Analysis

  • max time kernel
    116s
  • max time network
    159s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-12-2023 00:39

General

  • Target

    print('qwjdq).py

  • Size

    2KB

  • MD5

    bac21f6be4ff926fb38ef6540f840bdf

  • SHA1

    d5812beb4081b43ef7a2e58e1a39aa623b7a5938

  • SHA256

    621ab55b0f68544c4fe34b09d4a3164241e424b8bca69b11352f0237794fe17a

  • SHA512

    186fa18cef35120dab72f117faa18ac32b7d89bef74f970062b91cebe4f7e1191121dde81bb1d4a1e4fdffa619219afee9776eaf3e94a14b8e366c0983efe28c

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 5 IoCs
  • Loads dropped DLL 5 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • UPX packed file 16 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Enumerates connected drives 3 TTPs 4 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Modifies system certificate store 2 TTPs 8 IoCs
  • NTFS ADS 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\print('qwjdq).py
    1⤵
      PID:4088
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:3192
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe"
        2⤵
        • Checks processor information in registry
        • Modifies registry class
        • NTFS ADS
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:3904
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.0.855288718\2135460580" -parentBuildID 20221007134813 -prefsHandle 1772 -prefMapHandle 1764 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6635341e-c2b5-4a73-9c71-8320b74641a7} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 1864 1f7bcbbc158 gpu
          3⤵
            PID:1984
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.1.1149144282\274745749" -parentBuildID 20221007134813 -prefsHandle 2216 -prefMapHandle 2212 -prefsLen 20783 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f18f5c6b-2f9b-48da-b7cc-cee8359c27ab} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 2228 1f7bc6e3258 socket
            3⤵
              PID:952
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.2.130809619\1358636926" -childID 1 -isForBrowser -prefsHandle 2724 -prefMapHandle 2768 -prefsLen 20821 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4520a7a5-7718-4f0e-ab4b-dda55897d7ed} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 3052 1f7c1b84758 tab
              3⤵
                PID:1832
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.3.1291884506\2081146026" -childID 2 -isForBrowser -prefsHandle 3464 -prefMapHandle 3460 -prefsLen 26064 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {244cf835-d1c2-403c-beff-687d3ee6829d} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 3476 1f7b0768758 tab
                3⤵
                  PID:2260
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.4.833479838\977545391" -childID 3 -isForBrowser -prefsHandle 4436 -prefMapHandle 4432 -prefsLen 26123 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d33558a9-1a27-43c6-8a62-2930a1c37b09} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 4444 1f7c3868258 tab
                  3⤵
                    PID:2012
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.5.759549262\2071386831" -childID 4 -isForBrowser -prefsHandle 2900 -prefMapHandle 4988 -prefsLen 26123 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2134c0e5-9eda-475e-8854-d92e93dc74d6} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 4992 1f7c425be58 tab
                    3⤵
                      PID:2700
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.7.197924000\2054430849" -childID 6 -isForBrowser -prefsHandle 5396 -prefMapHandle 5392 -prefsLen 26123 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {df81782f-c1fe-4705-821e-b3d9fd5cb69c} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 5408 1f7c425d058 tab
                      3⤵
                        PID:1044
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.6.1108777487\1038441592" -childID 5 -isForBrowser -prefsHandle 5108 -prefMapHandle 5112 -prefsLen 26123 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {02514ccc-f531-4b41-b7ac-7ecc7c6be8a6} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 5004 1f7c3be2158 tab
                        3⤵
                          PID:2664
                        • C:\Program Files\Mozilla Firefox\firefox.exe
                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.8.2068246473\360172932" -childID 7 -isForBrowser -prefsHandle 5784 -prefMapHandle 5764 -prefsLen 26204 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e09fcc29-f0df-4085-b492-4376c989db7d} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 5772 1f7be097358 tab
                          3⤵
                            PID:4312
                          • C:\Program Files\Mozilla Firefox\firefox.exe
                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.9.206548196\1430973316" -childID 8 -isForBrowser -prefsHandle 5156 -prefMapHandle 5692 -prefsLen 26644 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1559d4cb-8b08-4295-8e6f-b46be46e4d52} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 5628 1f7bc915958 tab
                            3⤵
                              PID:1296
                            • C:\Program Files\Mozilla Firefox\firefox.exe
                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.12.299417044\1181101568" -childID 11 -isForBrowser -prefsHandle 9428 -prefMapHandle 9152 -prefsLen 26684 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ea45233-0799-499d-92b1-52da3f1f5bc1} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 4516 1f7c6aa2558 tab
                              3⤵
                                PID:3344
                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.11.610721777\696027996" -childID 10 -isForBrowser -prefsHandle 9460 -prefMapHandle 9464 -prefsLen 26684 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {24d32ecd-17f7-48e9-bf4d-940d2086a1fb} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 9428 1f7c696af58 tab
                                3⤵
                                  PID:768
                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3904.10.808849663\1167099226" -childID 9 -isForBrowser -prefsHandle 9472 -prefMapHandle 9476 -prefsLen 26684 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {29ac9a6e-c8f5-4c33-bf81-fc4115bb2677} 3904 "\\.\pipe\gecko-crash-server-pipe.3904" 9444 1f7c6969458 tab
                                  3⤵
                                    PID:1116
                                  • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                    "C:\Users\Admin\Downloads\OperaGXSetup.exe"
                                    3⤵
                                    • Executes dropped EXE
                                    • Loads dropped DLL
                                    • Enumerates connected drives
                                    • Modifies system certificate store
                                    • NTFS ADS
                                    • Suspicious use of AdjustPrivilegeToken
                                    • Suspicious use of SetWindowsHookEx
                                    PID:5744
                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                      C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=105.0.4970.63 --initial-client-data=0x32c,0x330,0x334,0x308,0x338,0x748bd550,0x748bd560,0x748bd56c
                                      4⤵
                                      • Executes dropped EXE
                                      • Loads dropped DLL
                                      PID:5932
                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe
                                      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
                                      4⤵
                                      • Executes dropped EXE
                                      • Loads dropped DLL
                                      PID:6068
                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                      "C:\Users\Admin\Downloads\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=0 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=5744 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20231223004058" --session-guid=de89ae69-eb0b-40af-a08a-de44fd4def57 --server-tracking-blob="MmQzMzQyMWIzZDM3NTFmYjg5YmNiMDQ3ZGQ1YzIyZGIyNDhhYmFjZTE2ZGFhMjhiYTA1ZjBmMjg0YWQxYjgyZTp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vc2UmdXRtX2NhbXBhaWduPSUyOG5vbmUlMjkmaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGJnV0bV9zaXRlPW9wZXJhX2NvbSZ1dG1fbGFzdHBhZ2U9b3BlcmEuY29tJTJGJmRsX3Rva2VuPTgxNTkzMjEwIiwic3lzdGVtIjp7InBsYXRmb3JtIjp7ImFyY2giOiJ4ODZfNjQiLCJvcHN5cyI6IldpbmRvd3MiLCJvcHN5cy12ZXJzaW9uIjoiMTEiLCJwYWNrYWdlIjoiRVhFIn19LCJ0aW1lc3RhbXAiOiIxNzAzMjkyMDM2LjY4NjQiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInV0bSI6eyJjYW1wYWlnbiI6Iihub25lKSIsImxhc3RwYWdlIjoib3BlcmEuY29tLyIsIm1lZGl1bSI6Im9zZSIsInNpdGUiOiJvcGVyYV9jb20iLCJzb3VyY2UiOiJnb29nbGUifSwidXVpZCI6IjhmODFmYjFjLTUyYTctNGNlYS04NGRkLWI5ZGIzM2Y1MjUzNSJ9 " --desktopshortcut=1 --wait-for-package --initial-proc-handle=A009000000000000
                                      4⤵
                                      • Executes dropped EXE
                                      • Loads dropped DLL
                                      • Enumerates connected drives
                                      PID:5476
                                      • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                        C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=105.0.4970.63 --initial-client-data=0x31c,0x320,0x324,0x2fc,0x328,0x71f3d550,0x71f3d560,0x71f3d56c
                                        5⤵
                                        • Executes dropped EXE
                                        • Loads dropped DLL
                                        PID:1292
                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
                                      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
                                      4⤵
                                        PID:4024
                                      • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe
                                        "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe" --version
                                        4⤵
                                          PID:5644
                                          • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe
                                            "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x2a4,0x2a8,0x2ac,0x280,0x2b0,0x1024f48,0x1024f58,0x1024f64
                                            5⤵
                                              PID:5712

                                    Network

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nx9wxjen.default-release\cache2\doomed\24335

                                      Filesize

                                      10KB

                                      MD5

                                      8ad8547effc4d043face3d66eaea8933

                                      SHA1

                                      95e3f0503795657938351e5098116dd815813bb3

                                      SHA256

                                      bb5953e68e6e6398f074616e2856ea69912a6b6bc0d213d87072e9246ddd85f1

                                      SHA512

                                      b1da0c93252d712348348a70910c881e936ef4c2b62bf0afa97997d6f90c06375d155ceb9a31a999475c7ccb934f6af03d262c51ceb990499194425aa477a8da

                                    • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\nx9wxjen.default-release\cache2\entries\6DE085D6754FE4EDB0180DEA5EC72B48A1369A54

                                      Filesize

                                      16KB

                                      MD5

                                      da1bf13aa51f82cc72f47e6656a3b23a

                                      SHA1

                                      9a15a682f43d6428d6ed50487ac79d519f5688b4

                                      SHA256

                                      18d52cf1d3b2aac788d3c307d0af07eee439ac032575c9b2a497d75ced6eaa8d

                                      SHA512

                                      efc4f0aad89e56cfa714063e110363c46e9467d27f08f24d58ec04aab5df224ff2e0a5277e1a6bb8253914c6f3319adb34de2ac0ac796327e6b66ba7851f88dc

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe

                                      Filesize

                                      1KB

                                      MD5

                                      59b7a73b4edfc9904e0869b28c9fc8a5

                                      SHA1

                                      9626963fbd1a01a7256726e8b137996eaf5758fa

                                      SHA256

                                      a52308b54f46de119667764f5fef2a1afa70fe578a47cec6fb19d1be5cf9c68d

                                      SHA512

                                      d6cf2e0c9662384474cf0610e81c1b6d96422d4f9f342a12e5f742406053b5fe2627c8f57993b19cc16ec69345789d96de538e04739b8fbd41d283d7b65ab9cc

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\additional_file0.tmp

                                      Filesize

                                      148KB

                                      MD5

                                      77384bf0f5cf8cad11b9a390f73da4b5

                                      SHA1

                                      95067dc79345cfbacd9035107a9a25daa84eda11

                                      SHA256

                                      1118b2624cf6d3257fe835bad0100980df5471a6dfe7c2b58477daf6006600bb

                                      SHA512

                                      4222a34c78b7ddd679377da762ac40068f1901c19981b78db54b29c0e03a6a6c4ea8f147d74a7363fd50e07adabfe99b4977fe49df5e3a119bac515dc771f9ce

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe

                                      Filesize

                                      230KB

                                      MD5

                                      86bdaf13451201f8e415b10c13ff90ed

                                      SHA1

                                      e16fc11bc5e4bb5f5ac0bb8e7d01e270425eb380

                                      SHA256

                                      73af71d77be1bd9bfa99d5ced3047559576e6334dbeea8c3c7093a3e38de310c

                                      SHA512

                                      5ebabefa8c07527b9f7d23c8f3fd499997ed5aef3a6dcf64db2538ccd61f7b6836eef134e56b4403c457a8650dec08a9ee32a682c77720c5821c9e63a884cdb9

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe

                                      Filesize

                                      154KB

                                      MD5

                                      d8a1f6f501ff0de611a7d4f1a77cf34f

                                      SHA1

                                      746d827ed4e0fee4f4d359757f7c096f0ace4062

                                      SHA256

                                      f0f3d572a269acbf5f0c2310f4ec22619206edd0277201fdc89a7dcc39885e17

                                      SHA512

                                      92805adf30cb2951643a282ad2e991d7cfb4f6cfe62f63554f15e185cb5ef4817b298abb271cb1464de2fd1ffea8e550542492ed30406335f8a4621c517d766e

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe

                                      Filesize

                                      473KB

                                      MD5

                                      3c78582bafe507f96ec43f59d5b50c84

                                      SHA1

                                      0faf2e2e46339e8f2c002a0623c77e05ce3748eb

                                      SHA256

                                      ef2745178fe3907cb176e2cfecf8ebd21a1909b64d32eba86e094eb6355958c2

                                      SHA512

                                      cbbb0a14134399c44055fa67e5f1f10a74f74d07576ded29edae667a7b66971808e49c78449b4ed167ce4e4e6c209190bf57029ca8751d036a43b4fa781e0626

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe

                                      Filesize

                                      98KB

                                      MD5

                                      556a3d7b46946774366babc60ef0ba7e

                                      SHA1

                                      3796220b91b6072aa4133fdad20827eb0a07c755

                                      SHA256

                                      197d16e2228cc598a53c152106f7c488042781af0747ffca42e8fab05dc9e0ba

                                      SHA512

                                      098437fe9e300a3d946d730f1daabbc7c5e5f708105ea1e2034f66eec654923a8e90339c1a7246dc7cae6b5c4e791f0f4e85adf14212f50bbdb5d92ac9e07fc3

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\assistant\assistant_installer.exe

                                      Filesize

                                      26KB

                                      MD5

                                      792a2114ed31789e718a34c3cfcb2d04

                                      SHA1

                                      2e5c343fe9be95764ed34e801530708cfe0102f9

                                      SHA256

                                      5440b02d71039d1a9e760af19343c7a9a276cb48c7f3c8824c00f88ce1ad80f5

                                      SHA512

                                      e08c1d64f32a81366739c11622c08d347fdead01f077d8f823a3d12632e3fd263c864b6a54b43fa95d0685120e012e01a066ec581d45d0ee5f5419fc77077d39

                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202312230040581\opera_package

                                      Filesize

                                      937KB

                                      MD5

                                      adab958cf31b4c88c36c28935511cbe3

                                      SHA1

                                      17a1cc9dcdc6832d0cde92da98064582041d125b

                                      SHA256

                                      b3bfab3a533dfd922a6cb64a958d498a3ba0ec2f95d46c1adb474711aaef6bec

                                      SHA512

                                      18bddb5fdfa161641c674eb9967ccbe2a13fee9b90973eb560da7cc4fdcdf455441d512b6543a6c696f8f780752220d369997d293e92fe1fb6a567cbf7ff41d0

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230040575795744.dll

                                      Filesize

                                      365KB

                                      MD5

                                      94f4df2baccc6f3a0a1d195e6694a296

                                      SHA1

                                      a1e5bdd4c47b29d61d73d3c093eb0f0f864f51a7

                                      SHA256

                                      716e89b07bc1e4aca47638557f13a8048574f9fa61e60774032b4006a8fd6ae5

                                      SHA512

                                      b2419decdbb5b99bbe91b3025ea4a573832ca3c4348e06ad1ae010637f4bd2263f2a323455a4c84b76cc0b7f57d857519fa861554ed319266b4bd5dc98379777

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230040581595932.dll

                                      Filesize

                                      184KB

                                      MD5

                                      2127762e2d803cc41152554a9b5b1dce

                                      SHA1

                                      e58174528b13560a483a0498a73e91b21e0e8a56

                                      SHA256

                                      62c79485dc722905191fb017f716da153cb1491e316a43bb0d69df3015e9681e

                                      SHA512

                                      1e609ac4f10533cd96f2be59f6ae3c2bf1a2462e64dadd405671708f3e1227eda8dc47a993b1548a3d2c9211406833592e9ca3a5d38ef81b16b50e623b825c37

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230040581595932.dll

                                      Filesize

                                      104KB

                                      MD5

                                      b093a665f12286b6ae9d1482f26ed9f4

                                      SHA1

                                      e9a96e8630ccb268d807d470e2aebbe8d95aff14

                                      SHA256

                                      b13ac4836d8e32142eb1489f8278f98f97b08da31cb126bf425b11b8ae65e369

                                      SHA512

                                      d4c1b76e926353a7951ef769869ff8f29ce575708c868385fa30b5a4563020d6c6db688afc40d0692af6c1bb9f828e6e021b858c8e7393e6b295d868b7dbdf19

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230040585556068.dll

                                      Filesize

                                      304KB

                                      MD5

                                      79a3b41dddc8a15088b29b897f4670c5

                                      SHA1

                                      d44206204a5b759c2465071e66c39f306fafea1a

                                      SHA256

                                      8c7a0f1a809f35829b3ad8e3910b447a2e78fc1a504b46acc95a6cbae4b62d00

                                      SHA512

                                      4f0a615b78e3abe9c6c396f2efd3e35f63b4f69ea45b0be3a80973573006bbde4c174bcd059fc92b25a5214d0669fb83ec386db51af208976660682f7e207490

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230041333095476.dll

                                      Filesize

                                      807KB

                                      MD5

                                      e7f18681ef99c686c43c9859a0611c31

                                      SHA1

                                      7bd193c3173edf7ca2fb6a382bc4b57ea44deb41

                                      SHA256

                                      b5b10ed850a84928fc740e786931d02b8f0cf5c0bee09ae29a385a31f22bea07

                                      SHA512

                                      2aaaf86882fc5180e1c1edf9d693f64aa66ab21908c64221b4c58b5a03cddb587ad1a352fa2304663ef6dc8e4bb012c3f418ce962121bea2d6f29f6e7b659713

                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2312230041344031292.dll

                                      Filesize

                                      276KB

                                      MD5

                                      c95cfe7d46a47643925d1677eb6aa572

                                      SHA1

                                      a662f79975ef571f28e64a516a7b92fa2a0de6ff

                                      SHA256

                                      3e83d6426c84476c62595d63a03ee59c07cf93d1f7824c1de11e1c32b1d8165c

                                      SHA512

                                      f29bb58174f1fbcc2d988180d51219143a80663647da7aa5a0cf35fab34cc75128b9ed5008e6ee4e73eed1d6bf0580252fcccef4523626c9d42eaa709609189b

                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                                      Filesize

                                      442KB

                                      MD5

                                      85430baed3398695717b0263807cf97c

                                      SHA1

                                      fffbee923cea216f50fce5d54219a188a5100f41

                                      SHA256

                                      a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                                      SHA512

                                      06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                                      Filesize

                                      144KB

                                      MD5

                                      9ff29458a7ade6f6dcb2237768cc575c

                                      SHA1

                                      33fd41766d62547dc687fc555a6123b853e8dc0e

                                      SHA256

                                      29cb0c886d47a01a26a0818f26777871490073305a53415f491445441e2deecf

                                      SHA512

                                      bddbb7d055e5a38b8f6a623b3b80f8e08d4e9cc790bbad7d06dfcb9f93124326036dc49e58b97f8bc8bfaecc28eceee58c4baa943e4a326badbad409368c1654

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\datareporting\glean\db\data.safe.bin

                                      Filesize

                                      9KB

                                      MD5

                                      b6a51a9a6935c641c1bf96a58686cfa4

                                      SHA1

                                      6d25111eeb7569af1fc462a5d7b431861502ce5f

                                      SHA256

                                      ed3e852b9f6eadb1f19423cf53f0cf837fa72378580a77f9b967d60057364c94

                                      SHA512

                                      60396d6811c8f36dfb253d8ab5a6a5d0599f8f5619291fdc78d599639ed1934110e2b4a942ef850141473ce88ba318bccd223db8f307a6a6e2cd8113bec7e3bb

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\datareporting\glean\pending_pings\042a7860-b76c-48ca-8fc3-273b805f598e

                                      Filesize

                                      734B

                                      MD5

                                      7e28ce9300b78c1e67daec1f60d4a19a

                                      SHA1

                                      5f3d2b6c7995d814951c2d8cc0d05cdb53dfc411

                                      SHA256

                                      d96130e566375920b1d24434acd6b571e1f1c0d7e03cb79aaf31f40205e61deb

                                      SHA512

                                      99e9fd45800e61d329eea19ebd50a098e3aca2968fb2d78ad7f2c59f5238ddee2eb824b713c4e6c3cafe26b5dd6563dc9e8d381baa506df7dfb34a3df85b7993

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                                      Filesize

                                      997KB

                                      MD5

                                      fe3355639648c417e8307c6d051e3e37

                                      SHA1

                                      f54602d4b4778da21bc97c7238fc66aa68c8ee34

                                      SHA256

                                      1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                                      SHA512

                                      8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                                      Filesize

                                      116B

                                      MD5

                                      3d33cdc0b3d281e67dd52e14435dd04f

                                      SHA1

                                      4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                                      SHA256

                                      f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                                      SHA512

                                      a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                                      Filesize

                                      479B

                                      MD5

                                      49ddb419d96dceb9069018535fb2e2fc

                                      SHA1

                                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                                      SHA256

                                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                                      SHA512

                                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                                      Filesize

                                      372B

                                      MD5

                                      8be33af717bb1b67fbd61c3f4b807e9e

                                      SHA1

                                      7cf17656d174d951957ff36810e874a134dd49e0

                                      SHA256

                                      e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                                      SHA512

                                      6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                                      Filesize

                                      1.6MB

                                      MD5

                                      5f80e64864d646d271aa3c98ce954e6f

                                      SHA1

                                      a30de04f83dce700d40872b9d8f3c2b8c42968b4

                                      SHA256

                                      e1ec6acdf4a541e7409d81cfbb467abe43432f703bbe143af1a03d3af7694203

                                      SHA512

                                      e654981d0929636aa1e09da16dd21879d8e6a7d9243ff140781728bf5475de060e64a3e2ea5cabf1bc32f833cdd782aa55eba7a2f7f862af442b75562ae5e2de

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                                      Filesize

                                      1KB

                                      MD5

                                      688bed3676d2104e7f17ae1cd2c59404

                                      SHA1

                                      952b2cdf783ac72fcb98338723e9afd38d47ad8e

                                      SHA256

                                      33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                                      SHA512

                                      7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                                      Filesize

                                      1KB

                                      MD5

                                      937326fead5fd401f6cca9118bd9ade9

                                      SHA1

                                      4526a57d4ae14ed29b37632c72aef3c408189d91

                                      SHA256

                                      68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                                      SHA512

                                      b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\prefs-1.js

                                      Filesize

                                      6KB

                                      MD5

                                      c44edd304ede51f8cdf315062b5c2af4

                                      SHA1

                                      0536276d6c233f495d8df0356dd8952f970a3264

                                      SHA256

                                      0c174649c2e62f8e410578d294da3a367a5e8ad41b4d9c0689390211fbe5d62c

                                      SHA512

                                      8573cf9e3106940e5d6bcd23bb0aaeb01aab40bcbc3716024e8989991705638c1064df92759e3b111b03a7725c03a5219d25c0aa26d018581df936fc41cd3c90

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\prefs-1.js

                                      Filesize

                                      6KB

                                      MD5

                                      cadfea0dd3f05d13b60fe6bb808b36bd

                                      SHA1

                                      2afb3c6ae72391b663ea647fb12a5167526ed44f

                                      SHA256

                                      e4735ffcdc195a86324ce4b281ca1135db34cb734cd98f3acf652bace069e4d4

                                      SHA512

                                      ff52c31ee550a0c688e28c8a17db834cdf3e119d302e9b834a941d4fb066168b194256465600afb039ea7decc777b3f7e367d4ca787729d6a7fb97a833a6b8f9

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\prefs.js

                                      Filesize

                                      6KB

                                      MD5

                                      69b713dd029acd3f2ef3f66896537f28

                                      SHA1

                                      569b875b8da09c5d0d00eb5b0e2dcc3be69da821

                                      SHA256

                                      64498ecb55204d5c0c91e29c4ebed058709dc8ec28188d9f00523910a76e2232

                                      SHA512

                                      fded5b0ff5795c1a329c7732af97d6c9eb813f4a4211e9bd6458ae00eb4d43c2651ab44d7e06c67762f79974059d06104ae4699e6d541f47522d748feaa41f2a

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      1KB

                                      MD5

                                      c801544e0959d6d9479dd9dd0b0be111

                                      SHA1

                                      f29d38672203e8fc9d0a94793f86644cc02f8875

                                      SHA256

                                      575168cec8dbd5767e9e4d89ed0ed77d89eb462c36632560eba47af4ece53edf

                                      SHA512

                                      dfc4fcf05a18db055351e17de7b2355f65eb006906f48ac5ad8f6690dfe17e287df8bd17cb4600be56874f9841364022ca46c1cd9242c1859d7a87c0c81e19c2

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      4KB

                                      MD5

                                      09833e2c7095564e32b646708e34ac1a

                                      SHA1

                                      0f18a87a92312f84d36d3d2c77e2d207ec2dad01

                                      SHA256

                                      633c4b6da741fbd908da92924821af5cdb70f27ca885659400ac97b1582051fa

                                      SHA512

                                      7657e178a39f2436c77f751078d991c65d817c44c35884acf5b82ce1a5dc09cb2c58fd46198bb00acf2081b85fcc7a9bacbfe3244dc7446578f2d3227a2d81af

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      5KB

                                      MD5

                                      a92d613719851f2ecf96995f9d8cbdce

                                      SHA1

                                      7377f0f0ca3847e6bf5c0ad9099730383b4e5469

                                      SHA256

                                      ebd32ca4197a755758ee897fbb220c5129891a491bfaba3ff815886a5132985d

                                      SHA512

                                      e6c5bdadcbc5476c64e36967ae30dd1800a87b35af6a9446510dbf146ba7d02a49ef6d9f8205dfef862721f89058b470fbe70ca77c7b8ad14e6847bb5a969924

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      3KB

                                      MD5

                                      f19219dcff9f9cca9ad957ca24a3c2e6

                                      SHA1

                                      c30c8bf0f878ce37a206fbaa27d0ca937974b496

                                      SHA256

                                      5d65509ac96e8bfca62d766e7e54611160c7fb5a37800082af0df02b355bc3b1

                                      SHA512

                                      b8a59ae5127e9410b14b1513e990b98a962d7feb148fcd63983e1e1f0394060f5dc1ac806f98b02d87b2f2c532c436716f1fc084417a61e14647f153c37f934a

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      5KB

                                      MD5

                                      d7824c2a5a2f9b0e56ad732445ee909d

                                      SHA1

                                      832aef59d0ff031247d158f43f1e2f8484fba020

                                      SHA256

                                      9f367c973a7236819f4a3da7470106db50cc246f1ba0ef3c040a1619e942ce1e

                                      SHA512

                                      c521e9a1591db10cf8fea49d3daffe721046450361f56948cab5eedea0c7a1e776e16146398548bc9e0a889b9d78d77cce95f3d27c6cd6a90effbadf8c4a2659

                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nx9wxjen.default-release\sessionstore-backups\recovery.jsonlz4

                                      Filesize

                                      5KB

                                      MD5

                                      6444475421887fc00c9093784b63ed98

                                      SHA1

                                      819dad75674df40941a16af933ec8d3601fbcced

                                      SHA256

                                      14e3565981adef6e9fe7ed22c8b9573d19704f5e60d6d13003bfe37fe05c0d08

                                      SHA512

                                      91fa1539bcc62011bb8abafd68a697cafb40273edf4863ef459803e9563e0bd950c777b13e5fe1d86d904a87c3111ceab8179badd378453ad1c3671d42429ab1

                                    • C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

                                      Filesize

                                      40B

                                      MD5

                                      a2ce44323a1e6eedc9f7cb0ff517c91a

                                      SHA1

                                      82f64312b9a9c4e0a4b87b2d55a2e4dda155032b

                                      SHA256

                                      f7be0073760e045751856d67e3d5c054765c4b0f8a9cdd7d9783ac997cb3ecd9

                                      SHA512

                                      acc66d26ee238f0e7684ab3ae2852a4c6b540b2acfca5adf2089e3a8bf33cd656e3fd24b1094db3e79112a0b0961e7985b9035c915e1b3d8c32425e553f5cec0

                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe

                                      Filesize

                                      1.0MB

                                      MD5

                                      e39ab46bfaa1c444b595e828db67a933

                                      SHA1

                                      3b347059a5ab909a68fe85f90b9a2e7f16552049

                                      SHA256

                                      b7fc0e4565ca8d91f22926b4bff4060c22408b8be55ef6e70126d889d7884e48

                                      SHA512

                                      41979761713c1df22aa86e0988325238be847ba6f10c9dcb4b19d995fd09959e5bdc95af765af0bda02c099e7a9e594a1684e59e7e123cf835846b6dbde1e4e9

                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe

                                      Filesize

                                      573KB

                                      MD5

                                      cb1d51d6622985e0c656474c3feaeb67

                                      SHA1

                                      a826e3a8cc712513aadb7f1097a547afbe58a90a

                                      SHA256

                                      437c4aae5f19f428ce91beb64f8217763fd41192f9a61e57039f582b7477022c

                                      SHA512

                                      d55aebe56700c03c209fad37b6e9e6b379e935a9c6fcf99041a6f1a632f116bde3378e5c0a901b8acb79c054febb0bf71bfb4d1d7b6373c330a41f16359d5963

                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe

                                      Filesize

                                      97KB

                                      MD5

                                      97201f604f08eef52d1163d49dbfe3a7

                                      SHA1

                                      de8c3f5a745b2eb172fa2f2f39c5329d8c52440b

                                      SHA256

                                      d2e9ee6551383bed3174721b5e82e481aff4a1475ee968b53f1079cc6682e0d8

                                      SHA512

                                      4aa428a3febc4bd6521e0ccb098f1915ce0991f4a27c7cf6a59082d3d465db8e03e58dd00f9db73f236fb22363de87f2a7221a81682fd50414cb6bd494b4bce9

                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe

                                      Filesize

                                      1.4MB

                                      MD5

                                      931f19532f55546d3bd81178b4f03a20

                                      SHA1

                                      b5c416d5742044583236dc6db8a175df19d2a002

                                      SHA256

                                      b35d79ab6b76d1d38f6e93a279680479ef3a5f1d0fda2adf7c0e14b4f88871e7

                                      SHA512

                                      911ba9069b86d3cb2317f8d461d185a46b1447e80ea600763103605595675be9eda07b49e44af9839374d2b7e37b4efbdc6977e7dd9449a2fb36dd936484bdd0

                                    • C:\Users\Admin\Downloads\OperaGXSetup.exe

                                      Filesize

                                      584KB

                                      MD5

                                      59404e060df368dd389a59770afd2d52

                                      SHA1

                                      fe08a133513ce661e8812476445acf73bc80bdf7

                                      SHA256

                                      8ca6be9173a3c1a8e563d3608dbc3d32a02b3ccc4f69ac81e0105ca395af2f72

                                      SHA512

                                      b3959f459f3fff7da45ebd60e00595495ec6ca0a2bbceba9439d72950e1f24635c37909ad6391bbef23aad240575e74c3212f6fbf15b1b2316aba53cf6ce6990

                                    • C:\Users\Admin\Downloads\OperaGXSetup.xHTuHjIH.exe.part

                                      Filesize

                                      128KB

                                      MD5

                                      bd59a76d73fd51471430fee971f3c840

                                      SHA1

                                      008be2e47a40a4f482327ca3b100635c589c7d8d

                                      SHA256

                                      119822f3516b43a11786db187661d8d7a93e93c34c26959b5f778695ded0348f

                                      SHA512

                                      9054be04526a6b7415a9365f93d9fcb6fad8629ae5541654ace500b551b80af6f7b67cd435ba03628a556e4b3c15bd8191310ecee560fdc23449de789de2abc6

                                    • memory/1292-676-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/5476-675-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/5744-577-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/5744-527-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/5932-578-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/5932-535-0x0000000000180000-0x0000000000730000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/6068-554-0x0000000000910000-0x0000000000EC0000-memory.dmp

                                      Filesize

                                      5.7MB

                                    • memory/6068-552-0x0000000000910000-0x0000000000EC0000-memory.dmp

                                      Filesize

                                      5.7MB