0cce692e2b73e5daab697dfd310f8330d125c1e10e2eb0cd43d2193c05a5d55d

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/02/2024, 16:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Battly-Launcher-win-installer.exe
Size

180.2MB
MD5

1437d3fd7ce2ce44c7a6d98795d880d7
SHA1

450b1fede0be88f75812d6e4c4615d2969b74251
SHA256

0cce692e2b73e5daab697dfd310f8330d125c1e10e2eb0cd43d2193c05a5d55d
SHA512

8ffaa6e461046ec3ce8f1d35db635096cfd9e31dd29a6fd2efacc239af0972fb0bbc2c8f2e08c8387db045f520dd609b9b92f42f7dee26a15ac92b02ebcc184b
SSDEEP

3145728:LNOYJQ6GCezmeHq5iz5xc8y3N0iV99TnV1v9BP3ylWb18BptW8Nr:xOY7amB8zLcbaiVzTnVd3qWb18BptW4

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 6 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\Control Panel\International\Geo\Nation	Battly Launcher.exe

Executes dropped EXE 10 IoCs

pid	Process
956	Battly-Launcher-win-installer.tmp
3304	Battly Launcher.exe
660	Battly Launcher.exe
4076	Battly Launcher.exe
2920	Battly Launcher.exe
1328	Battly Launcher.exe
460	Battly Launcher.exe
3764	Battly Launcher.exe
2192	Battly Launcher.exe
2924	Battly Launcher.exe

Loads dropped DLL 13 IoCs

pid	Process
3304	Battly Launcher.exe
660	Battly Launcher.exe
4076	Battly Launcher.exe
2920	Battly Launcher.exe
2920	Battly Launcher.exe
2920	Battly Launcher.exe
2920	Battly Launcher.exe
2920	Battly Launcher.exe
1328	Battly Launcher.exe
460	Battly Launcher.exe
3764	Battly Launcher.exe
2192	Battly Launcher.exe
2924	Battly Launcher.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\DefaultDirName\is-E0O60.tmp	Battly-Launcher-win-installer.tmp

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Battly Launcher\d3dcompiler_47.dll	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\ajv\lib\dotjs\is-FETDP.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\is-1AG4R.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\protobufjs\google\api\is-SL0VI.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\proxy-from-env\is-2GM4P.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\youtube\BaseChannel\is-E5I41.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\axios\lib\helpers\is-46E6B.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\engine.io-client\build\esm\contrib\is-FFF24.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\mime-db\is-LI6KH.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\request\node_modules\uuid\is-0N4KA.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\sshpk\man\man1\is-C2FKA.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\@protobufjs\float\bench\is-1PP3G.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\@protobufjs\path\is-ASRNA.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\js-yaml\lib\is-6JN89.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\jsprim\node_modules\extsprintf\is-TN0D9.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\uri-js\is-IF77Q.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\har-schema\lib\is-FE6R2.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\asn1\lib\is-MPIBL.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\aws-sign2\is-CR0EL.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\node_modules\semver\functions\is-DVK0D.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\out\differentialDownloader\is-891M7.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\engine.io-parser\build\esm\is-LE7AT.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\music\MusicVideoCompact\is-UT6FQ.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\checksum\is-QNG9C.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\getpass\lib\is-9BOJB.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\music\MusicClient\is-732RQ.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\socket.io-client\build\esm-debug\contrib\is-E4IFS.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\common\is-7DUJP.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\asynckit\lib\is-LJP55.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\axios\lib\helpers\is-J49M8.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\http-signature\is-LJ1V2.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\sshpk\lib\is-8N05C.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\locales\is-MCNU7.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\fs-extra\lib\remove\is-6GKR2.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\StatusServer\is-64FE1.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\youtube\Client\is-4Q1QL.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\sshpk\bin\is-779UC.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\argparse\is-45OVV.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\axios\lib\adapters\is-O2FJ7.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\node_modules\semver\functions\is-IFR4K.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\js-yaml\lib\type\is-1BDDD.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\qs\is-8TQMF.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\asn1\is-747MD.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\axios\lib\helpers\is-6T5MA.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\node_modules\semver\ranges\is-M46AD.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\safer-buffer\is-7J3S7.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\music\MusicBaseChannel\is-D3SVL.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\builder-util-runtime\out\is-22BEO.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\node_modules\semver\ranges\is-SKB1A.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\har-schema\lib\is-EIDDJ.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\ms\is-DETCJ.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\methods\is-QTPU2.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\tiny-typed-emitter\is-K8FPA.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\images\flags\is-Q1LBP.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\is-B5EF4.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\psl\is-D8A71.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\webidl-conversions\is-R9QKU.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\locales\is-PM18F.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\ws\lib\is-R9IQE.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\dependencies\youtube\BaseVideo\is-90GOL.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\youtube\helpers\is-0GKMP.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\node_modules\semver\internal\is-FGJCP.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\request\node_modules\form-data\lib\is-OP6G8.tmp	Battly-Launcher-win-installer.tmp
File created	C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\ajv\lib\is-TFF8E.tmp	Battly-Launcher-win-installer.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 29 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\shell	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\shell\open	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\URL Protocol	Battly Launcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Applications\Battly Launcher.exe\SupportedTypes\.myp	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\shell	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\DefaultIcon	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\shell\open\command\ = "\"C:\\Program Files (x86)\\Battly Launcher\\Battly Launcher.exe\" \"%1\""	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\ = "Battly Launcher"	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\URL Protocol	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\.battly\OpenWithProgids	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\.battly\OpenWithProgids\BattlyLauncher.battly	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\DefaultIcon\ = "C:\\Program Files (x86)\\Battly Launcher\\Battly Launcher.exe,0"	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Applications	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Applications\Battly Launcher.exe	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\shell\open\command\ = "\"C:\\Program Files (x86)\\Battly Launcher\\Battly Launcher.exe\" \"%1\""	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\shell\open\command	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\shell\open	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly\shell\open\command	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\BattlyLauncher.battly	Battly-Launcher-win-installer.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\ = "URL:battly"	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\shell	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\shell\open	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\.battly	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\Applications\Battly Launcher.exe\SupportedTypes	Battly-Launcher-win-installer.tmp
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battly\shell\open\command	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher	Battly Launcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\ = "URL:battlylauncher"	Battly Launcher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000_Classes\battlylauncher\shell\open\command\ = "\"C:\\Program Files (x86)\\Battly Launcher\\Battly Launcher.exe\" \"%1\""	Battly Launcher.exe

Modifies system certificate store 2 TTPs 13 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 040000000100000010000000acb694a59c17e0d791529bb19706a6e40f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47419000000010000001000000068cb42b035ea773e52ef50ecf50ec52920000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	Battly Launcher.exe
Key created	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\A053375BFE84E8B748782C7CEE15827A6AF5A405	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827	Battly Launcher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 5c00000001000000040000000008000019000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f040000000100000010000000acb694a59c17e0d791529bb19706a6e420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9	Battly Launcher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 0f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b1400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba953030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 190000000100000010000000d0fd3c9c380d7b65e26b9a3fedd39b8f030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba9531400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b0b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f	Battly Launcher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8	Battly Launcher.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827	Battly Launcher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-768304381-2824894965-3840216961-1000\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\A053375BFE84E8B748782C7CEE15827A6AF5A405\Blob = 030000000100000014000000a053375bfe84e8b748782c7cee15827a6af5a405140000000100000014000000142eb317b75856cbae500940e61faf9d8b14c2c6040000000100000010000000e829e65d7c4307d6fbc13c179e037a360f0000000100000020000000444ebd67bb83f8807b3921e938ac9178b882bd50aadb11231f044cf5f08df7ce190000000100000010000000f044424c506513d62804c04f719403f95c0000000100000004000000000800001800000001000000100000002fe1f70bb05d7c92335bc5e05b984da65900000001000000160000005200530041002f00530048004100320035003600000020000000010000001a05000030820516308202fea003020102021100912b084acf0c18a753f6d62e25a75f5a300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3230303930343030303030305a170d3235303931353136303030305a3032310b300906035504061302555331163014060355040a130d4c6574277320456e6372797074310b300906035504031302523330820122300d06092a864886f70d01010105000382010f003082010a0282010100bb021528ccf6a094d30f12ec8d5592c3f882f199a67a4288a75d26aab52bb9c54cb1af8e6bf975c8a3d70f4794145535578c9ea8a23919f5823c42a94e6ef53bc32edb8dc0b05cf35938e7edcf69f05a0b1bbec094242587fa3771b313e71cace19befdbe43b45524596a9c153ce34c852eeb5aeed8fde6070e2a554abb66d0e97a540346b2bd3bc66eb66347cfa6b8b8f572999f830175dba726ffb81c5add286583d17c7e709bbf12bf786dcc1da715dd446e3ccad25c188bc60677566b3f118f7a25ce653ff3a88b647a5ff1318ea9809773f9d53f9cf01e5f5a6701714af63a4ff99b3939ddc53a706fe48851da169ae2575bb13cc5203f5ed51a18bdb150203010001a382010830820104300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030206082b0601050507030130120603551d130101ff040830060101ff020100301d0603551d0e04160414142eb317b75856cbae500940e61faf9d8b14c2c6301f0603551d2304183016801479b459e67bb6e5e40173800888c81a58f6e99b6e303206082b0601050507010104263024302206082b060105050730028616687474703a2f2f78312e692e6c656e63722e6f72672f30270603551d1f0420301e301ca01aa0188616687474703a2f2f78312e632e6c656e63722e6f72672f30220603551d20041b30193008060667810c010201300d060b2b0601040182df13010101300d06092a864886f70d01010b0500038202010085ca4e473ea3f7854485bcd56778b29863ad754d1e963d336572542d81a0eac3edf820bf5fccb77000b76e3bf65e94dee4209fa6ef8bb203e7a2b5163c91ceb4ed3902e77c258a47e6656e3f46f4d9f0ce942bee54ce12bc8c274bb8c1982fa2afcd71914a08b7c8b8237b042d08f908573e83d904330a472178098227c32ac89bb9ce5cf264c8c0be79c04f8e6d440c5e92bb2ef78b10e1e81d4429db5920ed63b921f81226949357a01d6504c10a22ae100d4397a1181f7ee0e08637b55ab1bd30bf876e2b2aff214e1b05c3f51897f05eacc3a5b86af02ebc3b33b9ee4bdeccfce4af840b863fc0554336f668e136176a8e99d1ffa540a734b7c0d063393539756ef2ba76c89302e9a94b6c17ce0c02d9bd81fb9fb768d40665b3823d7753f88e7903ad0a3107752a43d8559772c4290ef7c45d4ec8ae468430d7f2855f18a179bbe75e708b07e18693c3b98fdc6171252aafdfed255052688b92dce5d6b5e3da7dd0876c842131ae82f5fbb9abc889173de14ce5380ef6bd2bbd968114ebd5db3d20a77e59d3e2f858f95bb848cdfe5c4f1629fe1e5523afc811b08dea7c9390172ffdaca20947463ff0e9b0b7ff284d6832d6675e1e69a393b8f59d8b2f0bd25243a66f3257654d3281df3853855d7e5d6629eab8dde495b5cdb5561242cdc44ec6253844506decce005518fee94964d44eca979cb45bc073a8abb847c2	Battly Launcher.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
956	Battly-Launcher-win-installer.tmp
956	Battly-Launcher-win-installer.tmp

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: 33	5020	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5020	AUDIODG.EXE
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe
Token: SeShutdownPrivilege	3304	Battly Launcher.exe
Token: SeCreatePagefilePrivilege	3304	Battly Launcher.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
956	Battly-Launcher-win-installer.tmp
3304	Battly Launcher.exe
3304	Battly Launcher.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3392 wrote to memory of 956	3392	Battly-Launcher-win-installer.exe	85
PID 3392 wrote to memory of 956	3392	Battly-Launcher-win-installer.exe	85
PID 3392 wrote to memory of 956	3392	Battly-Launcher-win-installer.exe	85
PID 956 wrote to memory of 3304	956	Battly-Launcher-win-installer.tmp	95
PID 956 wrote to memory of 3304	956	Battly-Launcher-win-installer.tmp	95
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 2920	3304	Battly Launcher.exe	96
PID 3304 wrote to memory of 660	3304	Battly Launcher.exe	98
PID 3304 wrote to memory of 660	3304	Battly Launcher.exe	98
PID 3304 wrote to memory of 4076	3304	Battly Launcher.exe	97
PID 3304 wrote to memory of 4076	3304	Battly Launcher.exe	97
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99
PID 3304 wrote to memory of 1328	3304	Battly Launcher.exe	99

C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe
"C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3392
- C:\Users\Admin\AppData\Local\Temp\is-NTTTI.tmp\Battly-Launcher-win-installer.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-NTTTI.tmp\Battly-Launcher-win-installer.tmp" /SL5="$120068,187936849,832512,C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-installer.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in System32 directory
  - Drops file in Program Files directory
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:956
- - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
    "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Modifies registry class
    - Modifies system certificate store
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of WriteProcessMemory
    PID:3304
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2920
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --app-user-model-id="Battly Launcher" --app-path="C:\Program Files (x86)\Battly Launcher\resources\app" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2392 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      PID:4076
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --mojo-platform-channel-handle=2116 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:660
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --mojo-platform-channel-handle=3060 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:1328
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --app-user-model-id="Battly Launcher" --app-path="C:\Program Files (x86)\Battly Launcher\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3980 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      PID:460
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --app-user-model-id="Battly Launcher" --app-path="C:\Program Files (x86)\Battly Launcher\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4016 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      PID:3764
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --app-user-model-id="Battly Launcher" --app-path="C:\Program Files (x86)\Battly Launcher\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4328 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      PID:2192
  - - C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe
      "C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\BattlyLauncher" --app-user-model-id="Battly Launcher" --app-path="C:\Program Files (x86)\Battly Launcher\resources\app" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4640 --field-trial-handle=1904,i,3987384461770508113,1049097992564769917,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      PID:2924

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4b0 0x338
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe

Filesize
25.3MB

MD5
87172f38f9291f95d82d9932f3b7890e

SHA1
4a88207e26d293c96bc4003c504a7cfacebda2d4

SHA256
dea72908fceb19c36eaf97d7d49d080f98959f73e7f583af40486649a4b3ff9d

SHA512
b7fef06b0fdd4cd3959bc578b20ecc21deb09bca1b804e1650260639d7a9a034cef23b1898c688c291088f72534f23d431d7c77136d56edad10636396ae11a31

Download Submit
C:\Program Files (x86)\Battly Launcher\Battly Launcher.exe

Filesize
16.0MB

MD5
b03207da3f5f5167f9a6500c4df99f2f

SHA1
2dfed2e6c4f7c236a6fe165334d179da42471a9c

SHA256
782b48059a80c204bd2e0187e4a1fac125ba8a93be346667ca7e6971a67afaaa

SHA512
a9887d9baa2f19429a7a678c476dc9f1a9713c9c61c0ac2d34efa80d4b0e08e909b172f91875e7d9186b204354b41c237b06b168860098a52c6b6400a373efe3

Download Submit
C:\Program Files (x86)\Battly Launcher\ffmpeg.dll

Filesize
2.6MB

MD5
00ffabbb9438a0da15a021451a9c2d0d

SHA1
4bb79fe2b09962c6c46b70d7dfb1f9d9604a22dc

SHA256
aad7e7ac9d74ac18892801950c9728e9c4eacd3b676cbb5d6f63382da2ce0559

SHA512
989d8d0afd3ce64c65a90d1046f28b19e5b125f8b5a565b76b8c950d152d3b9a57d68126888321c7cd8a4985249c1ec649c453e7501aaa4ff60d9662afd85f34

Download Submit
C:\Program Files (x86)\Battly Launcher\icudtl.dat

Filesize
10.0MB

MD5
76bef9b8bb32e1e54fe1054c97b84a10

SHA1
05dfea2a3afeda799ab01bb7fbce628cacd596f4

SHA256
97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3

SHA512
7330df8129e7a0b7b3655498b2593321595ec29445ea193c8f473c593590f5701eb7125ff6e5cde970c54765f9565fa51c2c54af6e2127f582ab45efa7a3a0f6

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\@protobufjs\codegen\is-JGMS1.tmp

Filesize
1KB

MD5
532013e80f57c86a3d7176374afe6380

SHA1
e40a5d2090efd5d2eae97987590d414d7b1389f8

SHA256
a67b34a24a5daddcce46aea68c5004e4442bbfb63690329fa607bf4de4269794

SHA512
db98bcc743122ae1ced03c2d7e4efc4cd090d61b75a2eeee0534cff58ef6ec9a313ad826d4bcf490378a8b13c8a360f20a026df83700c0244113988d7e35b7f5

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\adm-zip.js

Filesize
30KB

MD5
9b6da3cd4a4ce0963e80d0e6dc1a11f1

SHA1
fce6550c2231f60425661f2f7db99efff491cdff

SHA256
cb49867d6ffe8e7c08ad0e6466c86450b0f81910069ed1ad9d5b7b9c27367929

SHA512
38f325ced4315f7fd39f9ec885e1a35f8d5c49bfe9721c3ae0b54d040c76e7df3e6d557f76bb5783594b0fe5c15f9e73f8c7a21fee373ecbd97ed9220d3127ba

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\headers\entryHeader.js

Filesize
11KB

MD5
db0294dd88cf4922e3cbb5e45d087287

SHA1
f46ea2a1a7e9cb0c6c25fc436743b78d95da1841

SHA256
d3ca0adfd642be6287daf5a7cc8d3959332f31ba52b6ef1a53e4520bf4175f3f

SHA512
2f77a248db215a4d7287dfe7227adc1bbd4239d31731a743994dd4a4e4f0aa061dacb3fc9d79f22364d3771ac3b36d41dca5788b34892c94f8cb8d2d95a6b661

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\headers\index.js

Filesize
94B

MD5
64bc889b89f1c8a04a698a8f74e24e5b

SHA1
68781da04cf1ebc4f03434ea5b2b65f10cca07e6

SHA256
536e4b5bf009a3d9f6eccfbbc4157cb6de663d889e0826ea5f6e5fa17aaeb8bf

SHA512
9eb207fa61862aebd9cc5a89f85757313c7f163ea0f5a15c16250f79845b9caa1d8109bc3e634a9ed3fb0616c71aed3005ace48eff0941518c778c3063613975

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\headers\mainHeader.js

Filesize
4KB

MD5
1d35f59aece6922da87e6183e7f8379b

SHA1
b772c6b2285d6f7c099bfd7ace005e730bd12c78

SHA256
3269b558fd8990df8ae1f500268e0512854c04bffefcaa0e584360de1809b84a

SHA512
3cb59c8fb586a89936ad4fbd4d29c54cfe8e0ae9abcc4ff70ef03a3cdbefff9b4a5d91658da79e6746ab01af9cfc57dd908b8e478ee4aee5848e0252a1f68603

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\methods\deflater.js

Filesize
1021B

MD5
41fd6791497f7d74ee56a7753e08da66

SHA1
bd62d07bfe703da89172fcfeaa8848d6ba5c68b4

SHA256
6dc41b2460594cfa5136b797653c166b2f7403820a40f2fca17cca35a5de1b5f

SHA512
5f16aeb477321470986a8c9807ebf3b75e979e5fb34156028ef56f44f38c4f4d72d9d086784e9dfedeffa61f91f973b6ac7e7ba1730eebd86bb549de2dbb4761

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\methods\index.js

Filesize
128B

MD5
74d54dda1e050cad9b31da325f92fb01

SHA1
683b0412f3bdb3ae54cd809e37f456dade4d046a

SHA256
d67714f1a04be942f90be77069af3ff4214aa8ee84b26edeff3a87eb0d8e2dc0

SHA512
88ff974e69207c427ce1c9161489a275c4328ba392da65b268614fd5c66ef9feb10dafe1464dcc5873221de61bdb045dcf47092760c973ec06825158978df3e6

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\methods\inflater.js

Filesize
936B

MD5
ddf58fccf9d270a32d6fe17fe86a26f9

SHA1
c720d51c923aa71bce2a27a3d081af09de0e2a67

SHA256
ac2c664bd94fe9daee76174aa00d149d60bbbe6ae5d5865b14bd76e9b7d2d612

SHA512
bc5914af2950f7e87b0071d54f885b7ef494cee1f036e9fe2e31365506ab78a6327dd25d2c565c09b0ecd465ddc79bb8fc5ff7b6c3a9b15a4d4f044fe816d610

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\methods\zipcrypto.js

Filesize
5KB

MD5
84d22177957b42a5f8cef39e729bcaef

SHA1
6a6dea4aab4c6c8b1b4b19a246f01b03cb114711

SHA256
2b76c14cac47da833e1bdf690faf68acc0f5ceb645605df876f42e67801d2f1c

SHA512
a94de7eb1aac18bba8854041a8d9a2f035dacc338e007462d891c6557f68c7a6d179d82078f0bddc047e29766f961e7c83c5a278a08e8b3b72917f61625320e0

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\package.json

Filesize
793B

MD5
d54047857da5c5c0f798702eaf6bbdb2

SHA1
13268d9836a3e86768a55e94d9ae566083450c32

SHA256
4a972775a807ee9450338de8587428f444df10d7d383721ab6f60c1981562089

SHA512
fd3311c500231a24c3923e9833e9c39e9369c340fba01bb8c5930313be2f1bd7cb7cdfa9ecedd16418a2164a87dfef09f0a33fb55c01da2d38cacae9e9c0a1ac

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\constants.js

Filesize
6KB

MD5
9557c90a448baec12cf2cb2f97e2c5a2

SHA1
19ece17c4aed05723601ec510ad2020fb462cf52

SHA256
208e943a2e5faad056047f3c7991cce3cde637d8e272a564f2546210ebdf2069

SHA512
433a683e049a8d2fa321e9cf6932c2f5075c83f1713a9d0514956310174ef2959d0c8378a039d27d0a34f321262f6cf7eee40066ca54da1b57c5483b6d00f089

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\errors.js

Filesize
1KB

MD5
ac3d2bb07fc89b31183b6786ce467fb3

SHA1
61964b0caf0c374fb311fbc914e7adfee6911f0f

SHA256
56ee85e2b90ec4a41df0813c4e7e08f617da69a82663149a8f9cc110deff43ea

SHA512
1ae94c25cc424f1a4ba7cbe7b08d9809022ac96d4f7ea0f98b10cf4e3bec913793957da17bb811c41153724d0da4f7f8c2850b0140fc4ba74ed553fc25695cd0

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\fattr.js

Filesize
1KB

MD5
943088ca25b0e25de119778524c8d91c

SHA1
6cbf8576406db664ea30c0ce8085cc590a248202

SHA256
cecf4e89cd49c408dacf19894756926cb73bae801f4f44e66011826230ef1975

SHA512
9892ad5a63788aa2e2a50927990caf7371b3432cf0a7633d6dba3d6f861d1e59eb8a43f6b5ad7127c16cdf153ad0aef1f9163d2c59af9058f427cb55c70662b0

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\fileSystem.js

Filesize
353B

MD5
85d7973afdda48fd2333b486d4b4afaf

SHA1
dd0ab76f06f12996cdb07bc8613d7f56aed7f0ac

SHA256
c0e0fdf6ca6d8dd98041adc6d8674f6bb02b94145abc98f08f24f1d0e4a8b5ad

SHA512
ea038e326f763da409672e4e1d87170220aa8c1fab1144a3d5f62d1a5db44f2be2c456a08ca4d1c3f776f9c5020e9573b6b146a28a74c329dd51daa961d6cbfe

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\index.js

Filesize
179B

MD5
6eadaab125a2caf89f2e762259d16df4

SHA1
680d2665f43dd5074b5eb34d7a22f337d39659dc

SHA256
a231e422e9f88464dbaf2ca91c0b7acd141f84e475de7847538d3f53890fd274

SHA512
feb0b65be5cf28c68fcd414a4ba0d659e9298a3a029c1ddef0b5f0d4ac77a355ddb6592aa9c3808b6f40266232c244456a28d49f24700941c6505adc81086eb8

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\util\utils.js

Filesize
7KB

MD5
b7a147df232c33b9733089d358e8919f

SHA1
62f476f4fd0f58d0f6affedadc39da4eed9622e0

SHA256
476362e756eeab1eb18548732f27ed8786cea36d6c33aa27d75a74fb70b4a2e0

SHA512
e0c2641d2b2626c145fd829d48c2154431179011946898714aca55be10209c816649ae79cf0fdadf76933079c28114b2c9000ebcd557a5e324448561cbd62b72

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\zipEntry.js

Filesize
11KB

MD5
c553c1da54ed2015dea9f514d4dfbd42

SHA1
fc47ac41e724cac3f6deab99730276fb7e4b76a0

SHA256
699358b454fd68983c363f2df22ada2fac0ad3ebfc4890f80efe7e49461f8c78

SHA512
808c6912f5dcd11afe4f130dbadc28911fa5402eb60cf2e2df66fd82c80a74772a9527cb731d4b16ea67abf6255e8f5a28e81955bfc78af90f5e6df98cce8dd4

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\adm-zip\zipFile.js

Filesize
13KB

MD5
e6dca10b65f08b4623cd2c5f186e85a4

SHA1
cec0a45acdf6d9688db89be2dba81fa85761d29f

SHA256
015cb9553db23bc281ee784f7eb974cbd026dace0322a0989b0a400bbcd68e8c

SHA512
aa0a7f6e81ba719f9e25796453ec72d62a9894d3dcdef860ee6d22a282bb351ee19439c5f7bb2a747bd1d7187fd467a1a721409f38e064885fe9f9717ad8d604

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\out\main.js

Filesize
4KB

MD5
61bf8956f0fb3351d803f23f75f230b6

SHA1
9574a0a5ca7387f143954e14f43e94b375e6bce3

SHA256
9df5dbea9557af3890cad4b2fde304295ba8d84f7c16140e9ae064e3c16f8e7a

SHA512
27935fdffe4a0a5486de6e17fc0115259ba29ca7504c216b63a7128a3bd14a4d6df558bbbb8ef7c4c9703b02e8ae8c3a625fa3aa2d3d126460ee32988abb75fb

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\electron-updater\package.json

Filesize
1013B

MD5
f410f2026121e7ebaf9ce906c1ba7966

SHA1
e7d0909ac37ef65c2b349fdb47f2f56dd7e417be

SHA256
8e4451c66d524261b41c2cad9b678d172f5e27f2826f411e33b803fb2aa2e34f

SHA512
5a1e76164480ddf197cba4be1cd973404b1554f7e3c09c96d5dd9deaf278b5e402debd80341a179227778b87e8c9b4788a07e67dae03597498a0822a3665b14a

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\jsprim\node_modules\extsprintf\is-M3R0A.tmp

Filesize
1KB

MD5
bc3c23d98d7aa86bbf232058884e19b2

SHA1
772b18147b3bf826978f984f8e01562a9e3cc254

SHA256
5626c1e21f73f049d1c26ab8d34c95f26ee33d9b2dafb49af21114b087fb8d04

SHA512
f92b92b1623f00ef51882f3c8d17e0d010bc5261bf0eb8e9b8b4b6cd7d9f49708e43114ff893f2788edfed945a5c02f7d13c1bb58ab3f426aa8021df362dd2dc

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\lru-cache\is-R0FG6.tmp

Filesize
765B

MD5
82703a69f6d7411dde679954c2fd9dca

SHA1
bb408e929caeb1731945b2ba54bc337edb87cc66

SHA256
4ec3d4c66cd87f5c8d8ad911b10f99bf27cb00cdfcff82621956e379186b016b

SHA512
3fa748e59fb3af0c5293530844faa9606d9271836489d2c8013417779d10cc180187f5e670477f9ec77d341e0ef64eab7dcfb876c6390f027bc6f869a12d0f46

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\node-fetch\lib\index.js

Filesize
44KB

MD5
fcd952a3518996c076e41deeb9b2d3e9

SHA1
3a4fde428ba8f0a812b1d59f9b0b786281fb7652

SHA256
79541f01338e70f4ff6f8a1d12f5c2914d4c6ab2ba96b7ddf48d2add01c13813

SHA512
5d732eff094d46cd810eaef715c5b2a19192e0b224a06c8e718cb067bb79d3ab13c279c7f6764de3bc0ef22bfb57eb63bb69c1df5a7895875dddcb40ecb7ad91

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\node-fetch\package.json

Filesize
1KB

MD5
af496aea3800368f97eb2e51d6244e11

SHA1
fc951ea643def50b682cf9fd501653ce58eb5039

SHA256
e2b1a3d41d811213df8d9ba6642937e93559ae17084dc0b80ccf2c86a5f1e8a1

SHA512
232998316878263287d9d88e4baaa17d22abb41ac876d88b52d7e3f0f4d6805a214a290184b78adbbdec56b54e92c21bb8ea194adf280ce98aff3ff3b37bc95c

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\oauth-sign\is-BKE35.tmp

Filesize
8KB

MD5
f3f8ead5440d1c311b45be065d135d90

SHA1
05979f0750cf5c2a17bd3aa12450849c151d8b7c

SHA256
d446a8c73d7bbe4872d6524b15ae206f9a2d7eb53f8c9cb6e6c893a43acc5276

SHA512
d52ead0329e9223dce3d54f83c9e8caab7974355c248e2e85a1a8aa3198af402507761c22bad31307ae3bda06528ed0b3487e9ac9f6a6c3c413e09a5acac915d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\protobufjs\dist\minimal\is-JI710.tmp

Filesize
77KB

MD5
80c6c0afb34d50084bef13963e6c212b

SHA1
5cdeff53cf6aa0611c4923acaae49a8dd5e457ed

SHA256
bf0a1363ceb5fe2291336cbb315cf8629c6940f14ebfb5384faab553d4a611d8

SHA512
febf5f748f9dd4347dd801e7fc26da2ba5b02c02515bcee8b35c3c484e5ea2bb1826f9d2ce87a6535aed1795bde8d84fe67185e57e11fc5a59f22a2165e8a73f

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\sshpk\is-16HG2.tmp

Filesize
1KB

MD5
38ecf0a3a3894f404ca99c2a08924afc

SHA1
10b8ac49ffb8f7cc8bdca9303209a1b3b2f3587d

SHA256
82f8e8150cc12bb0895291c63ffa618d5652daf6265f63203ce0043955066ba4

SHA512
f0c68e411d3b7759b30fa74ea37663f4ea4968fdb8ebd4016c9ecbc5bcf7d956941d0c1f81e66abb73676d40379240d828b0a6ac36c3ade7ba11b62b5ed14c62

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\tr46\index.js

Filesize
7KB

MD5
7d598c8605e26cafe489544f1730d380

SHA1
02c41eea7eb4ce2d32b7faeb4229edaa28b9d8e4

SHA256
8194f9425ce9ab06ea9aebcd64a85ec064d95d61bb349f8f1c98762ad256638e

SHA512
f79b6e635786bb4b38f80562d862a6a2c908ea691b3fc42712aae82591c735acd02d8fd79ccf37468e58f865bba28f9be0d92182b30c8e4b4ef7261bb57f213d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\tr46\lib\mappingTable.json

Filesize
253KB

MD5
26c6da7a34c8a051a60b3592287d3fea

SHA1
6e09dfd1d4d65675bba0a9bb69e0bd6393f0d5da

SHA256
b6b39724dca9011113a08d9d6910204062b58169e98952acdfbd19bf2c31bbff

SHA512
8ad552c64f53303c00f2a56c1fdc2d6c644b12aa993c181d5f4847fb4613701b3d03d2a4f8e347e1d755999681585ae3081e865ae54f21340c826196c2af83d4

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\tr46\package.json

Filesize
431B

MD5
2f0e605dcd24fbc601a5ea72f994d31b

SHA1
ab17469f5da9aceab465b0fb157eb55c905a0bc1

SHA256
bb7b622deed9936ada577a7ea52a59cee5162825305a45b1be2278907d899bf1

SHA512
ddd489be216dd8847e35bfbd669ff675377db56e103e4e9d3d5f335c28e83e7d90a6963b2a6667e4de806585e8d81433299fb966352eab7186f7940ffa9f1fd5

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\webidl-conversions\lib\index.js

Filesize
4KB

MD5
5239589917db7d80f8a54e00bf57287c

SHA1
32a7715cbd092327cb6b40a1ceb0f768c006cfbc

SHA256
0b29621626c38ddda2a8e20787c32d09db10dd031ea743c5e270b59d46754a84

SHA512
74f08425d277fdf08927457983057c75399aef175c829e55ce4feb424704cbcda250ce82ade03b06f435012418f409759ef36c79595316be492a8708eae90601

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\webidl-conversions\package.json

Filesize
402B

MD5
e401a6d7fe2eb47e4651c7771afbc0fb

SHA1
f950b2dfe64fac53b9dba760113fa8c973a6e06e

SHA256
4d8bfba25f8d4222ebd3399f651703272da73572dd9862f4924c7ead6c55e25c

SHA512
91926f2c92453643dec0d0b8eb820af4e1dfec80e98d014f3cbd7fd610606566f45b845284430bb12b3c29ce6cb401c4c8c3245b7a9c1630c793fa39b9a94bb4

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\lib\URL-impl.js

Filesize
3KB

MD5
895986b201034a8813d7032201d08d48

SHA1
c59fc2cbaff55db3419a0f3fc3274cb6215555cb

SHA256
e60103ff74b8bfc4001f5c05eea482f554de610cb5fc4e7ccbfc5aef9e443706

SHA512
fd9a756c5554c6f75f09c4704100bd795ed877ba9ea401262021d23315070005f0271e406cbe4f18f1163887caacb77ae74797eaaa770a7e89ae3ec271c4bee3

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\lib\URL.js

Filesize
4KB

MD5
b0d61d137a04b123d028dc0560e4019b

SHA1
849eac5a0d7fd731acf0948d18a9ef6cebf10047

SHA256
3bd67335fc72b50924fa35523c2b0b73dce9cb814f6bae82644ccb1f22560706

SHA512
f5947e7b10031344b752486fc8fa3b7a33b9b00c7a5226d9581dbb1b63794ef3a62ee119d2847618b7129744e3b5adf81da2f8ba8565581005f0971928839127

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\lib\public-api.js

Filesize
625B

MD5
702794a0ee114b49df06995222248103

SHA1
ff500ab0bc64cc68b8925cd6b9d13b5b6240d951

SHA256
0cbda6401c6179c4fb2ef0cebeccfb127485fee6f0ed5c129a8a539d4cd29018

SHA512
c5cecc2817a8708e3f1720b70e8dfc3aa29ecbe71ccdccd8b5bc1f217ff75420892692c32693cbb3e7286ae85261a1c07cee8bf00ee454046eecd6a735d81113

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\lib\url-state-machine.js

Filesize
32KB

MD5
64ed360e55156f937674f46a4d607906

SHA1
ab706cff991edca756adc4a00495ded9a7f24e18

SHA256
e038db71d8a2313d7d20ad6dd1116a2fcb34b41e39f7a2364c70ff1aff548850

SHA512
d6820ce5eeaf5e5c5341c457456c66cea4b0621f936e27e48c3f4f240d7146c03abc6fb448449a57a8c9c8626c3ab4068ffba2595e6f9b733305a9ef51742f29

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\lib\utils.js

Filesize
562B

MD5
3bd95c789a767f0ea79e6a20c43f692e

SHA1
e531f22976a3b992693f328ed7bdd4103d87c08e

SHA256
96b941934b9050815f9397bc6796ea8611bfa00c5886587d81da64a23841e3b9

SHA512
2fe3b7f9d083d8e7edf717f94fac9af9d7265318432a10779253af9829b28f5b7ef7814234d34d67323ec0fcd2af6efbebf7301a0f6ad158601783154e487f0d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\node_modules\whatwg-url\package.json

Filesize
572B

MD5
59d30e731a627833eee771acaa2f14f0

SHA1
12aeeddbe984d3e64ad8478407c93037237d6a0b

SHA256
b8574d4e255ba0988d1522857aa06f1494631fd324702db2b4b334697153b2be

SHA512
05920aad85cbeededb1cf4a2cd039eb8b08f0f65765f18cd8ea7f44231c1f55f47f16d7770243a7b0988db4414c8f8c1c3260765c2db2686823322facd9abbe4

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\package.json

Filesize
852B

MD5
92fc6ddc4aa90f7dbe628b0245c7241c

SHA1
d085a45d913c14a385f67f391e76f58c4490ff4d

SHA256
e061fbc391a726c7b76b481968274a4cffecfaad0fd0f8d591a4611745462622

SHA512
88751ca27939bf4e09277d9fafc2ebcc03a7648fcdd1a8347b749b69a417d3f7923d5176c2932cdb21e4a7389203d07d1b810922e86881a5414754c36e3a4da2

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\app.js

Filesize
29KB

MD5
27bdcbc3f5ed2ee4d8f9c7b867ddfafe

SHA1
8c401178d6d5bcf82322c9b2d30aee5b92bea095

SHA256
b261039e6960f909a12670cefc9e01ec64b7f2812bf7e11f2a193ca2ba998fe7

SHA512
caf0635f7431f634606b7a1c07ef088704ff7edbd1526417978e69ac0528ca0627c09ea07c24bc918aab49d77421a331df289fa773e28db71f9f96105a0c9eb0

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Authenticator\AZauth.js

Filesize
9KB

MD5
cb5b1b6b9f73b6ff52bad3ab54fe356a

SHA1
c05947fbf2a7968ecba02176d5d650c134ae07df

SHA256
36da55cb9564cb516396b5ef5d609bf890036250fd8c7b826865fcae6901d4cb

SHA512
4b773c60ffd5576d671c68289ad19320150f638b82072374e425d8404185d0f2c11e08e9177fe4cbd648ea0b9b3e1847a5c4f0a1b7e11c0a15ad8e16b0f9f3f7

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Authenticator\Microsoft.js

Filesize
17KB

MD5
e54f63679e7373db16307cba276ea544

SHA1
b8c13508c32cde0db0719d648f5090f2089b64e6

SHA256
7c17fb4d0b0c388686ece1f1c01b264a6a25c2fd348d6cf4fd9ad2f315102fec

SHA512
37f7ee102d43596879083c37b70d9e515b29d67a7ad466baf6a7573f961671551f8ffaf49c2ca24236bda6f6e6d38123416d098b636b4712d1a5ca00a4f15463

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Authenticator\Mojang.js

Filesize
10KB

MD5
02a16c71b7e3cfc080e31607c512cd14

SHA1
90c33d798f0ce60109f2710604c56633f25188cc

SHA256
901eac69f28daedd6a5ce4159738b30112c229737b4cc093b9d7a3e8a9671967

SHA512
ae175948d46345526af1fcd9eff6c43f360548ade59f38dad0758fb492ac4121ea0318f23d3cbd69435199d7e9506736c99fdb4340a5f62b908ce4212f96c4f2

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Index.js

Filesize
9KB

MD5
0afc780c56c4d37f50ba6925ba5b6e71

SHA1
2b01be777c88aefadbfc1fe98548b11f8b8e3222

SHA256
8407fb149afd536e3c0db24fc5d934ea39608d5e7f4fbd9f0cdb39e6ad879315

SHA512
28f0a4e7f4ba7aa89ebe855df1c241cf2cc366ad67126a01543b24523a666e354d794aa2d680169146d6bd1f40cc1a4d84c606adfb0569302d2db387cff0282d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Launch.js

Filesize
19KB

MD5
d5deb218c785a312abc50d14084fd122

SHA1
037df2f0e81fe573a051ffce1040c3f50fa77cf3

SHA256
ee0551150e1666b9728087a200a81c438c19343b37a58c22d7277617753f6ff5

SHA512
df592f5e3bbdd4c8f6387a0d2f7fb32f4b99a77b31ce383dd7ae6ca01512a9a37b7b40bf6fa75e5e582d468fa92ad3f572534511a336e05f7a42afdb8ac7f2e9

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\index.js

Filesize
19KB

MD5
d151fad3efa1d66a5f846ca7a5859977

SHA1
8c077e167351c9bfcc015180db889016ed1c66f3

SHA256
459d872d4178265a759791a9c440b27bbeaab345d3b90ae3f94d19cdc88a8df7

SHA512
6eb2e31d177220d6375bf15d23d0be025b6d445934b28bd1b75fa4fa3813975aa6c9afd6a8da9efe482f529049d48669b467004fe16b6aa82c6ef7cee67b8a64

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\loader\fabric\fabric.js

Filesize
11KB

MD5
a34b941c70698cdddf51ef260e7da51b

SHA1
daeeac1205f86797f0f4fd2f56cf1bef0b3a207c

SHA256
2e8a0a27711aeaaa763888ffe9c3104717a11b7dc54edb2852199f92ab694e99

SHA512
20e134bb1e514b5e0b3c13f1634ed569faab6149cbcbba5afe0eb62a26debfc177aa25a9dc20a9953ccd56086389e9ae94c7c62d36c0f980c1286df9dc635ee9

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\loader\forge\forge.js

Filesize
30KB

MD5
8fa50e1b71dddf2e3819a80c71686d3d

SHA1
79e8ac86502c66ce78b1e34f5acb4eedd176be4c

SHA256
91dcc853c23234c6c587bb5b5485d353cacd955d241265d04d825d058e7101ee

SHA512
c8e292b894b2fa728366a9142d2c7593400a583dedc9d59c16b172358b035f2b953f88f70c580c8f1227dfc9faced8f50a7ffcd8ba2e3ee231f226f2786bc323

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\loader\legacyfabric\legacyFabric.js

Filesize
11KB

MD5
5629503ae52db60433430666ed77d40e

SHA1
1323ea748947bd694639cc81f220cc1e53e851bf

SHA256
aa22268368427c20a5eb40ade7fe12df93b9f180da06cb0116cd6e4fe78e143e

SHA512
68ec5b0f06426f4d6731c1182fa40d1abe9393a2f2ffc28901cd92a8bffacef263b5a57accedb3d065292ec626409e5dd3159d22b64fd329c036427d54e2676d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\loader\neoForge\neoForge.js

Filesize
21KB

MD5
07a79f52603a256d71e0cd7387d995dc

SHA1
ab1ea858856b106d72006ffa937427c3e2fb65fc

SHA256
4af9fc9877f94b005794f8abe6ece8ee79e53158f7f18998edf75a1b27fecd76

SHA512
c2815e3bfc6a30d16c62a057f7f7dc27183bf92d30c6d2ddcdd7d3cfcecc3faa55d8c7e414387d1e5d1659702b97303909926f57cf29b44897ea5f85dae2b99a

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\loader\quilt\quilt.js

Filesize
12KB

MD5
df6dfbb59df92eba02d54639404a5e4b

SHA1
8dcfb6670969292e1297286d3162e8c624efb434

SHA256
a743b88492d0cb28bdfaedf334659a7b24f5ae5195154b197fae36808f3ab995

SHA512
473ae7816b27aed42d04fef342a3e958f27b49400e9a54d206ac8487fbfc7451deb836ff7e4d5d7dee63f736be9e53a945abb0da6776906f344d4166f80f9a7e

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft-Loader\patcher.js

Filesize
15KB

MD5
f66a242fc1a559f8b6e9fa092d8fc482

SHA1
64552c126c7bbf5c01e7d5fa0f268043491a48ed

SHA256
ae9aeeffefdaca41b98afb34abbeb815208e29b25143ab9d1df755ebf6829da1

SHA512
83de2ab47f8081763aa1600e395f8f4e92772fca53b43532fa00ca7b6defb02cd2d9bb0bcb5b90bcd3d017424959f2031d09d7374912db57ec6677155f9cdb1b

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Arguments.js

Filesize
17KB

MD5
3c68844316d2e7c9d36e879687c38dce

SHA1
38c783c802f91100c579586c1c51a9f7720d1fbf

SHA256
239a18dd5e5028371c9c56cf8e893ae7bb11e56b740e06111a1169bca3c85d3d

SHA512
dbb0c2cacf93c84b29855af29729a5125c877667b2af2ee006b02d70d1d9812d60e1ef3191c585d28fddf49f9a3c3b72818e46dc85848093af149d0a54254810

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Assets.js

Filesize
10KB

MD5
8b12eee4da8f5b2a4be0b7d8cc9947c7

SHA1
589ca8acc73c81647a8b1c004e012ceb6c635edc

SHA256
92aa858038c7bec823b0c5d8316d42b8158bb6d2d8e627c2c5ea3193d4123d6f

SHA512
f5b0ee70253a5ad01f03de89e07f3e277bc2f65fc082c14eab54291e356fc1ab79638d545f736727bef8c5d892285572bf2259b2eecf85aeab22ffcf4a9b027b

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Bundle.js

Filesize
12KB

MD5
126a465780f6beffeb2c80879058038b

SHA1
a9878fd3606e5d272b81e8e9b3c4c4a0cf179756

SHA256
482809914a056e4e27b37552f13a2382e8092e732173ba616ee7b4b0051c26d0

SHA512
2ad9363e29ad4a69016069cb1f1e12b7bb4bf55d8e0f076d016f8f3f9b3e368bd888e97fc1f1d17621c6d5a7399a3a616267d8a5bad3aa77471aa9a1afaddf96

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Java.js

Filesize
15KB

MD5
e796a46176fe97070da9d4a2e70cd462

SHA1
920c67734b17a5ada1d1901a9f7d3fa10ec65edc

SHA256
368ff0f2527d7a5209bf70195b016af002f102a5ddc1e74b354b5f6e46908379

SHA512
90f7edea9d5790cf670aef5db25becbd7d7ca3fb0fbd20ef01e2a553677b305c6ab17814f7bcca70eb96c4395bd8ca29517772fa40b96eec5e09be9e8b9fd462

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Json.js

Filesize
9KB

MD5
e179674f687546a5e095ef5edad6c2a2

SHA1
aec569552bea91cdf9762a7155896c2747b6c882

SHA256
183432db323d62a1fdc3cf2aa84cac718d725c8964005720b7b4a6cba143eaa9

SHA512
be45e9ba375406079c3992b01bb84f21783587a5831abfd12f56f55f4465815f6fbd4c887709ed9a6b609cf029fd1ecd8a58c7bdcd739650a383020ea671979d

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Libraries.js

Filesize
13KB

MD5
a8dee98ccd6417628051286a305accc8

SHA1
413f040d0b2419d19e304bf6756d6fb4a8f9ae16

SHA256
77c09cd37871591dd4d06362404ec963c8b0c90b4d9100f27c4e4547f54f65bf

SHA512
a9557348a751668751d37fe38a1790b0d58e5bb327bff727bc5f92adadbcb9c99941a3c85c834bc6dcc950da93b6854779e453879640458d23cd3dd3d0fe185f

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\Minecraft\Minecraft-Loader.js

Filesize
10KB

MD5
3413da3f1ea0585ca1e2ca8d85f1b054

SHA1
cd1ad0e49a9a263610551496cbf8700ec98496d8

SHA256
f1420aa9fde87fbd0326ac6b7270c1e9f9ac4d5b87af2f3cdbb5fcbc49c51615

SHA512
ba572b0c110d0da22c52e9beaa8eb92a78562dbda63393897e8f8311debaea3a3bbea901b02d931f7c32ee13c9f131ac95f8345805855c06e67d827b06bd5b8b

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\StatusServer\buffer.js

Filesize
8KB

MD5
735c28a7e4a1cced7dbb842693daf7bb

SHA1
08bdc698f1932c90ed908f27b471d2e7b6b84cc7

SHA256
cbf74b43eb49c29dc8b261bf5858dbee66c53c7c408e84700801fc5d3c7bcdeb

SHA512
bd91c49f236568f579a5a0cbe70fbabf1913ba24a935d8f7909e87fc648abf9790ee17d2ecc283a4b83b6aefae7aee1f82004cd8389899ee4002790b3bd853f7

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\StatusServer\status.js

Filesize
9KB

MD5
f6454b914c0f2e7978d29728e32aa827

SHA1
2d1a8ebfa01e14f2b384bab78af526cd035b1e22

SHA256
5aebd3f6ec280287440ebb5103ad0aea37e57afbf92164a7a089657d39c6f696

SHA512
9127e07288e6b12f3784846e3e255b5e433febc9e6e75a87322c02b8277cf24c9c6e6e0740bdeee3e53500259be3bdf6adc6b7b15518b08de69dbca1f0a90882

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\utils\Downloader.js

Filesize
12KB

MD5
e956245121ac4c55d8a2347f7b22f2ba

SHA1
81bae04e6bd30a628f6a8a589f83f25fe087253c

SHA256
cd2e4071bdf7620fa600f56637506b3367684ed1003dd8ca8fbe1e63aaadfbe4

SHA512
082f3f4b018939a26d152949f7a099fa68ae77ed0446b639edd91ee891c796cf6bc6b9e2b24eda58a7e4ed37706c6d91b52be4bcfdc5b7e073d625a97021375f

Download Submit
C:\Program Files (x86)\Battly Launcher\resources\app\src\assets\js\libs\mc\utils\Index.js

Filesize
14KB

MD5
265738b5b859b6a42ebcf5107dbece2c

SHA1
2f94a6b2fdf96ae7deccea9c97aea9aa9b466764

SHA256
c65fbf51ab234a8b038d609237ed4b6507f05b28d425fbad439c05f44effd63c

SHA512
82bd6b70a7669da9f3846ef10d49d7ac14f0f0df4054a4d1f5c502648d720087dd2352313705e15d6813125c19aaac0de58ada0ef46103469d88907d762c8e08

Download Submit
C:\Program Files (x86)\Battly Launcher\v8_context_snapshot.bin

Filesize
471KB

MD5
6503b392ac5c25ff020189fa38fbaecb

SHA1
50fb4f7b765ac2b0da07f3759752dbc9d6d9867b

SHA256
add78f3f85f0b173cbe917871821f74c5afe0a6562462762b181180d16df4470

SHA512
9c12fff1686845a2c0b43d35a8572f97e950f232f1ce5690fd1212f48c171edbcc5d725754f10a66599b0823ac0c995c7212e263b7e02ea0ed9f2d2b937fa760

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-NTTTI.tmp\Battly-Launcher-win-installer.tmp

Filesize
3.1MB

MD5
0f370732f33fe81b12d0181518ca1778

SHA1
a49ee0512eadcdc2c025655c13a31bb79f40b977

SHA256
bf413c1f71469b83fe1982e27eba9288c3ab6cf40a1c6ec80cf4a49562199d2c

SHA512
e409902a1d05b1d4b691f8ceffa941ee23c2e62f201a7c85be2ce1069107cea5eafa8f36c46c1296ab372b5259978ada80ba0918d7f69a7898395ecc5d1d0620

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
f740adac0ed139e54321962ce8fbdabf

SHA1
115e9c559a9a2b6596f325a720d17286df6413b7

SHA256
ab1bc587478f2666db85afbfffde6a75ff2b8375d9bdbb058f129e82f4449863

SHA512
d421b75ffe8e604e01cef0022e494a226cb9698c6186ad2d57c462c327f9621f9afb655004f4cebc4e2e5500d4e21d907234db81ff0a1527ebc541b19f1ad5b4

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
b1200df416ddb02887c893bce407c25d

SHA1
a9815191e97f0bae905d7d8043a9c93882fd7f4b

SHA256
a816123ac33ad480a09942d466d1c173253afbb778629fb08a5ab193aa08156d

SHA512
8af2eef53fbb01b4722ff10face1af9dcaf7157a3bfa77efd7d8980cf6d7ca4275b623d94ba1de18afc9d43bb0e484555f729d5052d790fcd11d81b6272d95b7

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\Preferences

Filesize
57B

MD5
58127c59cb9e1da127904c341d15372b

SHA1
62445484661d8036ce9788baeaba31d204e9a5fc

SHA256
be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de

SHA512
8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\Preferences~RFe596383.TMP

Filesize
86B

MD5
d11dedf80b85d8d9be3fec6bb292f64b

SHA1
aab8783454819cd66ddf7871e887abdba138aef3

SHA256
8029940de92ae596278912bbbd6387d65f4e849d3c136287a1233f525d189c67

SHA512
6b7ec1ca5189124e0d136f561ca7f12a4653633e2d9452d290e658dfe545acf6600cc9496794757a43f95c91705e9549ef681d4cc9e035738b03a18bdc2e25f0

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\Session Storage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Roaming\BattlyLauncher\shared_proto_db\metadata\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
memory/956-16-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-3227-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-2817-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-3293-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-6-0x00000000009E0000-0x00000000009E1000-memory.dmp

Filesize
4KB

Download
memory/956-3214-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-11-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/956-12-0x00000000009E0000-0x00000000009E1000-memory.dmp

Filesize
4KB

Download
memory/956-8-0x0000000000400000-0x000000000071C000-memory.dmp

Filesize
3.1MB

Download
memory/1328-3447-0x000001FA382A0000-0x000001FA385F5000-memory.dmp

Filesize
3.3MB

Download
memory/2920-3335-0x00007FFC289F0000-0x00007FFC289F1000-memory.dmp

Filesize
4KB

Download
memory/2920-3446-0x0000027777D00000-0x0000027778055000-memory.dmp

Filesize
3.3MB

Download
memory/2924-3395-0x00007FFC27CD0000-0x00007FFC27CD1000-memory.dmp

Filesize
4KB

Download
memory/2924-3396-0x00007FFC27CE0000-0x00007FFC27CE1000-memory.dmp

Filesize
4KB

Download
memory/2924-3452-0x000002413D8D0000-0x000002413DC25000-memory.dmp

Filesize
3.3MB

Download
memory/3392-3294-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/3392-10-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/3392-7-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/3392-0-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download