Analysis Overview
SHA256
e66aa15e8cd1227dc654ef8f70b4cf0e6e7981c9fe410134b2e0912305e7f81d
Threat Level: Shows suspicious behavior
The file BloxFruits.png was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Modifies registry key
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-03 04:28
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-03 04:28
Reported
2024-02-03 04:31
Platform
win7-20231215-en
Max time kernel
34s
Max time network
149s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\BloxFruits.jpg
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7139758,0x7fef7139768,0x7fef7139778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1124 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2320 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2312 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1344 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3012 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3412 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3420 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3700 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3764 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3720 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1412 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2700 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3496 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2352 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2740 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3172 --field-trial-handle=1292,i,284341523384549957,3397066865376217620,131072 /prefetch:8
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --squirrel-install 1.0.9032
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1472 --field-trial-handle=1304,i,11045235777302946564,8277856958394584527,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\" --url -- \"%1\"" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1304,i,11045235777302946564,8277856958394584527,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9032 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x374,0x378,0x37c,0x370,0x380,0x8f75d78,0x8f75d88,0x8f75d94
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9032 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x358,0x35c,0x360,0x354,0x364,0x8f75d78,0x8f75d88,0x8f75d94
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1124 --field-trial-handle=1272,i,13268431802630097706,17723823721104921972,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=disclip --bypasscsp-schemes --cors-schemes --fetch-schemes=disclip --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1396 --field-trial-handle=1272,i,13268431802630097706,17723823721104921972,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=disclip --bypasscsp-schemes --cors-schemes --fetch-schemes=disclip --service-worker-schemes --streaming-schemes --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1912 --field-trial-handle=1272,i,13268431802630097706,17723823721104921972,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1124 --field-trial-handle=1272,i,13268431802630097706,17723823721104921972,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.212.206:443 | apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.16.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | assets-global.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| BE | 13.225.239.7:443 | assets-global.website-files.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| BE | 13.225.20.138:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | udp |
| US | 8.8.8.8:53 | assets.website-files.com | udp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| BE | 13.225.239.36:443 | assets.website-files.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | dl.discordapp.net | udp |
| US | 104.18.48.115:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c59.gcp.gvt2.com | udp |
| IT | 34.154.74.59:443 | e2c59.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| CH | 216.58.215.227:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | updates.discord.com | udp |
| US | 8.8.8.8:53 | r3---sn-1gieen7e.gvt1.com | udp |
| US | 162.159.136.232:443 | updates.discord.com | tcp |
| CH | 74.125.173.168:443 | r3---sn-1gieen7e.gvt1.com | udp |
| CH | 74.125.173.168:443 | r3---sn-1gieen7e.gvt1.com | tcp |
| US | 8.8.8.8:53 | o64374.insecure.sentry.io | udp |
| US | 34.107.197.19:443 | o64374.insecure.sentry.io | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
Files
memory/2128-0-0x0000000000320000-0x0000000000321000-memory.dmp
\??\pipe\crashpad_2348_BFLYBMPUPZMNBRYO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Temp\Cab9E44.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar9E66.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0703c3195ea35a98373995749261a68d |
| SHA1 | 4bae402db62b390fd3db8add4cba9c6e4bcb8d03 |
| SHA256 | 97e621fb07088089372c212628b8e75693387e063e06610867d9627972a6a5cf |
| SHA512 | 82e31e6bff4f4d1952d72efa8454aa88c00f31e3ba1484b878f5d64ecbb21cb70c662e2821c0ea1fec4a4229df22039f77f43638401695fbf69cf3ebf90d7bc1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27604ddb99cb59591d268dd59ba16c9b |
| SHA1 | 552050baf55da884a45d074301124bb126faeddc |
| SHA256 | 3c303a0b53e67ef21ab56c9ff61075cd5d93f53a1d2f666dabf91e909cf7a71e |
| SHA512 | 0220da612b2f083aafdc5cf2bd1d8f9b42338d13d4f0f90a21ad0b95066cf6d600154f812d5d19fbe54926ce6830cf10530efeffa4a6880d3daa6bf0c4af94e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | bd267cd22c770258683734af4ad12246 |
| SHA1 | d77d45449a7f8ba70546bce909e0f910dd5529c0 |
| SHA256 | bd90a134979c5a4ab4464a6633cd78c43c3177ef98b832221be8347be15344d3 |
| SHA512 | 484c98d1f80905668ab709dd8d34ef2f1a76d67a93441fa4ca115b1cd1faab6e7c9bb8fcb1459c635b03cd9c04da56902d0c8a809f5cfac8f60f54f2d6ea76fb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9459618a80a42e871365406a748d88d4 |
| SHA1 | 05df3b56e449fab4dd2dff05af28bfe646866164 |
| SHA256 | 4dcda9c37528e1526a358d2de7a30d1df8be7f64fa3d1a8c6c6e5204116d3f44 |
| SHA512 | 4dd16b493955156b299e9e328c9bbd00dd2dc857ddc93ce7e2af51a507a19d1084f2326f99ada9510dfe65051e04ae1c51312e100c3256b7714bda46cf17f146 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3f7019d7efd5ffd20d37f10639a30049 |
| SHA1 | 3030287fe70ca908e6a030a15c2f97ca34700880 |
| SHA256 | d63afd11b155f4cf150e9ab6952bca7ac95035db47c0bc08f64e7f0c80de34df |
| SHA512 | f9df53b10ebafb2b9ad3ddb4095974d82bb33bcfce1e908bdda625ad0a3b3ea9c1a28cbc5aa66a1287e98e3da745b494bffc42e569ff68fe1e8043532b2f441a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3051e52682057c125a1cacfcf8410df4 |
| SHA1 | 189a3931c2b33cac0c4b0226ed9b60f770e7bf34 |
| SHA256 | 050f507ad268b5f0069153fa61a865fbc7ff2b8bad145f7a4c1e8c20e4ba39da |
| SHA512 | 1d595376d3ccb9ac284a65e5698ba83447fed04573caf7066e2376e89a8c12586277cfe84d5e1175d04ce58a8d6c00d728c43eabdca8357e67e56c20bb537a95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b50da7a735e20917e2d2584cf3b83a4c |
| SHA1 | 7ac4b20243f6f8227f059c22c19781ffa37eb150 |
| SHA256 | 33e5ab445b18d6fdbb1ee08e1719492297f7ff19ec7a5d95061ca92d5da777ed |
| SHA512 | 3f46ca3058ea1b3f4e8192eef3fd8fbe476e6a4b858d5343009a1d00b2be98e63d2bf16e77e73652f9d5d769101931e3ff36901296476a8aeb9ce657d2084086 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 137f4b09e1b25315a6027156ad547865 |
| SHA1 | 5998cb6acdd7de108f8cb20c8b0d55093cb63154 |
| SHA256 | 96cefa73914a66f32d4c3aca10e2e4b610e21d3ec0b4fb51e8df0ac438374f0c |
| SHA512 | af967a6e89a94103c5443e16f2859ca11caeac32c93f93af7c9c2c0065e9819d00219b9a87a3d1794180bc1ae2bacdccd700b9502c6a63317ee2819182d16ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a0a6241bf05b0e4e0cfba59353bbc94c |
| SHA1 | 9dabfda502db42ab1cfde08250aec361e461cdee |
| SHA256 | 4d7d734a16ee2062e6c8ecbf4c6461d03d806148b75d4a74ed0f865848ad7af6 |
| SHA512 | b1d57e48d0e3f161bcf0b0e605911999a4416aa1225319d6ca81f4e47a2e12768b9d98f9402a4f5f4dda02ad6700fb66ba691ed7f8dbb8f859267671f537e5ff |
C:\Users\Admin\Downloads\DiscordSetup.exe
| MD5 | 757ef4b325bbbe22a5a649cdc7826c37 |
| SHA1 | dfa0c65a31beb9ed7a30dfe24e663407b67aa462 |
| SHA256 | 92d73f08f7c21b1f74c6fe32664d6ab83312b94014c4eaa4e9341357b8670d13 |
| SHA512 | c7e5b0de96e0d68f25dba4a035f9f73a59f78dd3677c3736f22885a4b7f6742edccc3a5f7f91229fcf3a62f1c9164cfdddd50a64e88ec4f87a79c34e94f80d65 |
C:\Users\Admin\Downloads\DiscordSetup.exe
| MD5 | 7d1258ebba116b6f18d06c6a55f2e98a |
| SHA1 | c5ca2790ff2abd760e4870917590ec9460d17f1c |
| SHA256 | d7f0f5a18ff1bd7b3dea48b9a364619f709a1928d21cb01311b4feb52ded85a4 |
| SHA512 | 6ff14792255544f7beca2a3dbc49f97837a04d1af213d0fc5ac41f4b5e5ae73edca459ffdc0efc6b363fddd6ee4967f53be05680037761306caa13025a8ff62d |
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
| MD5 | 7087bacc7fd161546b99f61810b039fb |
| SHA1 | 131e4ecdbb34f696f9e2c5e2235a365dd3fd1a51 |
| SHA256 | beaf366f8710d6164032b7512ddc0781c483aff033cfcc94173dabd61baa59e8 |
| SHA512 | 782951ef5aef705024dd719bb29b4a2bf4dc5cc92e49ee4467d82e17e48cfa9eeb33ae00adf6ecf987d12b3e219e4daaffecd8d8e732765b120aa78ca06a67ef |
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
| MD5 | 43dc84d918d453762e0074474bf46f4e |
| SHA1 | 31b8596710dc5d33443f5bce372bcd841b1b23c5 |
| SHA256 | bf3da9c58b8f51acac8b9e4ea04cb3d07284077817db872e2e8636ac3535a67d |
| SHA512 | 5716f7dba315f5e0cdcc3c90edd4a0c99d6a57f4addb52d997b185fd8216dc19d774569fa4e59d6525aebd8c1b6b096be565c1d364b2dbcb893ef3b3774f38e5 |
\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
| MD5 | 6539c65bd970bc64ff6322071da932e2 |
| SHA1 | 271bd2b81effda901493a79575d36eb454d66b89 |
| SHA256 | cf7d2bdeba1db047061237e6521eb77472da8360d86b74d1a1d48f5bcef68408 |
| SHA512 | fc362b1453142bc0abcfa8a42c1e8f9106f42591adaeb0b92167c62a09dccd380eecc95913c9a452c26eb6283e8c37ff23ca9b9f3cfeb54f0efb0f48a6f68f2d |
memory/1488-536-0x0000000074830000-0x0000000074F1E000-memory.dmp
memory/1488-537-0x0000000000220000-0x0000000000396000-memory.dmp
memory/1488-538-0x0000000004390000-0x00000000043D0000-memory.dmp
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES
| MD5 | ae5c63df2f52fa8ef3530af1135449b5 |
| SHA1 | 269077ed0169fba60e5b9fd2c0c697b67b94afe1 |
| SHA256 | 236cf449a70a058f0c7a10cff001bd9d5984417c2dad8b2f92a7a391f0519c20 |
| SHA512 | 2b037bbf8a7060bdc69fac1903453d41dab05deeb70f57906c2b51f933fdac7aa7a010a15a8fd5923dd0d234dd748d537380d1d22eb6cab571a6b958ac37bd44 |
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9032-full.nupkg
| MD5 | a6afc3db1c9ca15d91c0b6a56d0d0bb1 |
| SHA1 | 83485f5bf1e9711716fb92b8bcb2a729b9d09df1 |
| SHA256 | da0510db6e71897efc6578719564489aa89ce401a3e0b8d0a85309d63ba6db5e |
| SHA512 | fcbede6a09453148c461130c8c06a52ae9d09616748a1a07c322458a8d2b804c039c10f9ab5dcdea4ae8ba975d53b9682b404bb7b53f14d266e58e7e4c73e772 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | cb7c8a594807c7a135ca8de5bb1336f4 |
| SHA1 | 01802c72b71fdfc8177985eee2d214d649fb0cdd |
| SHA256 | b93ebbb5b72cda2955ea029cfc872f2f9313b8e3847df7d58f816a444ba09b7a |
| SHA512 | ff6c51a5ef855fcf969a9f9174839084cf14983d8dcd23e0823a3cc63e8b863e003c8ca99136de02bd44d4789594da56a5e2a584d91bf34ef59c77be356035a4 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll
| MD5 | b786705caf9bc83d4742c687005aa048 |
| SHA1 | 35be5ceeb30371e8759c2ce2031680775a612431 |
| SHA256 | 78db12ee00bc0a59912f13ce2a35cc13f9ddb85b6baf0e9095d37e31d8e7b603 |
| SHA512 | 1da8e039fd368bed63d13dc1ea66b83def790ee874fee670e8ccc508cc59bb4badef750a1deb1b459c5416fc7dc421b0009804e3e2059eb66ae2a5100b781c9c |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll
| MD5 | ba9137527e29bf59b040fc67861ae753 |
| SHA1 | 3cd1d4d2cc7f97d230707468fa74f7f1540a19ca |
| SHA256 | 19e2dda20711d75247adb4dd571cd30b486b49cef2ea74ff0b01e33d6b9e7b69 |
| SHA512 | d5a6d95dc681d94a29875ae7f843ef4f3fc6db5a6e5f116a7a126c160e2749d16dbf3835b72250d5fb4627449a6bee0ec245b01b738b670a1098f0c443e75d64 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | 624a2585f99d8380eb908398841008e8 |
| SHA1 | f354a4c38d2ff197b81f9a25330a274f53354edf |
| SHA256 | 79ade4a97164e926459be4254ae4b2de0b6dc537ef2b30340d8d28808aa454bd |
| SHA512 | 7bb7cad17c0c3bda52a9cc062e1adf486d182a9b8b69bdd3d86ce6b0ac3c8f44112b6658f02d75f2f66365278db624e15ae2d5bdeb1cb27536b471ce994a9cfa |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\v8_context_snapshot.bin
| MD5 | 94d8550a66293fa376fde121fd65860d |
| SHA1 | 0b6227d92aa24326c36d20031424a2ed357a69cc |
| SHA256 | a849fa3f72cd64f8c17c3705a2ef6c3bf7a57cf269f4eafc9d45e6e26d5d1572 |
| SHA512 | 3d32cfba3408f2cefb4b4b837dfb04b186528dfcab93a808af88fcaf5a30e8147530606c41a7a661154edcb7306718bbb959a3a95aaed888bc64f6adb541321e |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\icudtl.dat
| MD5 | dace1c8d664f09ef99bd1a3223a36fc2 |
| SHA1 | 8b63670e387f68c37c166f1c3564200dafe2265b |
| SHA256 | 8bb849b473a3a1ca9e1cbf5f0ad7fe49d27e0d23c5a8653d5920da705f03c390 |
| SHA512 | 36796b78e7f5db16e35b54a8d14d7bf955827ff3c3a1e716671ad248f3a9912eaabd673af98acc22f4a4ef1f4cfac4f0091423f92a8d8d0fdb9d2e4077ad7dac |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | 00df336cb6d35623c666a3c2de3cb28a |
| SHA1 | b60d1994e14e0a65c0fb20269ab3bd6821e640a2 |
| SHA256 | edcf0f258578d4662392a75015df4fe40b4f3e218145ea504a05902a3c34ea68 |
| SHA512 | 1fa34ebd9d29bcb5420740947ece3b94d1df392db98db8f5a97af1bb1fa2994f51264eb49de370d36620f67aa34b5ba1bc6d88ce740af2dd3a057af2d8f054f7 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | f63872c957abbf656ae50682ba870caa |
| SHA1 | 7fb532de9c51811acbc647ebeecb6a91edf48485 |
| SHA256 | 6b0bfa5a20734b9406ec690f4e7d3a1d5aea730bcf7743a3c30b320f20d4c06b |
| SHA512 | ef05e5972e70c3d6ca55062c922cfe1ee91bd32a8b35dc07e6ab2a9f9e16870ed179dc5e01347a88e9e41a4e4d7f4cd77280e6b8308595a25279bb8c44a6ef39 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | e3891d12c5d5bdf9421afe503a256971 |
| SHA1 | 7bab8c5c8dacc17f743fba4596d64f6805b9f6d7 |
| SHA256 | 8ce056e670bcc8d357c5df6ae174965be0d0662d46cedeeb2ce9ee66e57a2a79 |
| SHA512 | d1a864658ff15ac83cbe1e258fe7973c05d2e7f5609b31704354be291ef933d254d3e3a3e8463263381a70a1dd1a08257df8fdd5b7534e9a44aa643dd5d166a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c52e45610c8a73e479f10c3cf965671 |
| SHA1 | 2a1eaf4d07e6eb725145ce518567723f0fe80739 |
| SHA256 | 86d2982407d50842b8b6a2e30d42c2b0f88293a6aff4306a9a91a36347f1ceb1 |
| SHA512 | 008540c88f356a463afc0c39fe7d239f8f219bf66d44d4a365eefb8126f474f4990fc0c028a6b9dbbd552414c284a290da04ad0c3f0efd723ac0d24e581d6cc7 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources\build_info.json
| MD5 | 154fa0d6729df74a2f342517a229ee17 |
| SHA1 | b1374448243a4dccaa368746b71d13baa0fe83ca |
| SHA256 | 4dc5d5ea381964db913c5fc2c5e2bf4d35bdc591f6008e72bea2fb80504d98f5 |
| SHA512 | d1205aab830d68f63ccf26ee7f7136acc37b53e073b28ef48e649fd7e92c9df41eada31327c7bb0b006c74a03c44f81113ff1f6eb75184e39944cde8ec987cdb |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources\app.asar
| MD5 | 0c18c403a8dda05d92a505f33af14846 |
| SHA1 | e393ff1d03b0b44e0e0f977c99fc66f73375e9f4 |
| SHA256 | e3f91c2f74c49afc32df69286811a86f62a396ff232c68d52c14d240d543130c |
| SHA512 | e50da4dfc7b2f1a423cf711783ab5040f4ed2e7ddab9368d10139f061da259c94080b208894261532a9147c3715c30c4b5c32389caa57b274e1fa9d581a0450d |
C:\Users\Admin\AppData\Local\Discord\update.exe
| MD5 | b2f65117dcdbc7b505dac25ff258e0c7 |
| SHA1 | 17f0a54629f426f51edad6ecc6fae42cf2e18789 |
| SHA256 | e9997e221722d36606540072eb9c5a7dbc15f322a875f699243057c6730c71d9 |
| SHA512 | 1bcdc413823912179ccf8998007209ea306c14cbc908502b932a611fa7af2df009382ef5a0ce5c7a440a2a70ff2965bd707719c8c72d5e45435f25abeda6fc29 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll
| MD5 | 42a2f26ec23fb835e2c92d271bd4ce90 |
| SHA1 | 5169214481297f909cda6195f2fb740664825199 |
| SHA256 | 6e10878ed4c80deae5ec1be7c7e11836df4b5042d7b0bb695c93b28079925547 |
| SHA512 | e3f409dd5e5ed5b1072a2e917ace6ca9e59039380668fd1869fc2eb6a7f4ebbb2c2678e1d793878076dcf742e3fbfef062c3a34b2133ea9ba88eb8e9c2c46209 |
C:\Users\Admin\AppData\Local\Discord\Update.exe
| MD5 | dd522a15dfb15b9a412b985754ca25d1 |
| SHA1 | a549a3d8b204599a700097b0c61ebabedb68a9e8 |
| SHA256 | 4f37e8cc83de47ab4e0dd148c61ac93cb6466e00c7267e378d43596fb57174de |
| SHA512 | 194cca2d73a55107f7dcb84be95587c2e3a6a925f0fd07438670208ff5936ddf2322dcceab6f8ca849deed05f20cca9f06a0aeb0105b4e1fd15d1839fbeb2e8c |
memory/1488-765-0x00000000006C0000-0x00000000006CA000-memory.dmp
memory/1844-764-0x00000000000C0000-0x0000000000236000-memory.dmp
memory/1844-766-0x0000000074830000-0x0000000074F1E000-memory.dmp
memory/1488-763-0x00000000006C0000-0x00000000006CA000-memory.dmp
memory/1844-767-0x0000000004D30000-0x0000000004D70000-memory.dmp
memory/1488-768-0x0000000004390000-0x00000000043D0000-memory.dmp
memory/1488-771-0x0000000004390000-0x00000000043D0000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9032-full.nupkg
| MD5 | 38d4dfefb82977801472a16ecc207dea |
| SHA1 | 76e1a3e623a2e79f2226d39ebd94fce91ebc0ef5 |
| SHA256 | 4a91929470909e693e3c49b16f7b3b1e08f96273a12caf117f947e3f06da64be |
| SHA512 | 92b29b0bcd34d563f7845880fb1654cc97c4adaddb3b46b9778edab3bc20d7668d49f5a1048ece3fcde07fefa55bac086ab7e89cef6848879076e95e66a171c7 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\resources.pak
| MD5 | 61d5307f67c327efb57c6b9506dbe671 |
| SHA1 | a5cfadfc2fae4c9c8c1ec19a647ec8b495d902ef |
| SHA256 | 120b56a54085844b1ca801f8bad9689c6f14512247031491866edb49c99dec6f |
| SHA512 | d8403177eb095537296817ff3ea75adc0a4f0bebacdbf860ebd0981b2130bb20a0c49defbf89a5e7e2eda75db24206c89532c4ea2ebeda69d0e1b1b847b409a8 |
memory/2924-778-0x0000000000880000-0x0000000000881000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | cc4e764b8156c2e0a7f20b62b01ac4c2 |
| SHA1 | 1eba240239702da896970462f7f98406073f07f6 |
| SHA256 | f22d11ada74261d0fbf1d20ca01b84309ae6de7989831b1e2898e482f6fe1d41 |
| SHA512 | d1044c15996176fad767cb8430062588eebfea1abdcceacecb29e25bf662be0d55af270524b79dcac558fad8851b310a068c4560e38db32cbcd7a94e8e837ce0 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | 19871e6ee698d8b7b57da4eb6118c66d |
| SHA1 | 88d87accf0543bad09f7680067a910dbc1ffea50 |
| SHA256 | 69bcc30b95408f5cbf4ee1797148897ac6eafb644fcca892a79e63fcc99b4c8c |
| SHA512 | ba5ba38d35094cbb15f6139bb5af3100be32efb9b52b822a596ac9345887d5ddae84261675927ddbaed74999cef9dcddb962f07de88e82fc10b4cddb6ebd7d90 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll
| MD5 | 35e5e9e333dc359d412cecd67b2bea07 |
| SHA1 | 8d20a9ab6b39ec697fca4d3613a18af26b630fc8 |
| SHA256 | 96576a5e635f555f2ecad98d8456d31e02628a4c1cc4f4a6aa870c70ee44d816 |
| SHA512 | 16a5c7671a645a75aeeae9b5815f903311620e21f09be6028c8df5c2c5fde767ca8caf6ee87f3f41d052fb1a63a3d2ca5f33c9de9c9eec23b72f819b7774f720 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | ac154440b88459b765cbbecd8bb68ca5 |
| SHA1 | 11355688eb6afd41b0035b3eafc5579685c89c2f |
| SHA256 | 131d792352458860ab58a623aee8158a44f8bf35d2c721f3e663e1f08aa15888 |
| SHA512 | ec4a058ae9513841abacdea388258afeeaa1c9ce73d2ae0bcf3e0b4bc659ffb5607de921ffbcbb4d8362ef6d5dd49ad6800f79c0fdd5588be3319b6400c9e6f7 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | 681704b3fb3de6ca46ef87c8c05e5f48 |
| SHA1 | aa4da693de005958b1986bbd9454f47c1cca75fe |
| SHA256 | 12802064f67a4c65f134a3dfe72d885c56337c40538504ae6d5ea3cc0fa50ca2 |
| SHA512 | c41d301b66aa9b21cd63227a5c535c125cdb0e93ade0cd92eb40b29c5f5427c649538c7d0a95706adf2d4629b2cf13d3597e2c6fe5a183d72f8fa5a6697741fc |
\Users\Admin\AppData\Local\Discord\Update.exe
| MD5 | 2dc58edc36e22dfa322d040d53f28efd |
| SHA1 | a4c1bf42f9ad298968b7b657604312580e7877e3 |
| SHA256 | 7f802d1eaba75c052f88ef9b6ed8669ffc84766075aaa9a1b4b2aa0c74008593 |
| SHA512 | ce9893bcb9615f8265a7583e39338023b015cafd731834a3e0d11bd633b6b8beb8a0b056e17cebfcee4219cdd8e8af51be1cbe2bc9afef4523639dccb5ca858d |
\Users\Admin\AppData\Local\Discord\Update.exe
| MD5 | 8076e1a0ab93e3f8c950185d5df3d501 |
| SHA1 | 6c737c3c89d77b2120e22657a23ff78243cb46f6 |
| SHA256 | 60af739bb780fd6c50f1c2f1867ffc64d74c8509aa8b3842bc0194cad0482bfc |
| SHA512 | 14378b14f8aa2d69a4cd9f1cab8bf23b335d385a6a78cf740b849dd9a3d543ff52e992fa82c18bd7dc0fc3c26a918d508d61fa078ffa839f10b82140d9f09f11 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\libEGL.dll
| MD5 | a1275c9707572edd6fc5ec37d23778b0 |
| SHA1 | e2cc46fccf8e09988d55bc4d362bf907a146f4e1 |
| SHA256 | a452db2fa98073ea475a5fbf9f50cf5ada7a15ce0631b7de07abceab1ad6690a |
| SHA512 | 1587bbbc31bb5356923efe7f9fb100bab84ee7bd412e6e35053b8c1990f6806eb16177123a03a1dd38ec8a1e263e4fc535e56174d4c49753a7113e1b9ad2e18f |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\libegl.dll
| MD5 | a330e1266a136b6e2695449054a73b62 |
| SHA1 | 395dc7f5c294ece4ca566e30b4bb2e487c2e65df |
| SHA256 | 13e8333bdedded1cd5408bd0acddfac42865dc0e3081b2e28cf8428a0273c7c0 |
| SHA512 | a18f2ac2e6525f0e34b5a91bc590b708fd537fedb069c83bed160fb14037004166fdb1e65685ead3f4fc8d0acd8aa539d549db9b03748d8b0731c6fe18c7f132 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\libGLESv2.dll
| MD5 | b5bcd5188c7bf22090e947a8093ebfd4 |
| SHA1 | b0e815da575e1c856539bf5cb2c20ee477750096 |
| SHA256 | 9b916298ae23b479601d1d9a45cc9be347aab37bf5b1493291f8b22bc382a96c |
| SHA512 | 72d69d7a5bd4641c1a0d64c8bc3b9fbfadf75ab77c0cc16adf5a892ab6022198763340dfea19436ced05a57c4c83a600fdeeec752948dd87ab85f01590246f3a |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\libglesv2.dll
| MD5 | 281fb92ec6d51156433dff8722dbdc0d |
| SHA1 | f8044094ef0df04a69865bf09d36c0c289d7bc1b |
| SHA256 | d3e9db77b5df4848f9c62c790058c51d9195b8b60aa922f1816a8840b0c92e9b |
| SHA512 | 8441d493f86364fe332f8546360cae845e1b6313d3aced6040ec19ff704f3b6e9501fa1d0490bcd708141c88055b2fdc50afea2ef3d46079157984091bc6c569 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\d3dcompiler_47.dll
| MD5 | fcaae9a28e1a1b30d38871fb21116fb7 |
| SHA1 | d5af74d9f6d17895138c95682d51ffd761efe540 |
| SHA256 | 45196cd27368f52a169ef1033115a628e56d372c97dc4a39c23d8e243721ab3b |
| SHA512 | 2e6f6e6c794ed741529196cea0367e495ed994bfc84b04b79b7eae37ca26db9ee523448a904e3fbf0ce12eb633a8daa516a800f8b7b9a3a21ff186d492fb6f74 |
memory/1488-897-0x0000000004390000-0x00000000043D0000-memory.dmp
memory/1844-858-0x0000000074830000-0x0000000074F1E000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\D3DCompiler_47.dll
| MD5 | a259aacef827ad2e7ff90ea713bc1573 |
| SHA1 | 773e284e24dac5665befd4b9d56b24d5ce760903 |
| SHA256 | c80f2a3a78dd4115877688d1a788b32f207e9f459bd838cccc2bd4a55a975198 |
| SHA512 | ad49d754f06e1603267a4a3fe00aede6e2d37b03a37019200fd9e77d83a663fbae2fb34942a521dbec1d9e3c021ca3bb08a2fd4786367bde338d393514647ce5 |
\Users\Admin\AppData\Local\Discord\app-1.0.9032\ffmpeg.dll
| MD5 | 0015493d57ca264511ad5e58b7e64303 |
| SHA1 | edb1a8da83010b1485b8f277801abad7d3e3cf41 |
| SHA256 | 256513a835eafb5255f9060bad2d1d935667dc61a0589c42f114daf527d469c2 |
| SHA512 | 5d1e6616d8d489397e31801cce2bb5e9c5662b51291bea3079abac5295aa1ef11a978bfd6877d3fdc04cb6381840e1858792951c0c50abb55118e30766e61e1d |
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\CURRENT~RFf77119d.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | f8270d586e0dd3673f3f40ef78c90c66 |
| SHA1 | a136475bdb681804cdee9a16d9da41dd35d32487 |
| SHA256 | 244e354255f767d3807c7c6ea308aad790a3fa97a051598412e6cfed252ebbf5 |
| SHA512 | 09f81d8bc524a567c8401f5ba889a4b2898594fc79bbc695b3442c8782e35353396520713bcefeaa53b8fe57203f08270a975dc940845fd373444f5d13ace15c |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\locales\en-US.pak
| MD5 | 481e6daba44a6dbde4799fa517039428 |
| SHA1 | 641d7e0863cb046bc76ee76189c12eabaf95030e |
| SHA256 | 28dfbd3722e8a04c47ed19ad18e5331a4ae1c424e29ad7cd3cf16d89de0f4422 |
| SHA512 | ca79ecb508b7566822def756ed3d4401caa00c9b776031dd1f134f38a3ae905791b6c62f3c659571a7416119d073ab9f829e9578a133cddedaa5231cb7599d15 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\chrome_200_percent.pak
| MD5 | 5604b67e3f03ab2741f910a250c91137 |
| SHA1 | a4bb15ac7914c22575f1051a29c448f215fe027f |
| SHA256 | 1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c |
| SHA512 | 5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\chrome_100_percent.pak
| MD5 | d31f3439e2a3f7bee4ddd26f46a2b83f |
| SHA1 | c5a26f86eb119ae364c5bf707bebed7e871fc214 |
| SHA256 | 9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e |
| SHA512 | aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5 |
memory/1488-770-0x0000000074830000-0x0000000074F1E000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\app.ico
| MD5 | 084f9bc0136f779f82bea88b5c38a358 |
| SHA1 | 64f210b7888e5474c3aabcb602d895d58929b451 |
| SHA256 | dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43 |
| SHA512 | 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb |
\Users\Admin\AppData\Local\Discord\Update.exe
| MD5 | 41348a2bcedb72d157c9a9bbfc408204 |
| SHA1 | db51b77a9359f018423aadf1c9ebb8e8eb4b1df4 |
| SHA256 | a949b347d83adbb306452296eb2591ebdcb55cc0ff67c4989c13b490c1a233bc |
| SHA512 | 15ce1754c28440dff24fdad671b2997938709e71dafca03e94d3003674dd05a4cba88bab65658babe7e0aa32e99ff0f91938006ff3db5560adf33cccce7bff0f |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9032\Discord.exe
| MD5 | cbeaf78914395f1d780cb60151be210f |
| SHA1 | e7cb32a3961f00941f3955e1c5bb57b968a6bb5c |
| SHA256 | dfb12a1cc18dc1ba33b12014c6c69121d9278b993cc9dc445bf556f1b30244e4 |
| SHA512 | e30b73ffa3f8fe5acbf6f32ea26ce6d2197af74b860d739e9038ee2948576e8b237a1ae75eb5e67c173bdd86673864576fb05d41bf0f7e342c31ed3a4ffee20d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d800588df36580397325cd4a9b2ea442 |
| SHA1 | 02a9cb268ff984f8ec9ce730a329a32977c2216f |
| SHA256 | ed476a437f10725e28f89aa12fc9217c638c4b306eff4ba7fd5faee8ed987f8f |
| SHA512 | 96f869a363bff79924e00897b95656163dae54e24cc6ccffffe3f794b78ec11e88f457027fc1412405fbc277dd91973e4399fc0f969b17800165fc48fceecfdc |
memory/1488-910-0x00000000006C0000-0x00000000006CA000-memory.dmp
memory/1488-911-0x0000000004390000-0x00000000043D0000-memory.dmp
memory/1488-912-0x0000000004390000-0x00000000043D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f752be6cc8886b267783fddf76f65913 |
| SHA1 | d0be62a98d5b88fed6039d0446b4a24f88dfeb4b |
| SHA256 | d60fbd36e5198a02ca68778f448f342167e8a55fd8fef8c22b36ddb0e40e42aa |
| SHA512 | 1dbea4580a86bfd81bf78b6f323ffd66945f940a3746a2aafa4057c983e20ff9c012837fd877d0c800bf2694e3618bd7776d530c34bc541e6eacf0a517bf338f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3172e1413978bc028912b67e245ac9ab |
| SHA1 | fc51717f03bc3e856ad9dbf46f80e4f3f20a8091 |
| SHA256 | b5df9ae7842dd174314010501917ba52f097b046c85cf9b93dacaaab27c28e3f |
| SHA512 | 2887d42247df1a3be8e94942d4d4258913e2ab0e2eb61fa6d5ec23857d8ff5063ee351136935fd142ea323a3931cb3399c9d9a2dd81991e8b77c65fe03b6c324 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 84506c899dc4f8e7cd808db559597fd2 |
| SHA1 | 62f17724cb755e0b1e10968db56a5b41958768ef |
| SHA256 | cfbd722c861ac9a69ae20410482e5e9a7e7b10d70bdea3b5f80fbdc6f9297887 |
| SHA512 | 6a785e1ccca8e0a3523c194803eb3d1db6fd60d39cd92cf73bac12ed4888434e4e15950763c7d6119ff656809605fff9f89b24f682ea0e3dbb7f45b8d0897d9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\3739ff89-1201-4b44-af7f-c99500d94c50.tmp
| MD5 | f60ceaec8fc6ac545a0c9644d4ce5e37 |
| SHA1 | 42ad0e605e1ec3fe51c5f7b3c73b1acec457a018 |
| SHA256 | d7c6c7a59cdf6aa0d8fb235c2224a52f799ae2bc7fef36461c835393739048c9 |
| SHA512 | b6af7551c357e1c5aaeee7e9ff3d4550859d82c76dacd7418abdb3d37ebe3a58cdc4a48cfd885217351b416d2052929a6eb5d141b184e7a776b193de307fd4af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4d40c6efb4b5d907a719e512018e881 |
| SHA1 | ca65e07d921478b0aaa2580d5eab364fe58754e7 |
| SHA256 | 625578524e608ca35e67a8762c3a8ce4bab5561109ef4101a7dceadbd3532c2c |
| SHA512 | 636f729138e6c507326e22be7885debfe040aa712df278a6d429407a80dc192d3e0316e1a4e3966acd892640029e9d99a0ecdab86af39423f8342ff1e1443c16 |
memory/2224-1014-0x0000000001200000-0x0000000001376000-memory.dmp
memory/2224-1015-0x0000000074830000-0x0000000074F1E000-memory.dmp
memory/2224-1016-0x00000000005C0000-0x0000000000600000-memory.dmp
memory/2224-1019-0x0000000074830000-0x0000000074F1E000-memory.dmp
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
memory/2684-1068-0x0000000001000000-0x0000000001001000-memory.dmp
C:\Users\Admin\AppData\Roaming\discord\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\discord\Dictionaries\en-US-10-1.bdic
| MD5 | 4604e676a0a7d18770853919e24ec465 |
| SHA1 | 415ef3b2ca0851e00ebaf0d6c9f6213c561ac98f |
| SHA256 | a075b01d9b015c616511a9e87da77da3d9881621db32f584e4606ddabf1c1100 |
| SHA512 | 3d89c21f20772a8bebdb70b29c42fca2f6bffcda49dff9d5644f3f3910b7c710a5c20154a7af5134c9c7a8624a1251b5e56ced9351d87463f31bed8188eb0774 |
C:\Users\Admin\AppData\Roaming\discord\8a991c2b-d6b1-4bae-a6ea-f24c057c8bf4.tmp
| MD5 | 58127c59cb9e1da127904c341d15372b |
| SHA1 | 62445484661d8036ce9788baeaba31d204e9a5fc |
| SHA256 | be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de |
| SHA512 | 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a |
C:\Users\Admin\AppData\Roaming\discord\Session Storage\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-03 04:28
Reported
2024-02-03 04:31
Platform
win10v2004-20231215-en
Max time kernel
134s
Max time network
149s
Command Line
Signatures
Enumerates physical storage devices
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\BloxFruits.jpg
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |