86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2

Analysis

max time kernel
153s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
01/02/2024, 12:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe
Size

80.0MB
MD5

fdcf3751d1ae810362b28cae5574b999
SHA1

aed288df4a6363445e89e93ff01497e253c13a4a
SHA256

86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2
SHA512

838906b17268628eccb66f29e2f5ad6f6a1af5ac9c34e690800a6f21816d543e860274ce0fbd9ef01ebc873bf19174668e143d2c6872ed48cf170c8bce9c96f2
SSDEEP

1572864:SbOtYWWsd13kVErJUVH4G9/Yrg79hjUINEi74J091JoOSQxbI/:M4Yns38E1C9/+chKe4J0/JoO9b

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 4 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3336304223-2978740688-3645194410-1000\Control Panel\International\Geo\Nation	Update.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3336304223-2978740688-3645194410-1000\Control Panel\International\Geo\Nation	FLauncher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3336304223-2978740688-3645194410-1000\Control Panel\International\Geo\Nation	FLauncher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3336304223-2978740688-3645194410-1000\Control Panel\International\Geo\Nation	FLauncher.exe

Executes dropped EXE 12 IoCs

pid	Process
5060	Update.exe
1464	FLauncher.exe
4476	Update.exe
3380	FLauncher.exe
1812	FLauncher.exe
4500	FLauncher.exe
2128	Update.exe
3092	FLauncher.exe
5108	FLauncher.exe
4464	FLauncher.exe
3260	FLauncher.exe
464	FLauncher.exe

Loads dropped DLL 15 IoCs

pid	Process
1464	FLauncher.exe
3380	FLauncher.exe
3380	FLauncher.exe
3380	FLauncher.exe
3380	FLauncher.exe
1812	FLauncher.exe
4500	FLauncher.exe
5108	FLauncher.exe
3092	FLauncher.exe
3092	FLauncher.exe
3092	FLauncher.exe
3092	FLauncher.exe
4464	FLauncher.exe
3260	FLauncher.exe
464	FLauncher.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies system certificate store 2 TTPs 8 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 0f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d090000000100000042000000304006082b06010505070302060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000000687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd67707390b000000010000001e000000440053005400200052006f006f0074002000430041002000580033000000140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589101d00000001000000100000004558d512eecb27464920897de7b660537f000000010000000e000000300c060a2b0601040182370a03047e000000010000000800000000c001b39667d60168000000010000000800000000409120d035d901030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c1320000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 1900000001000000100000006cf252fec3e8f20996de5d4dd9aef424030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c1368000000010000000800000000409120d035d9017e000000010000000800000000c001b39667d6017f000000010000000e000000300c060a2b0601040182370a03041d00000001000000100000004558d512eecb27464920897de7b66053140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589100b000000010000001e000000440053005400200052006f006f00740020004300410020005800330000006200000001000000200000000687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739090000000100000042000000304006082b06010505070302060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030106082b060105050703080f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d20000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 040000000100000010000000410352dc0ff7501b16f0028eba6f45c50f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d090000000100000042000000304006082b06010505070302060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000000687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd67707390b000000010000001e000000440053005400200052006f006f0074002000430041002000580033000000140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589101d00000001000000100000004558d512eecb27464920897de7b660537f000000010000000e000000300c060a2b0601040182370a03047e000000010000000800000000c001b39667d60168000000010000000800000000409120d035d901030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c131900000001000000100000006cf252fec3e8f20996de5d4dd9aef42420000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob = 5c0000000100000004000000000800001900000001000000100000006cf252fec3e8f20996de5d4dd9aef424030000000100000014000000dac9024f54d8f6df94935fb1732638ca6ad77c1368000000010000000800000000409120d035d9017e000000010000000800000000c001b39667d6017f000000010000000e000000300c060a2b0601040182370a03041d00000001000000100000004558d512eecb27464920897de7b66053140000000100000014000000c4a7b1a47b2c71fadbe14b9075ffc415608589100b000000010000001e000000440053005400200052006f006f00740020004300410020005800330000006200000001000000200000000687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739090000000100000042000000304006082b06010505070302060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030106082b060105050703080f00000001000000140000005bcaa1c2780f0bcb5a90770451d96f38963f012d040000000100000010000000410352dc0ff7501b16f0028eba6f45c520000000010000004e0300003082034a30820232a003020102021044afb080d6a327ba893039862ef8406b300d06092a864886f70d0101050500303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f74204341205833301e170d3030303933303231313231395a170d3231303933303134303131355a303f31243022060355040a131b4469676974616c205369676e617475726520547275737420436f2e311730150603550403130e44535420526f6f7420434120583330820122300d06092a864886f70d01010105000382010f003082010a0282010100dfafe99750088357b4cc6265f69082ecc7d32c6b30ca5becd9c37dc740c118148be0e83376492ae33f214993ac4e0eaf3e48cb65eefcd3210f65d22ad9328f8ce5f777b0127bb595c089a3a9baed732e7a0c063283a27e8a1430cd11a0e12a38b9790a31fd50bd8065dfb7516383c8e28861ea4b6181ec526bb9a2e24b1a289f48a39e0cda098e3e172e1edd20df5bc62a8aab2ebd70adc50b1a25907472c57b6aab34d63089ffe568137b540bc8d6aeec5a9c921e3d64b38cc6dfbfc94170ec1672d526ec38553943d0fcfd185c40f197ebd59a9b8d1dbada25b9c6d8dfc115023aabda6ef13e2ef55c089c3cd68369e4109b192ab62957e3e53d9b9ff0025d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e04160414c4a7b1a47b2c71fadbe14b9075ffc41560858910300d06092a864886f70d01010505000382010100a31a2c9b17005ca91eee2866373abf83c73f4bc309a095205de3d95944d23e0d3ebd8a4ba0741fce10829c741a1d7e981addcb134bb32044e491e9ccfc7da5db6ae5fee6fde04eddb7003ab57049aff2e5eb02f1d1028b19cb943a5e48c4181e58195f1e025af00cf1b1ada9dc59868b6ee991f586cafab96633aa595bcee2a7167347cb2bcc99b03748cfe3564bf5cf0f0c723287c6f044bb53726d43f526489a5267b758abfe67767178db0da256141339243185a2a8025a3047e1dd5007bc02099000eb6463609b16bc88c912e6d27d918bf93d328d65b4e97cb15776eac5b62839bf15651cc8f677966a0a8d770bd8910b048e07db29b60aee9d82353510	FLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827	FLauncher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827	FLauncher.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
1812	FLauncher.exe
1812	FLauncher.exe
5060	Update.exe
5060	Update.exe
5108	FLauncher.exe
5108	FLauncher.exe
4464	FLauncher.exe
4464	FLauncher.exe
3260	FLauncher.exe
3260	FLauncher.exe
464	FLauncher.exe
464	FLauncher.exe
464	FLauncher.exe
464	FLauncher.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	5060	Update.exe
Token: SeDebugPrivilege	2128	Update.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
5060	Update.exe
4500	FLauncher.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2844 wrote to memory of 5060	2844	86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe	84
PID 2844 wrote to memory of 5060	2844	86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe	84
PID 2844 wrote to memory of 5060	2844	86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe	84
PID 5060 wrote to memory of 1464	5060	Update.exe	90
PID 5060 wrote to memory of 1464	5060	Update.exe	90
PID 5060 wrote to memory of 1464	5060	Update.exe	90
PID 1464 wrote to memory of 4476	1464	FLauncher.exe	91
PID 1464 wrote to memory of 4476	1464	FLauncher.exe	91
PID 1464 wrote to memory of 4476	1464	FLauncher.exe	91
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 3380	1464	FLauncher.exe	92
PID 1464 wrote to memory of 1812	1464	FLauncher.exe	96
PID 1464 wrote to memory of 1812	1464	FLauncher.exe	96
PID 1464 wrote to memory of 1812	1464	FLauncher.exe	96
PID 5060 wrote to memory of 4500	5060	Update.exe	98
PID 5060 wrote to memory of 4500	5060	Update.exe	98
PID 5060 wrote to memory of 4500	5060	Update.exe	98
PID 4500 wrote to memory of 2128	4500	FLauncher.exe	99
PID 4500 wrote to memory of 2128	4500	FLauncher.exe	99
PID 4500 wrote to memory of 2128	4500	FLauncher.exe	99
PID 4500 wrote to memory of 3092	4500	FLauncher.exe	100
PID 4500 wrote to memory of 3092	4500	FLauncher.exe	100
PID 4500 wrote to memory of 3092	4500	FLauncher.exe	100
PID 4500 wrote to memory of 3092	4500	FLauncher.exe	100
PID 4500 wrote to memory of 3092	4500	FLauncher.exe	100

C:\Users\Admin\AppData\Local\Temp\86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe
"C:\Users\Admin\AppData\Local\Temp\86db92b4b09d64de6f0eb86d61be4f7c8059238595572cc5f78adc172aca10f2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2844
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:5060
- - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
    "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --squirrel-install 0.0.36
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of WriteProcessMemory
    PID:1464
  - - C:\Users\Admin\AppData\Local\flauncher\Update.exe
      C:\Users\Admin\AppData\Local\flauncher\Update.exe --createShortcut=FLauncher.exe
      4⤵
      Executes dropped EXE
      PID:4476
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=gpu-process --field-trial-handle=1704,382328431988406713,8343017845399801999,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --gpu-preferences=UAAAAAAAAADgAAAIAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:3380
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1704,382328431988406713,8343017845399801999,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --mojo-platform-channel-handle=1836 /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:1812
- - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
    "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --squirrel-firstrun
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies system certificate store
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of WriteProcessMemory
    PID:4500
  - - C:\Users\Admin\AppData\Local\flauncher\Update.exe
      C:\Users\Admin\AppData\Local\flauncher\Update.exe --checkForUpdate https://dl.flauncher.ru/dist/
      4⤵
      Executes dropped EXE
      Suspicious use of AdjustPrivilegeToken
      PID:2128
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=gpu-process --field-trial-handle=1824,4725357382819369671,9693554021446851643,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --gpu-preferences=UAAAAAAAAADgAAAIAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:3092
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1824,4725357382819369671,9693554021446851643,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --mojo-platform-channel-handle=2180 /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:5108
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --app-user-model-id=com.squirrel.flauncher.FLauncher --app-path="C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\app.asar" --no-sandbox --no-zygote --field-trial-handle=1824,4725357382819369671,9693554021446851643,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2440 /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:4464
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --app-user-model-id=com.squirrel.flauncher.FLauncher --app-path="C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\app.asar" --no-sandbox --no-zygote --field-trial-handle=1824,4725357382819369671,9693554021446851643,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:3260
  - - C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe
      "C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe" --type=gpu-process --field-trial-handle=1824,4725357382819369671,9693554021446851643,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\FLauncher" --gpu-preferences=UAAAAAAAAADoAAAIAAAAAAAAAAAAAAAAAABgAAAIAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3780 /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:464

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:224

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\.flauncher\launcher_settings.json

Filesize
376B

MD5
a9b7341e24503113a45257b87c71b44c

SHA1
75a16a9c6607b4f16e46e8306b76ce08004d9669

SHA256
49314751cadfb13b28531e920dc6b267787210e2f0569a058a3662fce322a422

SHA512
53c5436ed839d5d9b4e8958c4b81c0ba58ddff61fdefd496495a0e41b6e2f493bf360a7e9af9580dfc7232035f8703a066d041043dfd4d1627debb1ce5a3b777

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Update.exe.log

Filesize
1KB

MD5
6eb96c16eb677b6a8c1df381a0497a1a

SHA1
d4596baadc2d4bee89d57e1718ab30c0b7d563ec

SHA256
e96331392d474ca0fbc51036c7d55aa3a37aae6b074d50ebd106a277b0cb4097

SHA512
3d472d56ceb73a3df3f65eff6af088b3a81ab553153cbda925091500a6543cf83e84872f2bc81f218deddecd8f3c9868d784c2fe08ece95f915138becaecfb0b

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
77B

MD5
4fb4fff34d87fdc0a11541ead308dabc

SHA1
8b01d8f1036070984c552c6661a96e2b9cbd2eab

SHA256
2d4ccc8de23df20bbe60b53228a6f450f1d7e860436097bf5c2e51b9972eb507

SHA512
35e32c74ff9fbdf72f191162fc35f75d2a7741700533b40f52f53a562660125b8ce5506f4c18177289be0ff86c0d3c1d39687bf7bbc9c69c3ea858c05f5e097b

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
331KB

MD5
49e3d5449d3e6c3f408fbab9e16881aa

SHA1
c69a604d3c87569258cdd69a20e6f5739c845df0

SHA256
9c468083ed33cf25f5ba7167f63b1550ba122b66b154ca823f3545caba571887

SHA512
d1fa73ed0527cd2888f45dbddc29928b6398874cd09ad0393a25a6aa71743cf9d975d378e282ba902196bd8f5c34fa54924fccda177e1d67a46a44d74040fd07

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
209KB

MD5
46c70b94a82f6d78b3a98acb09999e93

SHA1
f6b347078345d33baa2f94bb31c3481a28d5f550

SHA256
06fdfa5fe4331f5804e257cc56a61d3e9603cdbf62335b40b1b136c116331f44

SHA512
dfee1ce1e7113d298cbe2872705a364cc97d554cf0e210ff1c7ff1401770b633ce37dbf5f1c74e5cb8b262b1425c8cc974b704813ee1576fea2be8dd56d6735e

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\background.gif

Filesize
90KB

MD5
0042847e67a304182fb8d25f9e78736b

SHA1
52592eb1444aa2280a852d4aa0d71166c972fc2d

SHA256
9664a4b156729e6ae2f05f77e6d5835c6dcaffc2cb56a7d0c32017155d6582c9

SHA512
3c516ccc8b3e36ed36c97ff070f1131366ed12b30f3f487c6b54255e8f870c3461edd3884600b41c54b2084bfd4e3005317a57e9bd5427536a7050f2cfd4aaef

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\flauncher-0.0.36-full.nupkg

Filesize
75KB

MD5
50db58f94f914476fe369a388809f92a

SHA1
b894fa5fe1a792b1eb7da9aee6544b6c449b7609

SHA256
8b47f213830b051152529ccbc699ce85fd7fb6d8cc5f7e27f7877d55207d83bf

SHA512
c7a4b11206e7c6a31beec91ff9477c485cf45157108af5c8bb255e67adfe9f4d024555c098e36de93240e7be44b15e635e6b989b199b0b204820eb390f4c258e

Download Submit
C:\Users\Admin\AppData\Local\flauncher\FLauncher.exe

Filesize
201KB

MD5
a8eacdf2e8eb9462ef0585d3806bf443

SHA1
41e19146d38f4a56da630e78c8aae39f7c8c3d2c

SHA256
358cff57e7e6a3da67bcdecb832223a53df9c8b658eb70f8a65d7df0ce6e7ad5

SHA512
033fb50f574db1fda09ab28ad16f615ff6c87347a2baa18810964a1560762af8947bab4ff6e746c854089e43855f0bd38f5fdc483a30caa0952d4491bab18cf5

Download Submit
C:\Users\Admin\AppData\Local\flauncher\SquirrelSetup.log

Filesize
1KB

MD5
d906beee3510c9679318a88dad276ffd

SHA1
5a4f453cc15ac3ec24c7b5d615f9fb3769e279ae

SHA256
d2d24ed1d1b548e1fcb494f7dc0c873e3ff1be0afadb7af62195b92dbd00ab5c

SHA512
92086f51090a1aec73920f0e8d292b1842df9b02e876f491626e220e67216e52329cb141f943968a528058d417bb325e90cdaa551809c62fe767b5cabfba0922

Download Submit
C:\Users\Admin\AppData\Local\flauncher\Update.exe

Filesize
94KB

MD5
731a402abf08293275744ac9f4310923

SHA1
6cc7dc68e616279c63c97aefee81feac7170e1eb

SHA256
2f1a0fa19f28d9b082fb0e9c4872fc902074911f3620c56ab0a7198060bc6398

SHA512
2b5332fa58251719814da214bf5d513484f7ca988b463a1744792009b53293d6616304d15390fd9790c947f112bb2a8f39d3dc65eb4d6982ea656e31d1c8db98

Download Submit
C:\Users\Admin\AppData\Local\flauncher\Update.exe

Filesize
64KB

MD5
8c1da5a23a6163be5efb0c5c5796ff50

SHA1
75046abb78b9157ec3934ccd074bff80732a4a5f

SHA256
d193d6d86ec6fda34596df5c1150db9c03577f1e87b40c32073301c72d0a1ba1

SHA512
d8a937691c752cc38ac55586d54baf927c5aa8f3630c55578fe25c680e7e3ad160b355c1f0ae89e5b0f1fde82d3545b317c982169e47eeb1664878ea3da6ada1

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\D3DCompiler_47.dll

Filesize
115KB

MD5
c1be346994cb2893a99df4a17b49d734

SHA1
91eedbba8be8e65b52eb37b2303e32c2ec8e2f60

SHA256
c836446aefc11c960d02b62e41034a53e0e8bd36e68009a1f2839afee08d34c7

SHA512
b6e5b6f2c017d2cbfeae3b92b2b8d147fcce2ffad0d0f796b9321f5d8588eb3b3826413574730aaa77d8a51100cd934855631e0f64ee7ab50fb857aeaf6adccf

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
54KB

MD5
320de1cf09bff0160000ebbe1d1d005b

SHA1
46dfef15405de039478ac16d95c2a11741cd590c

SHA256
b168b656d24925aab2e7cdab2ccec7bac7ea9ca53d37b3ce4490e6994ee11568

SHA512
542f2c99b5e90fc6fef123d9627c4ad3a36e9864b512144c1ab52f4aed34010bac28aa4053934e13368fa09c20b0b3853c69b916cdb15cff4d04f0f8e36e8595

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
106KB

MD5
8bfdb91e8fe3330d796f87364658d17a

SHA1
232948af2d75657b9f470106173d99bafe38a234

SHA256
f3f4dc0ab564f33e2e9d68fa7773a473b7b3b0792d6b7bcdd4344412cf78a4d5

SHA512
a1e436d8c0e3d8dc21762f6233aae5ddabcacadb463b3cb50d3036fa163acc3c90ca438695666a06829aa2ed53e09a005cbd1335855a8fd301762af722afe7b4

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
92KB

MD5
3608fde8b6ea72a3a450f2190b7350a7

SHA1
37eea4a9a00e1c180b8f474426a68312391f9606

SHA256
f0444c3e380e253115ad2c8084fd7fde40e94076292402fce639c971fb1882b1

SHA512
dc9c95ff94bb52bb4b99f64ef35578c957d6cacaca2db678658df0d244809ca438aa095718dd76819f366ae98a4012ed6e795188ed9e8dce0c503e600e9985d4

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
167KB

MD5
07534e70b070a93030f832f0cb21db59

SHA1
2c55034c6322d426a8e2d987bf0c8a8a4cea6120

SHA256
7855e91db5171cf19398f1917001cbf490ace1ff71f7c8598a2037a4ec177ddc

SHA512
f17b5d1fcde4e26d5d615ffc13d9251d63223a97cc3f44f4dbee993b3f93e26bf39b42563e929d3fc73a7c1586f3587314003299f6aa0fccab035fa5867b4590

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
119KB

MD5
2c39f42dece20bb248b236c4eae0d614

SHA1
416246e8d73ad4d53a56a05c193de788b8732a35

SHA256
ee8ab0c430a0c6ffaceb8813e034223caef4fe2e5da0142276d9a582187bbe73

SHA512
ee0deb660b9e00a0f65449de017bd77f5467bb475123d31dd8ee2639f38fe26502890f6f40d72286b73ade7bf7c5c8dfee57cbfa2b6e79d6faa6feafc916ad8f

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
63KB

MD5
ccf606d6aa686fbde3a329118c17c7db

SHA1
f12cb8ea3e8c9126e113c44a6181a565ff8d04ab

SHA256
59a3869ba92a4d8389c916c9acaaf2192ce7612acd9fba643fb8bf610325248a

SHA512
e4ee640895170ac30c7ce1c30f8553a8dde2463c8819c7cd2832f13a908745472e86b191d115909cced6ff3be6b2ebcefae12fd7b30c750831fca19bfd9cdc53

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
43KB

MD5
e9be5a9a3d2e2cf044c62650574ca19b

SHA1
cccab861da4132cad58c3f4b120e086803959568

SHA256
6119eb54323be7610e3b2289b7fa1a4f4edf36e0daf36e59cbf57c3112ab3552

SHA512
016d18f4f49914a1faa192d9ae6c06ed9dc653fd525bcfd8ef497db8d50d02575592fcc5b4753900410d004b872c8ec5dc4ac83f4cc707d412554c7193178d9e

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
77KB

MD5
5c99f9e4145e16d34f0a2406faf965d4

SHA1
a62e8e99196aadbf5f3c8df7063fdfc67901c7ec

SHA256
47501f21ed8842af94a70a46991295d223ebfb1ba2460b90ac28c40eb6ce4a02

SHA512
74a45887937d8568db4c2133e80c573ba16c11d76aaf3b94776d13a721f9268e2027fb144dc5bc19cc8bd476150b485d6f5e3ec574ef9b56f88d6b4005eda349

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
28KB

MD5
0d61366c77d215141d5eaba9fc6f8bfb

SHA1
998fe868e661ee9030b2333d01ba4eb0855a88c6

SHA256
b30cab9a0dec96baef92c3f4bd7eda432049fb18baae731e03d5037e979ee8e7

SHA512
bd3f7bd7fd112dd0178747c1db1b0c39933cd38f285002e443e99b4d55e13d0041142636846101ec48a375b121337d4dbec3d506ac246d678ecc3b12330dab99

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
44KB

MD5
408e9775deb7da4b4aabc28bf4029fdb

SHA1
aae13aa595070fa77f1277710cbc2ca58ccb51ec

SHA256
d53869a08bdcbcafe5526b9a39e5a34c253848b032f9b9b0b9fae7478396534d

SHA512
5c1c7bbcf258b4c5ac8a8c26c4e1aec8df36d0ed2f2aeb451bfddf4ff1c856c68f7e87d329c1401f0f2c92d908c25234920a8ea89f48f279c6efe023b8f003c0

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\FLauncher.exe

Filesize
3.2MB

MD5
bce275e0b27968475c77d5381042e99d

SHA1
3e8f3d7da158d792b26fe112c9c7ca0407253b86

SHA256
337e4b7bbf6d9f0e9be62f88ecc00bec29a19de33e2c76ff2d51a064ba188625

SHA512
22f21b6fba9ffae9f93152d4a311c669fcdde175f28200543068ba9c6156b21d567173118c41303fb28b75dfe366c61a81258ef3f3f7fdd29271810d7b97d5ee

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\Update.exe

Filesize
76KB

MD5
036b6e52535212c9fc29a74d9324d2e0

SHA1
075af6da71931feb5d970b7e3d5a02c3028d2f94

SHA256
a6954a34d40a1408999cef82406855211196c4c032fea4328dad288bd3215cfd

SHA512
c259d853cc0dad44f293ea37d1df07e0ce83774bd7c8d216f4647e8c62fac87199d9f827fd6a81dc929a96de82bd721f26dc0f1c76b05eecbdc205aa76a5b77f

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\chrome_100_percent.pak

Filesize
138KB

MD5
0fd0a948532d8c353c7227ae69ed7800

SHA1
c6679bfb70a212b6bc570cbdf3685946f8f9464c

SHA256
69a3916ed3a28cd5467b32474a3da1c639d059abbe78525a3466aa8b24c722bf

SHA512
0ee0d16ed2afd7ebd405dbe372c58fd3a38bb2074abc384f2c534545e62dfe26986b16df1266c5807a373e296fe810554c480b5175218192ffacd6942e3e2b27

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\chrome_200_percent.pak

Filesize
38KB

MD5
54927305d53040987bded404443091d7

SHA1
e7785ca25b9bcfaa16b0b08a395619e112d8885c

SHA256
a1f6f60fa9ebaa0c93625410aaaa3161d45329b83aaa09e375a1c00a333937b5

SHA512
ea2c6af25d17aa28fe4e5acffe7579d6b1b30697aa3c51f54d00c2b690ee817c6fb30c1a7b66c48fd8428f97d36354e0b524b3aeb01edd3b557b720f4af99b5a

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\d3dcompiler_47.dll

Filesize
67KB

MD5
f8b0487e285064a49c444a56ea7f3a18

SHA1
4d8dca5eb0adabf0fd508b64f6aeb60a6269bfef

SHA256
2ac4fc0de944c387d495161046670182b03b0ac0401990800d9e29141a883f8e

SHA512
6df9cf27281ac97e41959c4e554b1b18b7806cf8773ea075510d51753f3c00dedd04fb7caedf386226a25ce2bd287fd78cfc0ad11c4c162dbfe95cbc7ae4e91b

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
64KB

MD5
433f0725f66f8aa218497f9bc7d9d680

SHA1
f1dc910cf3e4df56b8072b6ec04d597eaaf81bb2

SHA256
69d0564a1c7731ccf7b48a1f912f4772d256e43d1a1d12068548809bac246968

SHA512
05f31c1dc04564bfb064294a382fcf69aa49e3070486b3e6297d30745d005a8829640278200e1a5c6f0b307bf40b9a6ca69eb4055d48db825a2deddbc6535222

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
205KB

MD5
85a27b36fac759dfe119bb5a1e329a82

SHA1
d51230d920987163620f71ec6e19b021e98ea6b3

SHA256
7ba984e0d4b0bf0209c061276c96ec0b38e383d25a8bed42b0ebb870b7524d1e

SHA512
d5a068324eb76db06cd055ce77d8525e2cb97d01484b0843197352e725641ed223980191282633a27e72f7414cd49e1317598fb5b948e1d78226b4a59b6ce7b4

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
105KB

MD5
eb730354c397cbf3c4e918d58501230f

SHA1
3221b1aa78e56cbe79b84344478c5e46bcd0701d

SHA256
9e4e724e8f67f262e5f9c61b9c986472cf56f0ecf52cb4933d9d60beed70a1ee

SHA512
e584dbd7c33fa7920bc7399476a42b0027d22276b88800b4cca6cda6d1763c418e47d21782b99cce74c7310dadf865dccc6cd8958e38ce26129ab131f2538466

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
47KB

MD5
31b24de43de27a6c2622bd6ef4a3eb5a

SHA1
823ff430b6bdeff47fa4a7cf1ea0781fbfcf7822

SHA256
72543a5c14967d9791b6de2f6c0bb5a97bd119696c3d43af249ab37c9443eaa4

SHA512
c7126f3a7122eb059b44d3c109fad368e120628e3d9064788f52c6d738e2e0daf8e97022eb380f78764145dba8d2b01cae937e9b495c33c09d75f43e00ae71ca

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
70KB

MD5
06b9aa89f2e596ac19564460938f765d

SHA1
6818c27821ee045893e9e73d6723177d61e42174

SHA256
8060bba1c584864a39b5850570f4419cbad24b5f6170f3254917b3bce9245e14

SHA512
2ab03bedbb094dfa5816d2439cf0c0fdcacee83c1525462efed594056386e57cfa925ce581704c5b61c10460e18b00c2821ccd77151b382dd5426866ca9f8308

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
36KB

MD5
905e36528ac6fb79a58a46369f222eeb

SHA1
98e0c8e6e09935900f1320f3cb2f239ae489bb9c

SHA256
2a47b18b54078d00ae3226b0a96af09585cf8d3e939d6e5864e8ae152f13e8e1

SHA512
21c5b2f84ed21ab71b6bd5fd7414fdbf5d43a3ccaff3297578ece94f406d2a3b9664d192d868a4fab4b52788e097fbd87f810028e48c1c2e8ff0f57cf49147d7

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
40KB

MD5
f08dd0ceb5e1028cf8c3464bcdf7582f

SHA1
b7f1be5a178081d0bb785947f63b7aea01004c34

SHA256
a8a58811a17c9f41a828b5684f90913d915442915748d243b438b1269b020d5a

SHA512
d1542933b6537a9de9a52946a0a2f189864c75b39e113a09964cc32b82d36a96eb9503bfd4fe8dfcb396a139c72d0dd00aa3277c2a41b78886844cf8bc724e38

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
24KB

MD5
7623da46b12c43bf472d1de45c874f97

SHA1
3e2bb82a453f5b1b2af4aafbfea8b1d416e3ac30

SHA256
01c448f63a3c718d4f9e2a8f0832f58837ab000675b03fefe95eb5bed768248d

SHA512
0a02a6d26ec24284e5288f0684ec8ab5e2c4041559050caad5f84a67880e2279fc2d15339b40554a96fc8a80f8073bfe68eab13393190a0a58f940dc88ed8f0b

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
108KB

MD5
1661150664574aac00d5811cf6142a3d

SHA1
31e728709fda1deb7b9d97419225e018fbdb0e2c

SHA256
cf2d4c5a374800f5c15cb39463480e037cb445794d6b45c2562e4c72751b9398

SHA512
17104d41c8675d955ab141a84cfc392ee15de511f944197377e550f3335f41452afbdb12f638bd0e00c63a705d79ae838922fa05107f14a85e39366e1def3482

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\ffmpeg.dll

Filesize
2.4MB

MD5
8103bcc04055915bcca7c56b9902773a

SHA1
3c41d9f820e8a2338c5709c96405f89adca4ce75

SHA256
2599057fa40f6dcfc25cdbcd6fbbccf5b76fbc78860b71c80b4a19bfc80a5c5b

SHA512
055db41012a27201e66a9a44d135eff77b117d1cd86ffcfced128fefeac14bb9073d823b0908f958b319db48032b23d67b39d548c674cd11acca41729cbd1350

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\icudtl.dat

Filesize
104KB

MD5
ebe7c7075ed4bfffa312b701dce4512a

SHA1
7e9c0a0e0159cc37d049aa9be17b2d785bd07953

SHA256
9efd12483c6dd5c56e94804520709e7557c3a1bf75bafdd8f05e76394e18a786

SHA512
fdac4701872e569e01e5c5fd3b8680b8e7458d25b8a705d314a05e679b1ee2eba782d1b69a192637fe8e56ba1f03504e2bad6224560394779ed7b0c1d15e043d

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libEGL.dll

Filesize
195KB

MD5
28f100d4d2e21962aeabba6e21af3f74

SHA1
09a3609fa0b13700834915f9f893956f43881947

SHA256
b88a518d8096f91c058d8b099fea7389240a5edbb8795b30805b8a2e364fad15

SHA512
5d4b69da4533f1d20e77280ae9079be60bd78dc9e4ca95630522eb4b9c39ce9529c39876cdc939132c241f012982f9abbe4e044ea839eb30b68e2deb86958ce3

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libEGL.dll

Filesize
1KB

MD5
2651eb81ccf2683f0fb551f58f18e336

SHA1
f687c00774695249f65aa8a0f30c2c963d0dcc58

SHA256
ccfeb196ec1c206e72be2c5877724eca852a76a7ba87a76ab9228f374be4c949

SHA512
564888b42c04936071492cea617effc1b6b9e1b042c3eb3ba758aff8ec0c810735227847f0fa77daf1b76ca95da3ff3591fc2ae4c25fa22af0c9df538cba4bcb

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libGLESv2.dll

Filesize
69KB

MD5
3aadc134bb1609ec42841a2cf7bf3b39

SHA1
c4740ea6983dc89cea3a776f3a9c446bba5135c1

SHA256
1d306580bbfb258589922cbdab01c6aca01cb8692f269cbcc54d5f1a24b26278

SHA512
b63bf6dd9520f6970c1820ee7c4317633ff78212b6eb605633590a05d3a09952ffd39dd5cbc9f07f43ed86ed82f3072c55a0f4a015e5554f0b5dd5b63bc28dde

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libGLESv2.dll

Filesize
25KB

MD5
cf9e351b6cd80c18650d9a5069a6d72a

SHA1
d56285b0f18056e3683ba7ed91a2f0de534e06a3

SHA256
58ffabdda54d0060d77baf58f9e2b5f6f055b6d627054737a796e855435549ee

SHA512
32dd9c387d399e89029091202f5327d146a4aeafd5302d164c3061f7f04c249dd84ff349b5bae17b353b33685c08bf1c297b808866f18194fd772af5df5c4c73

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libegl.dll

Filesize
100KB

MD5
5e6609e65e578807ee24d812e85faa60

SHA1
ed2c1362a43ffeb8bc84d7db7d21317cea50156e

SHA256
12f898c3d1def24f9a92dc474fb8c783b732de8cc0071bac0c364fbd738de1d2

SHA512
b900f0d33107d37435ef039561b37e81545c72c6eef587f9eedec35515462bcbd94e00deb69a2933bbf5a3606c565833d20950419d07c00f3506e15e3c994bcc

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\libglesv2.dll

Filesize
103KB

MD5
dd410342c2e31c96679af0a8d581c8dc

SHA1
3b6a5c270c7c9ae1ea6644108eef530cc45f3d2b

SHA256
0c03b692ec1a26360e0d60530cf1aa8a2dc44af3f741458362c468a14613b190

SHA512
c14305ab8c6597816780411e705aafdc414821c07b29dc634ad31490422e9b092184e791b4a51d69ce68af5a8a93fb9d861d3df32de7f0a17693dbd4dd369663

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\locales\en-US.pak

Filesize
95KB

MD5
214e2b52108bbde227209a00664d30a5

SHA1
e2ac97090a3935c8aa7aa466e87b67216284b150

SHA256
1673652b703771ef352123869e86130c9cb7c027987753313b4c555a52992bab

SHA512
9029402daea1cbe0790f9d53adc6940c1e483930cf24b3a130a42d6f2682f7c2d6833f2cd52f2417009c3655fed6a648b42659729af3c745eaa6c5e8e2b5bb9e

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources.pak

Filesize
47KB

MD5
ccfadb8427d4043e08cf5f464eee18ab

SHA1
076a1305570f084d1194594c45e2b1254cffdc54

SHA256
bbfc99ebb4e2d00d24012f06058afbbc88dcc3aa9129fb9ada8cf6aafd9f778d

SHA512
a72468896450bb173529d37e843fb7d23692a194c7e7cc25e87f8dc5c3316e75f0bff0d217ba16b08454e1714dbf866d6dd076a0d77af4bded05d8853bbdf690

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\app.asar

Filesize
92KB

MD5
5f59b313068b71efd929e661f267952d

SHA1
73c5c6f1141349013c5aae7d47970b1bdd9d9d1e

SHA256
23fad2f5614dbc48d42c50fb86213f14a373e627f39806e16c1dabc7218a6924

SHA512
f3029b86f6d1a778fd0c4ff98b2fac3e3d0123429555af6e008d569e215610ea38ac160ca2836975aebf01f73400b0251e119fd435c2a5bea51a95e9c5b6247b

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\packages\ui_36.asar

Filesize
24KB

MD5
73dacbe4a2da37f3a343ca685f258dea

SHA1
2e7b23e933b5730f4e3cbf542d492e93d1de143c

SHA256
13e107ba8bbde78b35bf4f7cb0dd6652050e80bc388e9b1fe2fde5b3e93c5383

SHA512
1a148695318865f62ea4c44349428e219f9a4d808715c8ba7ca9a2615bebb882f28d574cdd92a969ca81f5552046f244e51a2a48e435bc8fe15dd10e9cae7729

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\packages\ui_36.asar

Filesize
25KB

MD5
51f1c15433a8fa2a7b061b1fc6c95ac3

SHA1
3e1e7f4f2f9649d2d5fc6b90fc91a8e4bf107ec5

SHA256
f4dc9d121654f44554250ae0a66a24aa645da96e31ae1cc029341f94ed10dadc

SHA512
7b0c7da1a25886cba3b0154bb3142b3f171baeaa686e4421fdbc3214f05eb7972106dc7148f5e0adbda806b7403d7880473776c324f67a9d34a21adb3035cf48

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\resources\packages\ui_36.asar

Filesize
73KB

MD5
0f59d7c2c9b0c20460eaf22d4589b93a

SHA1
056e32df700a53f7a901d706413f282c118d311b

SHA256
ddadf8a4d75a76fe2cf0b0578862ebfb58bb05929b39605e5b5114f17cdc06fc

SHA512
971e5857e940037dba2b73042991532773ea7e5861101a6f63ceefee36048794f7d9986f8dfa45b09e9491789d530880ecfbbf8b4c7428a7ace84b4c9316b4b3

Download Submit
C:\Users\Admin\AppData\Local\flauncher\app-0.0.36\v8_context_snapshot.bin

Filesize
50KB

MD5
0a28aaa3c5aa699ba6dd3361ca06a202

SHA1
5eac9c42fd5b19ddc37f43a692af0cf035d177fa

SHA256
696c1c133effbe6aa88b4217bfff5029b92b02280eb0806d7a460586812ebef8

SHA512
4f133a2e1832f021922e0b5e609f45763b9c637af89956c4568707015f72f0539d2e505125e7d3ef0bdbe9cb923a332882642a89d33a18c84107df85c1521df7

Download Submit
C:\Users\Admin\AppData\Local\flauncher\packages\RELEASES

Filesize
80B

MD5
8233830c0f0d87d96ded045684d738dd

SHA1
9b1f48e66eac72a36fc58053b09e59a993ecc94a

SHA256
52a313691f353d038567596d06e7a960cf164bbd7bafcd86c52399c5255c111c

SHA512
74b5bdb95b7eab4597002cf82d28f69b6050111cbb0f3007d5aae26198b47d197a5b316f65db95572afdb1cab0c3b79c4d31af5d4a471f6ca98d64adb4a6ec41

Download Submit
C:\Users\Admin\AppData\Local\flauncher\packages\flauncher-0.0.36-full.nupkg

Filesize
111KB

MD5
a700c51ad17b6144ef23e2c7c50edfe4

SHA1
908a570b50b43e7373ed7c1a5b459e1c68a7041d

SHA256
ebd2e2d2e16ceba98fe127d441f2e8840f78814abb52947d6a3e70c09606c644

SHA512
35b3ca4243e07683ebdf9657acdc60a7fef3da07f5379286f9227a9704926caffa1634d5298b28711981fb4c83d1ba6c5b8bcc5cd8a43dbb41e1f4c7c548e26b

Download Submit
C:\Users\Admin\AppData\Local\flauncher\packages\flauncher-0.0.36-full.nupkg

Filesize
87KB

MD5
83d20794c5a6e5d12145783e415f44eb

SHA1
2b0c3c9099b2e0df237ac899e383bcbe9d9cf868

SHA256
fdcec588524f2ef63f251a8511b8d05e0dd3c4f0c50cd96910265ec0dfc81211

SHA512
f424c9f72c571e9c7544811b186aecb66e6c15f14d1bca5ea7d3204fb739be47c9a608be556890a35454e2112daa9fb037481b682f43b9fa413742ca06c0b5a8

Download Submit
C:\Users\Admin\AppData\Local\flauncher\update.exe

Filesize
108KB

MD5
27593f90420578b680890a63f1198c24

SHA1
034ff59674a3f13596597a7e9da165593744da34

SHA256
1aa3ac6e2262a1bcc9ba86c2291a8edfc24fdbf5985c9b19ea5847b9d2af418c

SHA512
b5b033588fbe54e73a9e73f92bb842616df2168690d9bfcf8a860577bfb64bcb978d33e7ab92874da7583c8d20fbdd216772702c3f2714b103802c79bb6d85a6

Download Submit
C:\Users\Admin\AppData\Roaming\977670aa-b1ab-45aa-98a1-d526ed2ad71a.tmp

Filesize
704B

MD5
112e357ed8b99f7f18457a87355a1727

SHA1
7908c23f75d2064e0636a89f9900035cd5dac81c

SHA256
b7b94885c8943417a5f042a4f940cb11141de6453355abf7a289d812051a25bd

SHA512
2b90255481ef1354fa164fa0dba06e0416572d2608f71afb1e9baa8773f9e70c381997fd21767f972b2d33359bc5bbc3da992326db5e4b62030a408096db299b

Download Submit
C:\Users\Admin\AppData\Roaming\FLauncher\Local State

Filesize
389B

MD5
1a62c92ea4cd5d98751dd9dbac5f3314

SHA1
6ce86dc4a6d687d20b1ea8c2bc68a651232bea65

SHA256
464ed2bf316fa8da6dc3a3be11b05066047c9475bbb9ae78d8a2dbd6febc2491

SHA512
d2a8a6b240a02c15bb76f3ad7f0b08a99db74989a9be4ce46111d442e9038cebe85841284b8af4117727c19136cf4454ba0848cb72de9cc6854fbb483eeec3af

Download Submit
C:\Users\Admin\AppData\Roaming\FLauncher\Network Persistent State

Filesize
1KB

MD5
247b104fff93c2544b251ef63232ccf7

SHA1
da04ccb82c0aa7db8a834a830b6b20f1ae06406e

SHA256
efd75c084d74950d087988b6ab1b1e4137845395a0a3aafb6bd874629f8a721a

SHA512
5715b78e840349eab300ef1d29ab974c268ad431113df68c5fdad452a45de64cc4406e7d6468e2766c7d79e8bb72c416fecebd8518d9113631ec6a09996ff669

Download Submit
C:\Users\Admin\AppData\Roaming\FLauncher\Network Persistent State~RFe58d51e.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Roaming\FLauncher\Session Storage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
memory/464-295-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-303-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-304-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-305-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-296-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-301-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-306-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-307-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-297-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/464-302-0x000000000DA60000-0x000000000DA61000-memory.dmp

Filesize
4KB

Download
memory/2128-156-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/2128-157-0x00000000055C0000-0x00000000055D0000-memory.dmp

Filesize
64KB

Download
memory/2128-264-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/2128-230-0x00000000061A0000-0x00000000066CC000-memory.dmp

Filesize
5.2MB

Download
memory/4476-115-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/4476-118-0x0000000005270000-0x0000000005290000-memory.dmp

Filesize
128KB

Download
memory/4476-117-0x00000000053C0000-0x00000000053D0000-memory.dmp

Filesize
64KB

Download
memory/4476-140-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/5060-7-0x00000000003F0000-0x00000000005B4000-memory.dmp

Filesize
1.8MB

Download
memory/5060-8-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/5060-9-0x0000000002AB0000-0x0000000002AC0000-memory.dmp

Filesize
64KB

Download
memory/5060-16-0x0000000009F30000-0x0000000009F68000-memory.dmp

Filesize
224KB

Download
memory/5060-17-0x0000000009EF0000-0x0000000009EFE000-memory.dmp

Filesize
56KB

Download
memory/5060-237-0x0000000073B20000-0x00000000742D0000-memory.dmp

Filesize
7.7MB

Download
memory/5060-19-0x0000000002AB0000-0x0000000002AC0000-memory.dmp

Filesize
64KB

Download
memory/5060-150-0x000000000A4C0000-0x000000000A552000-memory.dmp

Filesize
584KB

Download