000-memory.dmp

Filesize
4KB

Download
memory/2364-244-0x00000000003C0000-0x00000000003C2000-memory.dmp

Filesize
8KB

Download