Analysis

  • max time kernel
    60s
  • max time network
    323s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2024 13:34

General

  • Target

    8_DustJacket-Recovered-Recovered-Recovered.psd

  • Size

    5.7MB

  • MD5

    50240fcc43ac5027a106dd5a534a3bd7

  • SHA1

    48a7c3bd255109173e4ae8efa836c090ba3cc898

  • SHA256

    15fe683d10c7a1588958f885106a4775546555fa813eda4e42e35e6b65b27c86

  • SHA512

    f6fd93fcdecdc6b349933d0d2a4fdfe3e77cbef08b0332b116c6d4ca1ef7429a9fd3e02a62c3d61c64451da975e6888b618becd491437fca630fd1b4a1fa1f3e

  • SSDEEP

    98304:8PVAII5ooAhgmkUU0hq2Sh5JYvc3nDqvVZfH7sTYf5KG5MJYtknX63CnWXHjOdVB:8Pb5Wm1U0hSTJY03+dZfbsTYfOJYtknT

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Modifies registry key 1 TTPs 5 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 30 IoCs
  • Suspicious use of FindShellTrayWindow 51 IoCs
  • Suspicious use of SendNotifyMessage 48 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\8_DustJacket-Recovered-Recovered-Recovered.psd
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1424
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\8_DustJacket-Recovered-Recovered-Recovered.psd
      2⤵
      • Modifies registry class
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2828
  • C:\Windows\system32\mspaint.exe
    "C:\Windows\system32\mspaint.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of SetWindowsHookEx
    PID:2280
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6419758,0x7fef6419768,0x7fef6419778
      2⤵
        PID:1804
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
        2⤵
          PID:896
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:2
          2⤵
            PID:732
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1612 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
            2⤵
              PID:1472
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2184 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
              2⤵
                PID:1524
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2208 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                2⤵
                  PID:2236
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2804 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:2
                  2⤵
                    PID:900
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1468 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                    2⤵
                      PID:344
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3472 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                      2⤵
                        PID:2544
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3584 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                        2⤵
                          PID:1496
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4044 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                          2⤵
                            PID:2796
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1172 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                            2⤵
                              PID:2864
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                              2⤵
                                PID:1512
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2540 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                                2⤵
                                  PID:2852
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2576 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                  2⤵
                                    PID:2092
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3780 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                    2⤵
                                      PID:2888
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4080 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                      2⤵
                                        PID:2144
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4104 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                        2⤵
                                          PID:1068
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3884 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                          2⤵
                                            PID:596
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4228 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                            2⤵
                                              PID:1744
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4104 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                              2⤵
                                                PID:1688
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4172 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                                2⤵
                                                  PID:2444
                                                • C:\Users\Admin\Downloads\DiscordSetup.exe
                                                  "C:\Users\Admin\Downloads\DiscordSetup.exe"
                                                  2⤵
                                                    PID:2692
                                                    • C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
                                                      "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
                                                      3⤵
                                                        PID:2500
                                                        • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
                                                          "C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --squirrel-install 1.0.9032
                                                          4⤵
                                                            PID:2420
                                                            • C:\Users\Admin\AppData\Local\Discord\Update.exe
                                                              C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
                                                              5⤵
                                                                PID:2748
                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
                                                                "C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1412,i,3491964501147428767,1331571782310963595,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
                                                                5⤵
                                                                  PID:1728
                                                                • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
                                                                  C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9032 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x388,0x38c,0x390,0x384,0x394,0x8d95d78,0x8d95d88,0x8d95d94
                                                                  5⤵
                                                                    PID:1528
                                                                  • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
                                                                    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1384 --field-trial-handle=1412,i,3491964501147428767,1331571782310963595,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
                                                                    5⤵
                                                                      PID:1676
                                                                    • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
                                                                      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=932 --field-trial-handle=1412,i,3491964501147428767,1331571782310963595,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
                                                                      5⤵
                                                                        PID:2036
                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                        C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
                                                                        5⤵
                                                                        • Modifies registry key
                                                                        PID:1240
                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                        C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
                                                                        5⤵
                                                                        • Modifies registry key
                                                                        PID:2272
                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                        C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\",-1" /f
                                                                        5⤵
                                                                        • Modifies registry key
                                                                        PID:2084
                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                        C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
                                                                        5⤵
                                                                        • Modifies registry key
                                                                        PID:2312
                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                        C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\" --url -- \"%1\"" /f
                                                                        5⤵
                                                                        • Modifies registry key
                                                                        PID:880
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4200 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                                                  2⤵
                                                                    PID:1276
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4268 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                                                                    2⤵
                                                                      PID:2832
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4368 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:1
                                                                      2⤵
                                                                        PID:2264
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4496 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                                                        2⤵
                                                                          PID:1524
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4492 --field-trial-handle=1276,i,4156605934871600690,9576615586295749076,131072 /prefetch:8
                                                                          2⤵
                                                                            PID:1136
                                                                        • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                          "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                          1⤵
                                                                            PID:2272
                                                                          • C:\Users\Admin\Downloads\DiscordSetup.exe
                                                                            "C:\Users\Admin\Downloads\DiscordSetup.exe"
                                                                            1⤵
                                                                              PID:1568
                                                                              • C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
                                                                                "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
                                                                                2⤵
                                                                                  PID:1484
                                                                                • C:\Windows\SysWOW64\NOTEPAD.EXE
                                                                                  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\SquirrelTemp\SquirrelSetup.log
                                                                                  2⤵
                                                                                  • Opens file in notepad (likely ransom note)
                                                                                  PID:2972

                                                                              Network

                                                                              MITRE ATT&CK Enterprise v15

                                                                              Replay Monitor

                                                                              Loading Replay Monitor...

                                                                              Downloads

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                55540a230bdab55187a841cfe1aa1545

                                                                                SHA1

                                                                                363e4734f757bdeb89868efe94907774a327695e

                                                                                SHA256

                                                                                d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

                                                                                SHA512

                                                                                c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

                                                                                Filesize

                                                                                230B

                                                                                MD5

                                                                                58f375e25b15dfb4f3c751e76e15a1e6

                                                                                SHA1

                                                                                37679bdf522f43913d7ce179713bc867fd41b3b1

                                                                                SHA256

                                                                                1a198b08b58492b1bdb4ca922e494aca91e76520b8f84e9060250a245b6ff726

                                                                                SHA512

                                                                                466f017ed72645420153f4bdaabff0507d6e3c9dc40b1a79778fe9f4fa7f388dcb71191984fe64435556d55a9d61b1d644ecc8b7e74c716e78d1972cd2e130e0

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                97cc96eaa2c445c5769b00c8298fc5ff

                                                                                SHA1

                                                                                c5b9e5c0cbec02ca32c78f5860f04739456d1c41

                                                                                SHA256

                                                                                026d9403089b6fd7687b9a40643081a96bec99eaf9918b42d6adf2d86aba3ad1

                                                                                SHA512

                                                                                de4cc0a611a658c61f1246dcf5f79d1986b7c0c5cfbbaecf3e4c1902ee4d23565c97c9542b86c7e530394abb06bdb5a06eb726c651687815cfcfa4dd8a0bf1cb

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                c4e4296905029955b37ba7622fbff800

                                                                                SHA1

                                                                                00668f27a92ca647271a53ee06b987713ed034d3

                                                                                SHA256

                                                                                0c31fe5341b2c9a27206f00f57411e81ae95ca21ee7ed8f3758b0a64a84a3de7

                                                                                SHA512

                                                                                00243c290fed16aebec8c1ef4d3e78a947b45f1ce9c5e65824dffa8420212dc178d90aa18a9c16405430d7ca3a4305e8a6da798c9b674e2b9ea34254d8d2486f

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                ee0566f4d40e9e7c82b157827194adac

                                                                                SHA1

                                                                                8d2f9c1f7d31fc58f57dacb76142746e39f005e3

                                                                                SHA256

                                                                                8ac9338b4163be795504214208f666eb5a1adf87711fd566bbb0c7ab8ceff7ff

                                                                                SHA512

                                                                                5ceda3611084c8df9d3c22fd9c8c04513e1ba9e1782dacc72583da950cfda516bf1b80b9b6aa589f98f67d52b25ff97f2688680d290862aabae8da32aa7757d8

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                df27bf7c7683f3d302b5f0aae70208e1

                                                                                SHA1

                                                                                ecfe1dc85a21437856ffb3e4a442a53d9b01a9e5

                                                                                SHA256

                                                                                064aa98043980111b7a8440990068c9564f87a0f10bfe2f3a898ee4d1bf2bd11

                                                                                SHA512

                                                                                8419e3ef0ee6a5b602f5fec3be0e8b6e42bdb188c812de57581567da2ab5a74ce6fcb2ee7175b41f21ab1bb63db10c41df7ee5e96b12d924f238e82e57c33e6a

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                b9a888045f55c4dd6e227fb8392a4334

                                                                                SHA1

                                                                                3b8623958e76125fa81c3de870aa19a2875f2f1b

                                                                                SHA256

                                                                                c05212c906854baebe538ccd4c3599043df5dea853327b0ed5cc72e002c0871c

                                                                                SHA512

                                                                                2c375446264b4dbaa7ae6e77a0fc963f35f62bde1336a75f2fb044545f18b7b60903a12a0cf4cf4723ebbe511cab4cdce233f007e899112df4378e8679cd3cdf

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                61c647e30e5d1153e35e0b0692ffb318

                                                                                SHA1

                                                                                b6b55643d56262142e75687aa31e672694a39171

                                                                                SHA256

                                                                                d69c51cdde89673b58bd815d31e15caad1961ac2b4026b80bb811473692851a7

                                                                                SHA512

                                                                                285d860d44f20451911ad23774607e48e708bb4d201dbf1d117189f2f765cc8d2ac35d91ad1bed1141f87327817d9d5c064c1ec18281b066d4ced29a93b02523

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                c660281f39e03009f20cab8ffd6417bc

                                                                                SHA1

                                                                                3f9f6afed4a2865be648a08396f98124128ce6c7

                                                                                SHA256

                                                                                cfaf4e906f561faa61d7cafc6e44da345a17406c8a41af2c69e6ecd8a3877d94

                                                                                SHA512

                                                                                bb38573a0eb89011e9b867675e1afc4f4b6101786779b63926ef9bd8a00c7b9cd1066588ab844ad5bbe8e425d09913173d62975a40fcc8187cb2293964f76b8b

                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                                                Filesize

                                                                                344B

                                                                                MD5

                                                                                a90d2f4f5b44f6762ada8b0ba65c1fca

                                                                                SHA1

                                                                                a41c7f5350f57301af796b1135b3918b96188367

                                                                                SHA256

                                                                                62b60cf9e377ef3564a1710118629a10d4be43c07d7fe36f75a2fa03d7e90750

                                                                                SHA512

                                                                                1c257a7bdf68e975dcd73ff71f5da43b9ca533122d052632253be54b317f0fce1c084d221bd869643867aaf64945fbbdbeb43210a8594a96951fe8710f4c0246

                                                                              • C:\Users\Admin\AppData\Local\Discord\Update.exe

                                                                                Filesize

                                                                                320KB

                                                                                MD5

                                                                                3cd9b845a3b51cde4bdca5119e77c148

                                                                                SHA1

                                                                                1e38f53f515d102781c32da7e9cddaa68fc46a38

                                                                                SHA256

                                                                                0d7963af3c3b1b91239ea90e8bc22d561f5feaaf1635b5959dfb393165b001a0

                                                                                SHA512

                                                                                1152de74b399c40e965cf6dbb9cbef83f089e6084a4446e2502ec2dbe07b3a52f494966896f8323ea2322edde394f1ea743d3e4da5d9f5f523a75e857e78f42c

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\D3DCompiler_47.dll

                                                                                Filesize

                                                                                222KB

                                                                                MD5

                                                                                192cc092bdc36db38958101390e3b9ec

                                                                                SHA1

                                                                                3a66996a20e2a451f2a7ede9e13deb4408d24244

                                                                                SHA256

                                                                                de4f594d2332a9eda4969fd7ee0ab26cfe3b7c096a77244299455cf06f503930

                                                                                SHA512

                                                                                39d17e47456d280608e8206bb2e228fd9860ff43fd7bcdcc19976805c575cc9b844b671681d39c3e2fd76d75a96e2aff4dc0bb2319db02243cc5669a17efbdbe

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                814KB

                                                                                MD5

                                                                                2011c80bf7b2a5fffffc7a922bc36ae3

                                                                                SHA1

                                                                                eb8c7fe943d93e3420438a80cb5a9b0b2893ffb6

                                                                                SHA256

                                                                                b01d452f8f1e1e3140e3c86beaefb6443602728d2e9530a5eb89b0555f73c3b2

                                                                                SHA512

                                                                                dcb27c4c4f8957a44e1ad8e479ca9e6339921cde15c43897d8cd7825d6484efe56e59d05ae8c7ed876fed1e78d39f66d2f29082a51f1c2c346fee4103ae73d01

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                858KB

                                                                                MD5

                                                                                6250a1231e87b51b86bc39f4d44d51bc

                                                                                SHA1

                                                                                ec9f8d56cc5aa20f8cdd4059fd2441159167fcf5

                                                                                SHA256

                                                                                73b525151deac9f539fe5349d71e14ef19e914cb69df276016cd2ad8f818cd4c

                                                                                SHA512

                                                                                cd4ebb8e66064e385e1888ad92334166c8b3f18782e54a02b7d7d86105f4d97d0478eaeba22f6323ef357970c79f045d91b2a9b7516f7d2304929092da3b347e

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                450KB

                                                                                MD5

                                                                                ed6ec04140f361da6cc22899dc8b6ae2

                                                                                SHA1

                                                                                dfa0a6263eb1c207a1693b10f0fc581be2f4a78c

                                                                                SHA256

                                                                                f7c9186b9b576f17f7b210a9eb8f09757c46dfd8ea675a53b372f8ce10e56667

                                                                                SHA512

                                                                                624e3a8f2fcbce15adacb1c929cffaf795866718631cbc61ab5bfa6509e4965f4ad0533fa4d4d7bd469a91aa5f12845d9a4905cb07aae7834e3549aba568ed91

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                231KB

                                                                                MD5

                                                                                95ee3d2a32bd1b009e26876993bc99af

                                                                                SHA1

                                                                                9306dc7c614ddf156fb7c5cbddd7bdd3dfbc97ce

                                                                                SHA256

                                                                                c98490f38bdcb0918dfd1bfab8009f1905562b3190ae899870e8f73b3d0ffe26

                                                                                SHA512

                                                                                a826b087a5183f02776a3e111661555debbbf686e1306e8bbc2b44c711fa0b594f724e489e4382302e5beef5d00af603c69e719a2a6c21ca334c480c360dab60

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                235KB

                                                                                MD5

                                                                                f4f097723870c5cfe379ac856235cb6e

                                                                                SHA1

                                                                                2718fdd0345092c11aad9c98b08014445da14529

                                                                                SHA256

                                                                                314589f44db810882883bb71e0fd87ff39406f73508c393c306005ceb230cafd

                                                                                SHA512

                                                                                626a564d4736175005479026454f77993689d4ad17a0808edaba0b8390137612f1321aeb944a732428d53d66f23e127c147f3035681e567cea2a38c1ec0553e6

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                209KB

                                                                                MD5

                                                                                eaee1b865d201e85de0db93d9ad4712e

                                                                                SHA1

                                                                                f040d11baa79c6e1f7173c571f79179d61edd11b

                                                                                SHA256

                                                                                79d0ebe7f345e69c8fbccd39cb878ff04d92c5357f26f6e989ee7b9b85201f77

                                                                                SHA512

                                                                                ce8491440457c7a2203a1478e272e4c4883ad002375f98e5c77f432ec8770ad86c7eee2590312708562dbfa21b02f80ef69e1ea66e0d65a7a0264933c9d623fa

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\app.ico

                                                                                Filesize

                                                                                269KB

                                                                                MD5

                                                                                f20c8bf64e472a36a0830e7cdf7f4cc9

                                                                                SHA1

                                                                                9c13d598c9bf1cbe8faad38f18cb9097f2cdf944

                                                                                SHA256

                                                                                b8959c1bd3e3e26596fc9053b8062388b9d4bd9c988014e638d8aab9f8c8ffeb

                                                                                SHA512

                                                                                e53a3db000de000f427a689055b1168d1c5e4ee4c1cf95b501b78744ea89f6463eb7ade08901f55a9025914f680b56d1cb858fe3102a231f4a08a51c2903d71b

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\chrome_100_percent.pak

                                                                                Filesize

                                                                                126KB

                                                                                MD5

                                                                                d31f3439e2a3f7bee4ddd26f46a2b83f

                                                                                SHA1

                                                                                c5a26f86eb119ae364c5bf707bebed7e871fc214

                                                                                SHA256

                                                                                9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

                                                                                SHA512

                                                                                aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\chrome_200_percent.pak

                                                                                Filesize

                                                                                175KB

                                                                                MD5

                                                                                5604b67e3f03ab2741f910a250c91137

                                                                                SHA1

                                                                                a4bb15ac7914c22575f1051a29c448f215fe027f

                                                                                SHA256

                                                                                1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c

                                                                                SHA512

                                                                                5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll

                                                                                Filesize

                                                                                715KB

                                                                                MD5

                                                                                59f6562c022cb8fe88a2af78add3197f

                                                                                SHA1

                                                                                53b596bc6186060364dc2e552191333cb37eba64

                                                                                SHA256

                                                                                52ce9e97c20d9b8bb7f78305183154d74196edfe5732d2c87ca35ada63b1d952

                                                                                SHA512

                                                                                b4de2fd67627549f899d85590564429ad0b3cd42600e100bedb86129580b0f0fa482e02fdfd08d7fc9ebfb7643a87ee863ad7f155af16a3ef3476d9ea7e07b17

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\icudtl.dat

                                                                                Filesize

                                                                                553KB

                                                                                MD5

                                                                                a803dfb317af4f0435d7f49617039af6

                                                                                SHA1

                                                                                a20f2ef7a6a36a3413fc60ab43fd45a3443401d2

                                                                                SHA256

                                                                                03cb0e4988275140fed68633f408f88f092f75d5f05c282da7833cf3b72cf3d5

                                                                                SHA512

                                                                                45a7be2fdd501e391785182723cf1856e7334f30e94d8788377a62299539ad2be678197a6434c911ce47a5d6b895390e296af41371ba3039d63af1f6aef43072

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\libegl.dll

                                                                                Filesize

                                                                                134KB

                                                                                MD5

                                                                                33c5ef8a0ea11bea8d7ed23df94a9ced

                                                                                SHA1

                                                                                bf706987a2f57123f2bddecdc9eaf021e96457c1

                                                                                SHA256

                                                                                2702128b4d730b0d5f13a570a26116badd6cb29b369c89c280d6c041cc6047f7

                                                                                SHA512

                                                                                052ac71bd3f3a94e6ccf97ca47c592498f9abecd3d3d88469816ebbe08d7429e106381036157a9e57a3e47a3b7b81808212b2f609832e6b08cf794a88d472b38

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\libglesv2.dll

                                                                                Filesize

                                                                                117KB

                                                                                MD5

                                                                                45daf7d5f0b82db633af523a1f207b34

                                                                                SHA1

                                                                                2675fa80b6bb4147379a6590864f5ac3b404f9a2

                                                                                SHA256

                                                                                53f9cbca6e803fa553bd4325ba310bb7b4d4e2614e6199d2c4a2280ddfeaa064

                                                                                SHA512

                                                                                bf803b840abc9278d943232b063c8eefb879339e3f39df6560eb3a43cb11a739e8012994160566071d43921a20e32150b6c676c40c535c28ad5759a6b98e8286

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\locales\en-US.pak

                                                                                Filesize

                                                                                238KB

                                                                                MD5

                                                                                bbbd1f26d23b25b9e126f473c8b12c7d

                                                                                SHA1

                                                                                b9af3368a3ebc08255ba26b9e2c2674e86f7f3b4

                                                                                SHA256

                                                                                2fbaf08855cbe45d7cf9f8cfa559317c9110008ad29f94cbf5a771284f9f4a53

                                                                                SHA512

                                                                                85da778cfdd63c5c9f25038d573b52f1b4d2d6208736623488b9bc80afb561e89c824deeff837ef0a8466426b7737916768316f85c0c7dd771af6b27f1ef5c91

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources.pak

                                                                                Filesize

                                                                                153KB

                                                                                MD5

                                                                                fac9fa70487e10be003d2e8e0f530a44

                                                                                SHA1

                                                                                f51a4e3c18820e956f68e47b6792001f6af746cb

                                                                                SHA256

                                                                                84b84dbc8237ebe5a911dce996ed757f6185a49e34263990670ef84663e87b6b

                                                                                SHA512

                                                                                1835655f69c4134d1d665b6f1d9ac0f564f28998ba2a36da07ee2768858e1f8b2b0f530da8801bbbedb6edd866356153d277ae71784e322aaaa6576d3548cc63

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources\app.asar

                                                                                Filesize

                                                                                550KB

                                                                                MD5

                                                                                8b693d4b7aacb80fda866d9ddd705c00

                                                                                SHA1

                                                                                7eddefbc0fae6cf9dfd2a68524f185f608f980c8

                                                                                SHA256

                                                                                d8196b30bb74b7d324103f0672f6727002d63a689bad004d9d6734dd1cb3ed9a

                                                                                SHA512

                                                                                3688565febe6ffae2ce40e3730539dae607092b2d035124312a7336ff578eb168259547cd0ff6525fa65a25aa50e4c74716f5761654e199bf51c44850b1e39fe

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources\build_info.json

                                                                                Filesize

                                                                                83B

                                                                                MD5

                                                                                154fa0d6729df74a2f342517a229ee17

                                                                                SHA1

                                                                                b1374448243a4dccaa368746b71d13baa0fe83ca

                                                                                SHA256

                                                                                4dc5d5ea381964db913c5fc2c5e2bf4d35bdc591f6008e72bea2fb80504d98f5

                                                                                SHA512

                                                                                d1205aab830d68f63ccf26ee7f7136acc37b53e073b28ef48e649fd7e92c9df41eada31327c7bb0b006c74a03c44f81113ff1f6eb75184e39944cde8ec987cdb

                                                                              • C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\v8_context_snapshot.bin

                                                                                Filesize

                                                                                585KB

                                                                                MD5

                                                                                3f6f227dc46c0d5262cd6ca9bb7703e5

                                                                                SHA1

                                                                                c8bc76f93cc6305e70f2041a52acfa6c44e9889b

                                                                                SHA256

                                                                                869f5e88fb5e04840f035fc1c3f688e94499c8514bd053c9979413ebb8de4611

                                                                                SHA512

                                                                                566394fef910b8edeb04c7f5c172ce9b361478275463f7eee4b5611536241431fa7638e47e5ac4b9df7467c98b120869b4e4f87e46628b40dae5685897cd256c

                                                                              • C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9032-full.nupkg

                                                                                Filesize

                                                                                197KB

                                                                                MD5

                                                                                824a24a56fecb6acf11a8b40bd89dfb6

                                                                                SHA1

                                                                                f0d8e7da8710b87b5c89361fbc060e83fc1fbad7

                                                                                SHA256

                                                                                6effef80cf512d2464721f16c53b73f8912f9b94301448b961b10e75c5105e80

                                                                                SHA512

                                                                                7270458433159d27002e2fbbe179f40bf54ef353f72217a3693dac7e77d0562b018172ffac9a77ffcd88a2a417d38bc4bd0321523b0a3467022e8dd2b6f71f31

                                                                              • C:\Users\Admin\AppData\Local\Discord\update.exe

                                                                                Filesize

                                                                                485KB

                                                                                MD5

                                                                                cde965956d6e90e7aeef734826a24573

                                                                                SHA1

                                                                                748febfb1324e47ee300102f4dd5abb78215f989

                                                                                SHA256

                                                                                871efef58eb725ef854618fe20c6e916c4c7b8df1dcb77b9e65aca96755565ff

                                                                                SHA512

                                                                                8d8c56ba8406dff95d119ebc0d345573b127b014d2d5abf03ec62203fc3244bbda0d41d6082aac07dd271624b548fa2d208a44a7f4957c4137f423d2fd79c50b

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

                                                                                Filesize

                                                                                40KB

                                                                                MD5

                                                                                1128652e9d55dcfc30d11ce65dbfc490

                                                                                SHA1

                                                                                c3dc05f00453708162853a9e6083a1362cc0fc26

                                                                                SHA256

                                                                                b189ff1f576a3672b67406791468936b4b5070778957ba3060a7141200231e4e

                                                                                SHA512

                                                                                75e611ba64a983b85b314b145a6d776ed8c786f62126539f6da3c1638bf7e566c11daf18d1811b07656de47ff8b50637520cf719a2cacc77a9d27393fc08453b

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                                                Filesize

                                                                                264KB

                                                                                MD5

                                                                                f50f89a0a91564d0b8a211f8921aa7de

                                                                                SHA1

                                                                                112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                SHA256

                                                                                b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                SHA512

                                                                                bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                Filesize

                                                                                3KB

                                                                                MD5

                                                                                670bbd5b4b4890c47c824f61101d33d0

                                                                                SHA1

                                                                                96c9cf78ce26a976cfba7c693032306113cbb5c2

                                                                                SHA256

                                                                                2b4f067c243bb62f9d6de09172bb19a1d279cbeacdc010bdd54e8b4abe2466f3

                                                                                SHA512

                                                                                881fca464b427a72bd38ae7d44022384da274de1b365e0021c8f2072af7af4dc4fda97d0bbe0696894233211f46c3ee459605a7c1b14c415edb422deb6681606

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                b3dffd78b6065109c73d068d23d40def

                                                                                SHA1

                                                                                a9e0a72fc6b9cd4a800cebd479f28d2b7c41d5d3

                                                                                SHA256

                                                                                ad9c2e70a9b7021c0ed277cb9cf7aeba8aa94938952eaf2c74e52b8dff9bfa37

                                                                                SHA512

                                                                                5fed063bc04314ee614ea55272c6f4bb24c0ce5de7e5d4c838f9376d650982cae9a8ca6eac2dabe27f02ed23a43469da0670ad0cd8fe43d5cb2fcd743897a706

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                a595788c5bafee522cc6a8b8afbde984

                                                                                SHA1

                                                                                b80924f216e6baad4c8a97bea79d44bdf8f91b6a

                                                                                SHA256

                                                                                928fc594656d42d5e47b66ed073a0410c3d1bb71705fc99bb27f7990d327d64a

                                                                                SHA512

                                                                                535756e5030a8d03c917491e0036153921f030633398bd30956f6f9377ffc516b1d8ed5d5c0d2325949839607b12636c1733850d2178b3bd05f9a4d07be43c9b

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                Filesize

                                                                                1KB

                                                                                MD5

                                                                                366e4b8344cc02dfc536f36dc3ca9d62

                                                                                SHA1

                                                                                6d48585943aa8c080ec4386440cc3c70631d0fab

                                                                                SHA256

                                                                                7cabe96052556997c39dac583f0cd7e0475ca82575ffb3ad1dceca6df443dc00

                                                                                SHA512

                                                                                80e859f9f5e80f2d234d733bbd60402b30fdcd1403430a10f0a2e8da08d2df5ba8b7376d7f6dd5634f2547cfc36c24786934afa0c02e5a22c1cbeb2add57e5ef

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                Filesize

                                                                                363B

                                                                                MD5

                                                                                58ba6d8186166a2d995dcbf167ecf44b

                                                                                SHA1

                                                                                5410722a9265d356a88bb0ee443521931b535221

                                                                                SHA256

                                                                                9adc0a52c37ba70dd8b65aa1e36c0247593969b82d24ea5f693a8afc810fd8e8

                                                                                SHA512

                                                                                e31de66f964f8422834e36dea672372c0f050e2431c82c094f3e959c86d0739cba180dc4a53cc0e71f3fe56693767a134cf7b1db00dfec43879875d3190ac918

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                Filesize

                                                                                363B

                                                                                MD5

                                                                                343f9b2f2ab6b6f671a450716ae184cd

                                                                                SHA1

                                                                                7277b25a808cc3cc2de820078c46aa3303f4005a

                                                                                SHA256

                                                                                5974b36bdbc11ac2fe290948d7557763c8010bb57065e3a4216d9ae757f1fa9d

                                                                                SHA512

                                                                                c1a8487621bb8be7c2f51f39bc9f32d28a0a0a82f693aa60c7d56052def95df4e86c8b6b4e851dc901bb68aec3e092105c571c30da4aa3f5ac29edc8a82b874f

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                708604a85c4f0acbf751705bdb7eca11

                                                                                SHA1

                                                                                bed7873cc3a336766e11f34df7509501b1502487

                                                                                SHA256

                                                                                972fc03bae7bc9f69e58415314ec8f13c117c9ddf5fe84066632f58cafad5381

                                                                                SHA512

                                                                                150021f3eaf2206cd59f2c5793c8c5f70b6d6ca0ae2deab4aa3e9b94024e48f004910d69d6fe85d0a93e294c6ca7456d94d2998bcbbd16d1b2259f915844c60d

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                3ef96e940a7b42adf37efdd9d51289dc

                                                                                SHA1

                                                                                d9fd3bd3bf468170d8fe07b4364eb2f68ed1c848

                                                                                SHA256

                                                                                76beec867211ed88c06d3523ea1aed6c89cba6ac1d37717af98c7e31366021f4

                                                                                SHA512

                                                                                22c760ea6680e3c3a835eb389356f92adeca5cd55452a3a56f11667fe506544b79deadddea53e1bdedfd8fb15b7af034da2155f025d55d368583df462d073119

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                bc551ce0c24cc83e236192423c8bab60

                                                                                SHA1

                                                                                5279c52a15b3c40590b3a877cbf0819e3d1e415b

                                                                                SHA256

                                                                                524334c4b72e090ec7b0f0361228c5a1d691418cb5fa5d66beeb4788bb75fb32

                                                                                SHA512

                                                                                c628c861a3e5c568338f9e88bd3a4dfcca33ca758e7f54a86c14788d01e75d12fec6d5e5a7da6f7d9c6d0d962a8d4c09910534c5d65612dd16a55e9961ea5c58

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                2ebf1f0e4bb11ad6ce8991026d7d1014

                                                                                SHA1

                                                                                4ebe33fbcee0d3dc8b2efcc4afb2b73a13eecaa2

                                                                                SHA256

                                                                                ea18d4cbafa2ba7dbb89f5b61e194d00af984b52d9a9d1ae1069ec621db1653d

                                                                                SHA512

                                                                                f6d8a695a38d77fba8316718a6792518f532a8c195e3a3b8efad15e35a2ee8e7cf69a4c101c2fe03b18e25d9427ba0d58482bafb919d9b8502ca1e710e48f046

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                5KB

                                                                                MD5

                                                                                80719c00e46a5a2eeedfd20e8066d0f8

                                                                                SHA1

                                                                                3b27602d43dea42afd925cdc7984d1436422ed7d

                                                                                SHA256

                                                                                8e82cde4e7a9e6b6ed99d1997fe31126341791b8b5ce5c1c2edaf8daa12f4bb6

                                                                                SHA512

                                                                                c5b79733bb9efd2b30b282716ba27344bfe9f6df37141c16e377a4cc3542864e4b66bbeb1c540015184f9656348554d35eb8f77e8fb33bce6004b17fafa43424

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                94cde3a80513ee17f070b36773ddc2a5

                                                                                SHA1

                                                                                ff92629ba5e2a80c18f6a5556ccd30f7be71fb2b

                                                                                SHA256

                                                                                cd1619cd5e50240b0a4edf4ea36fa44e15f025ca9f203503ee38f292f4fbbe68

                                                                                SHA512

                                                                                ef9b42c5d0d0ff139e15974801406358434a62a04d7a875219d8ecf8d92025377cba332132b9aa0e17418334a53fc5f5903350b7b5572c9c1392ed6fda89c3e5

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                Filesize

                                                                                4KB

                                                                                MD5

                                                                                073fb0bf6c9da20862b52fd29974cfdc

                                                                                SHA1

                                                                                00c2bfcdd510f5163f9130f6ee1b1d700a57c62d

                                                                                SHA256

                                                                                3d0d1c22b423e3cf9b1a709ef18b32604953aa63b48c5a51c338e7d2cb16605f

                                                                                SHA512

                                                                                639c0cd1f2dad1c513fefe5d9800f59d6c4fa8618f722e1dcc54b84d44026a740557e359d301d79434352c2556f77b04ddce1c84f7481c48fab10b9f3612c281

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000007.dbtmp

                                                                                Filesize

                                                                                16B

                                                                                MD5

                                                                                18e723571b00fb1694a3bad6c78e4054

                                                                                SHA1

                                                                                afcc0ef32d46fe59e0483f9a3c891d3034d12f32

                                                                                SHA256

                                                                                8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

                                                                                SHA512

                                                                                43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                Filesize

                                                                                136KB

                                                                                MD5

                                                                                6517d7bbb0049b72fdb52da11f291959

                                                                                SHA1

                                                                                00eb4db82436ed213f00097754422eeff2cfc565

                                                                                SHA256

                                                                                2912736c11078bc3b253959c0c5c099e7d7bf06c58c0d8d79ffeaca14abd4426

                                                                                SHA512

                                                                                edc2c029d5b0c1a895d8daac49019fb7572cc68a058ba01a5a7a6dcd2ad496e9781a9a7ff37b6f400d3ed387c09cdf1a0d492522628ce18d6f749767da855321

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                Filesize

                                                                                232KB

                                                                                MD5

                                                                                a01a93f563109a927711138cf00536c5

                                                                                SHA1

                                                                                34991f3af1c8d774babefaebe7ee4bbc30e6913d

                                                                                SHA256

                                                                                88f949d8dd766435754a58be398fec0633027bb98592115f2ed6ae3873a633f8

                                                                                SHA512

                                                                                bf6ef75ae082c8cc45981950d91cd07471bb2e15607a94912e547d50f4e5838848addcf4df16e033e52c3458b8d426a0b6ced49f3ce8164687343ab65b2c8cf5

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                Filesize

                                                                                92KB

                                                                                MD5

                                                                                ff3a61ab2d4a13d5ca58984ee3166881

                                                                                SHA1

                                                                                e6aa56d835dbba65b9617b07a3fc755a82715ce1

                                                                                SHA256

                                                                                363d2ab0827b77bfe6151e65d6514f972ee3e655a26c441401a20cefa6742185

                                                                                SHA512

                                                                                a51b9f1ccd9402a237c92e25c6e86ba07510ec9ce939d1ac841040b71a0ecde88b09568c2d732490b993be268744f143ddb72db7fd6109f2b5426966099e442e

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                Filesize

                                                                                75KB

                                                                                MD5

                                                                                ec140ffce78abb8b8425f21bf2523748

                                                                                SHA1

                                                                                a8e1975a8ff3852646a54df7f84845fcdb981f26

                                                                                SHA256

                                                                                ecc76fa67d5ba3707ff222e536e948948d26003f32618133355f4b353f9ccd34

                                                                                SHA512

                                                                                1e15f73036aa7bb69218940a02c8bd1e7a04c95fa20c1bcf9acfab3b9b50d77a643839599d9f1c3eac2bbf0e1ee8926f97a5600535a0fcfd040ea4c1d7bcc77a

                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                Filesize

                                                                                83KB

                                                                                MD5

                                                                                e4795882b68d563697b88058a4456959

                                                                                SHA1

                                                                                7ec2897ab7b73e0b1391669b3ef8a7ee6bed4b12

                                                                                SHA256

                                                                                bfa8f0a13e19d1b47dbbdac91be45ca3d709a9460e13dba49ea2b02145ce2e2a

                                                                                SHA512

                                                                                a64a53bbe6a7320686bba2416af0d44921d0ccfb1ff98f0674c3fde4a2d023dcf03690351c004c26fd8f8ff4897710926dad6269f9e7b444aa6fbd2164a57c56

                                                                              • C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9032-full.nupkg

                                                                                Filesize

                                                                                25.5MB

                                                                                MD5

                                                                                b68b86b87591daa5cb9545d0f8509c08

                                                                                SHA1

                                                                                612bf83659a85b7df85d28e718a742d10ce5ae96

                                                                                SHA256

                                                                                536c6d27a648b8297d5a4d08f553779764ec093ce444d137213d6cc3392b11b8

                                                                                SHA512

                                                                                edb31d7c77d511e29f16109a05109447c3bacd2b04c83db54a52ea97ba1450acf375cdcff8b8333c6102777f55cb442d53616e608b0f8ddf319e989bea84978b

                                                                              • C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

                                                                                Filesize

                                                                                80B

                                                                                MD5

                                                                                ae5c63df2f52fa8ef3530af1135449b5

                                                                                SHA1

                                                                                269077ed0169fba60e5b9fd2c0c697b67b94afe1

                                                                                SHA256

                                                                                236cf449a70a058f0c7a10cff001bd9d5984417c2dad8b2f92a7a391f0519c20

                                                                                SHA512

                                                                                2b037bbf8a7060bdc69fac1903453d41dab05deeb70f57906c2b51f933fdac7aa7a010a15a8fd5923dd0d234dd748d537380d1d22eb6cab571a6b958ac37bd44

                                                                              • C:\Users\Admin\AppData\Local\Temp\CabC7D3.tmp

                                                                                Filesize

                                                                                65KB

                                                                                MD5

                                                                                ac05d27423a85adc1622c714f2cb6184

                                                                                SHA1

                                                                                b0fe2b1abddb97837ea0195be70ab2ff14d43198

                                                                                SHA256

                                                                                c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

                                                                                SHA512

                                                                                6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

                                                                              • C:\Users\Admin\AppData\Local\Temp\TarC815.tmp

                                                                                Filesize

                                                                                171KB

                                                                                MD5

                                                                                9c0c641c06238516f27941aa1166d427

                                                                                SHA1

                                                                                64cd549fb8cf014fcd9312aa7a5b023847b6c977

                                                                                SHA256

                                                                                4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

                                                                                SHA512

                                                                                936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

                                                                              • C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\CURRENT~RFf78cc44.TMP

                                                                                Filesize

                                                                                16B

                                                                                MD5

                                                                                46295cac801e5d4857d09837238a6394

                                                                                SHA1

                                                                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                SHA256

                                                                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                SHA512

                                                                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                              • C:\Users\Admin\Downloads\DiscordSetup.exe

                                                                                Filesize

                                                                                12.6MB

                                                                                MD5

                                                                                f7c121c514026ee9de01cc743fd87b1d

                                                                                SHA1

                                                                                b8881ff5936291c032ef943b0a5e4f25853baae4

                                                                                SHA256

                                                                                7e4a7099806177ca2147540e2c6f7e1caff471efb75c2698e3b848efef772621

                                                                                SHA512

                                                                                aaf550fd3bf3d6c0ddd515632bd8bc13cbe3be966bf661d9de5713ecd8c8e8617e23fa17dfa287e2446a61d4076cea059a875497aa0bbfe0e820b9a2450efa30

                                                                              • C:\Users\Admin\Downloads\DiscordSetup.exe

                                                                                Filesize

                                                                                22.9MB

                                                                                MD5

                                                                                06d65e76b32442476161d4feebf74c28

                                                                                SHA1

                                                                                3a490801015b1ebf5fc5a534e50f788e05da8400

                                                                                SHA256

                                                                                8d342a331213864cdd843f8fcfb1d47d41de5b8b33cd0f09013e59a2816c7d01

                                                                                SHA512

                                                                                229d82210f3ff750a3b59eefc1a747671206321c1a22f1d441347ffb0a5142318337f605d2eab759b72a575c0619b0b08fb960dc8fbd7ed80eef4e553417b52b

                                                                              • \Users\Admin\AppData\Local\Discord\Update.exe

                                                                                Filesize

                                                                                256KB

                                                                                MD5

                                                                                7bf7667cab9d67af3f34d01ca821bde3

                                                                                SHA1

                                                                                7d4eee9f24a60996b572193fa8d0858c8a71d40f

                                                                                SHA256

                                                                                f6d66dc1202495dde342a43119bda8ddf9b8652e9fbb5712d3bbe3101d12c17d

                                                                                SHA512

                                                                                02690853be9d814bb2bae4a07260d1c1a42928a6776a70e8f19122c396ef71d5c2c414db3962f6049ca9c7e768da9bfd30390d1583a7a9cb4105c343708e0d04

                                                                              • \Users\Admin\AppData\Local\Discord\Update.exe

                                                                                Filesize

                                                                                109KB

                                                                                MD5

                                                                                518e33665cbcc583c9047b62baab5edc

                                                                                SHA1

                                                                                a5ef26ac240b6690eab8d1e0aedd257d0fc41c5c

                                                                                SHA256

                                                                                6eee3d8bd7bf810ef93db65b4354eb154b56addbe4d5d16d7d2ecb1bf0b24fcd

                                                                                SHA512

                                                                                c7702c82f0922c644faffcd3da1b8c23b6fd70781bf4544a086f77518aea19241390d98e7e5ab802f60a89db203ba6e5d5b8306abf02e293926fb751ae82341d

                                                                              • \Users\Admin\AppData\Local\Discord\Update.exe

                                                                                Filesize

                                                                                94KB

                                                                                MD5

                                                                                2957d4c3aae35e07da852255c4fb7192

                                                                                SHA1

                                                                                ccbfc89faf894f417811319f633d343ffdf4568b

                                                                                SHA256

                                                                                39a2ee6e77a1e6da5c45e999743644147a94d4fd7d6e40cce378b0b551f88411

                                                                                SHA512

                                                                                a9676224fd34171dc6a90b539f367cd5682663001844999664fb04182f57614c31c6ef11f3b27cebb1aef10944e1757a15c66aacfe79f016cf622cdd8e56d3be

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                798KB

                                                                                MD5

                                                                                61f014275842c1adb8da41fcf373a74e

                                                                                SHA1

                                                                                d29490901d079df534d48560f38f64d4faeb0da4

                                                                                SHA256

                                                                                a0365b8621c268b450569e7c09e08c4e7340264aefadfb6cef404a794ab83648

                                                                                SHA512

                                                                                5006682d4e885fe4fd20323f8fc946285552c4d2e692678cd53b3d5acdc37a9edb8b2ad30e1fa8490b355b910496479d3b6a42467b597e848048a9916774dbce

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                955KB

                                                                                MD5

                                                                                0226aa890a964ee401ba303d723b202b

                                                                                SHA1

                                                                                35b8e17e79e33ac5b48f80fb4cb16f015121f080

                                                                                SHA256

                                                                                7f0d670917b88bb0e8caccaaa27dcc6d27d9d0b809437c5391dbb2013b8cda35

                                                                                SHA512

                                                                                accbdac8c64da3564e2ecfa5c0daaeb4babb31b956f8b41fc81fd973c7c61f28272697b93972d2ef1bd030e3bd5626642be673acdb980456c3ad9d03ccb572ea

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                1005KB

                                                                                MD5

                                                                                a945f953a501f8166b1be7712d3f5749

                                                                                SHA1

                                                                                b7d6505792a4c593f39cfa3351161a69e9260557

                                                                                SHA256

                                                                                732762913924507c2643767bcf28d72e3607f4fef6c75831656113b5468e5fd7

                                                                                SHA512

                                                                                8036d73905873a35489c0487c2a97273a1682c5f73abac7675be318e7bfa181c465ba58ae1bf0202a63239942674cb1842adef5d61ecb6a0b54a21fd3c5f2c4e

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                182KB

                                                                                MD5

                                                                                05169a11e89926db02febc6ba20b5ea6

                                                                                SHA1

                                                                                0916191e240e25bd83dce64d03f6e1800f5ac48a

                                                                                SHA256

                                                                                d78eb75d2e8697a952fac32131716b6ea7b93cabdef27cc9dfd73c1579eba60f

                                                                                SHA512

                                                                                3d43b0f7821eb04ab68a4aa12f85c1164cb8c44559ddbc872a58846c2ce6c9b9b2ab0d51d248f91c3220885066eedc71b0270dff777db64a667de50376b7c771

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe

                                                                                Filesize

                                                                                140KB

                                                                                MD5

                                                                                45cd309024ebc0cc969db9b2ac28e09b

                                                                                SHA1

                                                                                6f96513e6223f16108921d41045c5a636fb4d8d9

                                                                                SHA256

                                                                                b754094ceaacc0babc99edecebca132e953cb853bff2a759c5792c9e98a9ca2e

                                                                                SHA512

                                                                                c2ea1fe5086e4b461cddeb4b8d4d490791ecc2bbba1e8a9e316b22d221c1a1f437d21a89c3ea2e2bdc95a42733b5e8a78ace85a166e4ee50b99f887013b18113

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\d3dcompiler_47.dll

                                                                                Filesize

                                                                                150KB

                                                                                MD5

                                                                                8a83ec01280bc5d6dabf0385556ec68e

                                                                                SHA1

                                                                                e10c6ac3ba4e35b7dc169e3be9361313c372674b

                                                                                SHA256

                                                                                d6246538e98a250f69c3b38567cd233ce440ce43719e8bc3bd8927662afb0b6f

                                                                                SHA512

                                                                                749c2d38547a314ab3e9fa81fafa5364593e754b4b747f5e03547c2c4aba769443023ad154dddd5b35afd590e7e0695d8ebf662dc082c2850d4f68ed7ad5b7e0

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll

                                                                                Filesize

                                                                                874KB

                                                                                MD5

                                                                                02ebd52d11c212c2ab13ad311b2a836a

                                                                                SHA1

                                                                                7e63b1a7643a251c6bcc2dc04a54a4dcfb26c732

                                                                                SHA256

                                                                                f9cb3bc8c43001b2d774cda28758d136902785e9ba1cc93b9e68791074f05556

                                                                                SHA512

                                                                                0fe8a0eb2444b264f6678c4ce0bb29d34e10e1ee1bd5f6030218af4c19d37f4cb4c1b072234718f47fa295b01b78a403be1f7f0d944318b043cf9af3082ae934

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll

                                                                                Filesize

                                                                                412KB

                                                                                MD5

                                                                                13b98100ae29b4fa8d73c00d69c9bc25

                                                                                SHA1

                                                                                37a1a878a17b1ee8b495945eaabf3a282541a875

                                                                                SHA256

                                                                                55178d346b423873ee583eea427812cdd104bb6277a0f1f801fc4158c29212bf

                                                                                SHA512

                                                                                e799386a7363a72ea2c9004627101f194e141af4d3c31b990c488e4f46922785c8859eefe345c73ebb3858f80d93b9c9f71802767fa6383169c7570be5d7b7d6

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll

                                                                                Filesize

                                                                                168KB

                                                                                MD5

                                                                                4ad9fe5b7d0b1e5abb0de7f057f20b3e

                                                                                SHA1

                                                                                6a4abaa8440622d72adc9b8e38be9f53f5730c3d

                                                                                SHA256

                                                                                fa60042bc7b818f8f429f9cfd6a9262be823019153834c4dc136c08047c410d3

                                                                                SHA512

                                                                                634b2085ddb003fb9e33db48d687046c959a054cc2db57237ab62db3586e955a198352259b74326a330cdfa790bf56b6993a8f9ee2d052210ef71a9610fd84d6

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll

                                                                                Filesize

                                                                                214KB

                                                                                MD5

                                                                                f45a529bc767bb3ccecdeb9439401735

                                                                                SHA1

                                                                                200c2d7692ec7dd09e2ccadefdcb38815a343a6d

                                                                                SHA256

                                                                                2c612596f6ecdcd2aab11562f1bd728aed618bdb8ea0c40cf2dbf89ff45a8c80

                                                                                SHA512

                                                                                f7ad051ffa36b20ce47bb98dfb8701b35995630434400378481ec6e1eee98d9d1f8df7064cda7ed40c30cdedeca503eb47a0d8e18b8adcbec51ce705ec205c18

                                                                              • \Users\Admin\AppData\Local\Discord\app-1.0.9032\libGLESv2.dll

                                                                                Filesize

                                                                                47KB

                                                                                MD5

                                                                                44d66237b215ee32b6eb27e8fd2969f2

                                                                                SHA1

                                                                                08cd77e6b056d34b14d40092c7e6baa6f7e61036

                                                                                SHA256

                                                                                88795d58f2600656b81f2ae98f6f42782b904d91f2e4b593ebba4def24c0f038

                                                                                SHA512

                                                                                0e71e263bfed465e1fb7968d055c09187a42fc96c7b5dbd00bed3a8248da4d97b298f78bf791fb16b958579826ab84a8367646540a5f571177c5106115a6b7e2

                                                                              • \Users\Admin\AppData\Local\SquirrelTemp\Update.exe

                                                                                Filesize

                                                                                1.5MB

                                                                                MD5

                                                                                28f41e3c6b07465128bde253d66164d0

                                                                                SHA1

                                                                                e4f1e108d30da01be709882e378a4b42c1b21e19

                                                                                SHA256

                                                                                85da3ea63342c060f421988ea402e40091035fdaa5e85e93a62789a4740b314d

                                                                                SHA512

                                                                                1c0633ced4076005967a01712450e73c18618ef983bf37ffa804ae10c822fded1ae55260e02c2175ced130cfb7825bc5af35072156295a832f8cc53bb7e4d43c

                                                                              • memory/1484-1060-0x0000000004520000-0x0000000004560000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/1484-1059-0x0000000000550000-0x000000000055A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                              • memory/1484-1061-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB

                                                                              • memory/1484-1054-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB

                                                                              • memory/1484-1055-0x0000000004520000-0x0000000004560000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/1484-1057-0x0000000004520000-0x0000000004560000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/1484-1058-0x0000000000550000-0x000000000055A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                              • memory/1568-1062-0x00000000004A0000-0x00000000004A1000-memory.dmp

                                                                                Filesize

                                                                                4KB

                                                                              • memory/1728-880-0x0000000000B80000-0x0000000000B81000-memory.dmp

                                                                                Filesize

                                                                                4KB

                                                                              • memory/2280-25-0x0000000001EF0000-0x0000000001EF1000-memory.dmp

                                                                                Filesize

                                                                                4KB

                                                                              • memory/2280-26-0x00000000046E0000-0x00000000046E1000-memory.dmp

                                                                                Filesize

                                                                                4KB

                                                                              • memory/2280-27-0x000007FEFAA10000-0x000007FEFAA5C000-memory.dmp

                                                                                Filesize

                                                                                304KB

                                                                              • memory/2280-24-0x000007FEFAA10000-0x000007FEFAA5C000-memory.dmp

                                                                                Filesize

                                                                                304KB

                                                                              • memory/2500-597-0x0000000000700000-0x000000000070A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                              • memory/2500-563-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB

                                                                              • memory/2500-843-0x0000000000C50000-0x0000000000C90000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/2500-1036-0x0000000000700000-0x000000000070A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                              • memory/2500-564-0x0000000000C50000-0x0000000000C90000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/2500-562-0x0000000000CB0000-0x0000000000E26000-memory.dmp

                                                                                Filesize

                                                                                1.5MB

                                                                              • memory/2500-592-0x0000000000700000-0x000000000070A000-memory.dmp

                                                                                Filesize

                                                                                40KB

                                                                              • memory/2500-802-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB

                                                                              • memory/2748-870-0x0000000000250000-0x00000000003C6000-memory.dmp

                                                                                Filesize

                                                                                1.5MB

                                                                              • memory/2748-963-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB

                                                                              • memory/2748-872-0x0000000002100000-0x0000000002140000-memory.dmp

                                                                                Filesize

                                                                                256KB

                                                                              • memory/2748-871-0x0000000074360000-0x0000000074A4E000-memory.dmp

                                                                                Filesize

                                                                                6.9MB