4f00e52b67df81eae3af2de34c38a6d02cb215341c02b7c4c9427a3f3f044758

Analysis

max time kernel
31s
max time network
155s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DiscordSetup.exe
Size

91.7MB
MD5

4284989e0e4855f3192787e17d052559
SHA1

f44ce02d81b0c7ff01e6e103c9601f9a4af3c7e2
SHA256

4f00e52b67df81eae3af2de34c38a6d02cb215341c02b7c4c9427a3f3f044758
SHA512

47e63f6d8e04595c2e4b026e4228447a3112dddfa35d6055a701d24d33d491fe463a3fe5dec0db50d1b3a21f15d8f29e89853b8d9f97aa253d44dd9ac4490f40
SSDEEP

1572864:cj+KJ0shd3zsMNOJlLLp19n/chn4O7seo+ARYZKWKIbAU+Z54kz4M:++KJz3I7XLLpLn/ch40Z/KJ2bMf

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
2916	Update.exe
2860	Discord.exe
2088	Discord.exe
2008	Update.exe

Loads dropped DLL 7 IoCs

pid	Process
2020	DiscordSetup.exe
2916	Update.exe
2916	Update.exe
2916	Update.exe
2860	Discord.exe
2088	Discord.exe
2860	Discord.exe

Modifies registry key 1 TTPs 4 IoCs

Modify Registry

T1112

pid	Process
112	reg.exe
2228	reg.exe
2856	reg.exe
2612	reg.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2860	Discord.exe
2860	Discord.exe
2860	Discord.exe
2860	Discord.exe
2860	Discord.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2916	Update.exe

Suspicious use of WriteProcessMemory 22 IoCs

description	pid	Process	procid_target
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2020 wrote to memory of 2916	2020	DiscordSetup.exe	28
PID 2916 wrote to memory of 2860	2916	Update.exe	29
PID 2916 wrote to memory of 2860	2916	Update.exe	29
PID 2916 wrote to memory of 2860	2916	Update.exe	29
PID 2916 wrote to memory of 2860	2916	Update.exe	29
PID 2860 wrote to memory of 2088	2860	Discord.exe	30
PID 2860 wrote to memory of 2088	2860	Discord.exe	30
PID 2860 wrote to memory of 2088	2860	Discord.exe	30
PID 2860 wrote to memory of 2088	2860	Discord.exe	30
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32
PID 2860 wrote to memory of 2008	2860	Discord.exe	32

C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe
"C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2020
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2916
- - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --squirrel-install 1.0.9034
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2860
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9034 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x388,0x38c,0x390,0x384,0x394,0x8ed5d78,0x8ed5d88,0x8ed5d94
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2088
  - - C:\Users\Admin\AppData\Local\Discord\Update.exe
      C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
      4⤵
      Executes dropped EXE
      PID:2008
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1372,i,3363699058402758591,7893828372188072941,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      PID:940
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1424 --field-trial-handle=1372,i,3363699058402758591,7893828372188072941,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      PID:2912
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1372,i,3363699058402758591,7893828372188072941,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      PID:2480
- - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --squirrel-firstrun
    3⤵
    PID:1996
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9034 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x368,0x36c,0x370,0x364,0x374,0x8ed5d78,0x8ed5d88,0x8ed5d94
      4⤵
      PID:2180
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 --field-trial-handle=1168,i,5095083805719527023,4788017840072879318,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      PID:1808
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
      4⤵
      Modifies registry key
      PID:112
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=disclip --bypasscsp-schemes --cors-schemes --fetch-schemes=disclip --service-worker-schemes --streaming-schemes --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=1904 --field-trial-handle=1168,i,5095083805719527023,4788017840072879318,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
      4⤵
      PID:1988
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=disclip --bypasscsp-schemes --cors-schemes --fetch-schemes=disclip --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1352 --field-trial-handle=1168,i,5095083805719527023,4788017840072879318,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      PID:2144
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
      4⤵
      Modifies registry key
      PID:2228
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\",-1" /f
      4⤵
      Modifies registry key
      PID:2856
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\" --url -- \"%1\"" /f
      4⤵
      Modifies registry key
      PID:2612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.1MB

MD5
ee4b1b9b26ecb54c7addb02edbabe388

SHA1
eace5085c3c1e9502fdc33acaba95da45b4b89bc

SHA256
4518adabe9ce70de9c4e2af90cee3c154268768a94f4c2adfaa286a578ede518

SHA512
59291ef1337f8062a592b3423b11882b354c4332de7973a4cfa5e65d9198329368231623749bda3325c214bf1791b89371bceada6edf6672544ed675319e4e01

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
4.1MB

MD5
197351b3554c4de8afbbbab560fae7be

SHA1
2ecb4a7f1cc411892a8fd9d4f257106db3757f6d

SHA256
541b2e89f810731cb4630bffde9992430ec13c834dd49ec4ee0d157e54782a34

SHA512
feaf06a0b2d87da0523794ae42d387f624efd47254a1534483720575cf028cb234dc8842b0aa6d7f995645d190aa67481343ad24b7c4b242781c9c04d14ae724

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
3.4MB

MD5
231dd50a87a9a70c2fa91755b1cf0b5a

SHA1
38919680c89e315394b6992f27d7ba93ea83bfce

SHA256
67f45146639b1255dd5287eb581f06074bc6eeab9d6a2b1456c16ea89f455fc2

SHA512
ca1038369d914f6bfd7666c35ce33d68da9435261f4ac27e5f6175feb4220c97348cf9efbed5c8079b5c1231efe5f86964bb00edee46303ffa4fb4e373fe6671

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
2.4MB

MD5
aaf89a104a1516ae3f266e751f48be49

SHA1
57cabfd3baae30505f1d9c8f3e9bf50cbf69b405

SHA256
01b9b10c07e5d0f5e4f8411fb586322c3d01c3587e6d593289e728c70d1b1daf

SHA512
bb6549e707639359a05d03ef4b7703bb770de5d8fe29604b3fef01f4700df10da4416cc8f9f7834fa6607c003d46c07fd96f81a4951f3cbc77c01445c5d8e8c8

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
1024KB

MD5
06cbbcfe839117ecfe07e529d4223283

SHA1
a26a1fd001ed5dc92c76c3118e258d3a67279f9b

SHA256
07755029ff31e45089d9d6908f8d044f62fb6891a0207522231e317625ed256b

SHA512
9fee8ffe512a4fa8fe4fd1c3b58ca20b7e82db7e5f5d872808bac0eebe7fabb7b8493d1825dd4e1895822d8061e8d08b4bed8d38acda4d22e3bd2b212f538838

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
896KB

MD5
803407d944c2efef9e49e729c928ca29

SHA1
57743a563e1752852f0ff345dddd08f1de75df94

SHA256
57ec38ba419c307af60de5e948d79f1987a295543a2a948e5d3027b0b422c554

SHA512
d128a53af44a94449128f36607ff953a2606d2f4099ad5ff0c909a6c7cf5780d9a1fce7798339b54c60b3a7a8b7007b0cf071cda329f484348f840e211c68a52

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
1.3MB

MD5
c908deaa171ad1efe43fe549804cb126

SHA1
b1aba991ba269c7996765ab1a76b2e12fdd29387

SHA256
113034a79f02bda6ca60030e3a4471f6f413b213999f7af1be58e128ff30302b

SHA512
77423bf95231809709b19040192ac5704bb5be0c6063fb9b0519214135a8ae508be924cbe08bcd4943497845236ae6e00ac6483fb3f9f131df6ea5831a647ae6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
2.8MB

MD5
92ce7329bcdfdac2c58571d94a96cf91

SHA1
779606d0021c5e1a7fda801b4485635fc4e4e69e

SHA256
30319f078a0f814d9f5c3a7f001dd32dfc1e0b8636e214dc5fe916facf03f0ba

SHA512
7900359b153d1e9d7e91983b4c09e55f120db69a9355db5ec0661b782bfc9c2ef6909d171324acc52b793bce0596e5abaaff9e88abab19b236776c4154d653e4

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\app.ico

Filesize
278KB

MD5
084f9bc0136f779f82bea88b5c38a358

SHA1
64f210b7888e5474c3aabcb602d895d58929b451

SHA256
dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43

SHA512
65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_100_percent.pak

Filesize
126KB

MD5
d31f3439e2a3f7bee4ddd26f46a2b83f

SHA1
c5a26f86eb119ae364c5bf707bebed7e871fc214

SHA256
9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

SHA512
aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_200_percent.pak

Filesize
128KB

MD5
40fe43a034dda6f52c43d7c8a8a1947f

SHA1
732c6378769ddb7db32fa6c12cfc3e485f8c87aa

SHA256
d681b74167dc4c0d39f110799af4f6c45ad8ef93d951595a7e45aaa298d5011e

SHA512
3cd4222485c31b7d9b1bfb4c07e2ccf410714f5c764f07c32f95ea33fdc1d24c611738a8ed790c808d688b783fd19c55f42fdafc15f1b97d14675ff451338d06

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
320KB

MD5
6ebf466e2341ceac8cb78c09f0f7f729

SHA1
6177f3cd76a443dff6a298719938b1733dea4962

SHA256
67161588c356144c9fed2e5b73700777ae734a19e6562f416453f3507040f3d7

SHA512
14a50a36c4e0e571b37583a9be4ca8d9175e4f7aa3029204b2fe8f541c418449b1f1cdc912dd8b7bf22f37da757b4624e5e2fcad2ec8e935b7dba02a50ec6b7a

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\icudtl.dat

Filesize
704KB

MD5
295e634a0d5828213363148d06c3adaf

SHA1
b4bdfdddde078d56cb2d268eed9289919c8c4253

SHA256
97d88c607b5075214e1bb5f724ccc63221f1bb6b53e1ac7468fc067c8e4ec305

SHA512
571898c0e4c4b4f5cce20908c443f863dbb611e9f6acde235951410445c9c360d2a74acc37057615fe99ecfded5230815acef88d760a6855b8389dd4544bf77d

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\installer.db

Filesize
20KB

MD5
12ab296c584d0aea77cac623385b76dc

SHA1
918dc389d725d1f69a4bfefa75d40a872fbcd976

SHA256
0f83aa6a22a656707ba0229c5394a720589c88bf9664ca2aaca6b3b1d74b7560

SHA512
997926bb189cebae9cc8f4188b1564a0f986bf14e86c034c3f8ac90bda2fea1e571e2bac3ac5c9b49ad3527280a920b20fbc6d7f80a40e43babb08ad17d24767

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libglesv2.dll

Filesize
384KB

MD5
ea6e24e386bad4b4ef48d9118aacd455

SHA1
058264b1924f62aef564abfc457941fcf00a0c74

SHA256
e4802b41ac4cff7cce7a056fb0384a9a2c2b81723c09dac6f75187c3e88c5ef3

SHA512
5e4e55d193d1630be538995022d97ec9f150bfd7cd31640e1c1ffcc0dba888f6c129e733f266da089464e2f6429ee056499e5fb5d391da7a873ce446f2ded970

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\locales\en-US.pak

Filesize
64KB

MD5
dc0c196286a372711d4fe03a18e700f2

SHA1
bc3569cdfd305548371d224f0af0249ca440fce6

SHA256
f1e160cd900e23448628e24481ed8b8d7e1cd625bd456fe56132ff0203d96101

SHA512
3ae5a8aa7a9d1d3787c92620b487fc9c067d5a7615ee0b561f0dd9b2887377476abf7908c3c79c4f32e7e5524dbef87a63d82a2648283bb389e946ce4fce2e82

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources.pak

Filesize
64KB

MD5
42e3e3320eb2480220d6c99581318b15

SHA1
03efd4302d9998621779a454ef551ff465afb41d

SHA256
45ac7bef3ade15226f02a13552c1566109da766800365f947b7f387179483a3e

SHA512
4cee8c37810eeefdbf62e7925420dfcc63b8fb37bf496c782dfdbaf0d15265fa530562eb422d38f343e78ca7fbc355f44da4c155af0a5647f7abb194591a7e33

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\app.asar

Filesize
1.4MB

MD5
c64898e3bc7bd402c79c617f9f970eb5

SHA1
0ef7b61066be24a4a1f8c62e426049edaeb19328

SHA256
5c164356754e146c375aac7fb6d04c990074ccd48fcdb9a416c795b0e175aba4

SHA512
52d6671f7e9dfe245615cc91d6f4b3f712bb9906bb7a4cd24dda60e620098659946e060ff13230e9a4686aafaed9fcba9a224333f79025716fe94907efa97e4c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\build_info.json

Filesize
83B

MD5
bda0e192ecd5b268af1dbbf93c13a154

SHA1
d6b7b2d7027065ece9ad48c9d3719b0114fa4745

SHA256
317380e636c13649b2a612755b465680670f8b72afd54a31f02165247b2dba3b

SHA512
3afee33b1503a2306d47b65b6d8f130cc14b7ec93129dda54696f42b20ecef57b68685ce4d2ced5928ad84b08a149d1c7ade0a7e55b538ab1efa218c62c3851e

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\updater.node

Filesize
1.1MB

MD5
a90d8da16f28bf859e2321df27b858b1

SHA1
d279e911ee1a94c536d600e0e80550556e49d5f6

SHA256
13ec51492f25a1b41d4969b50997eab3602da1764adc42e6cea08dc908cece62

SHA512
4a38088f72e8bdd06d2b35983f299a323c26760a1a2918235d5a5740af435e9af48f686e44473c9e16c5176710da9638331993dd649c66810b729e586aac5ede

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\v8_context_snapshot.bin

Filesize
585KB

MD5
3f6f227dc46c0d5262cd6ca9bb7703e5

SHA1
c8bc76f93cc6305e70f2041a52acfa6c44e9889b

SHA256
869f5e88fb5e04840f035fc1c3f688e94499c8514bd053c9979413ebb8de4611

SHA512
566394fef910b8edeb04c7f5c172ce9b361478275463f7eee4b5611536241431fa7638e47e5ac4b9df7467c98b120869b4e4f87e46628b40dae5685897cd256c

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9034-full.nupkg

Filesize
64KB

MD5
7658d082daf603e8fb079b318069c08b

SHA1
37fb2320a571d2952a426aef9dcf4dcd3caf4ae3

SHA256
98e63921f1bf0fb60d4aeb726551a4adff9fc527514c6c9d9bdf90b503dbf779

SHA512
275d6534d4bbc48b6a2f0ba68713d683e942d240627baef8704944a6cf1b9f3d1cc9aa8caa288a6399961d1a194bdaba677e0e9bc5c3f25fc7d291d7dda84bb8

Download Submit
C:\Users\Admin\AppData\Local\Discord\update.exe

Filesize
1.3MB

MD5
57b8ea376ce9d68ed2af5859d16e9b8c

SHA1
20c294b33144c11b347cbf9197b6119350a1a52c

SHA256
f9a62f7c46948ff88a3f0ade43ae814b058b5c82f92c4133d335b90c60cb0f72

SHA512
fd45caf9521783fc12fedf85b9a64ea4661d33ce28828a83fd9f41d68e6e6b94b2003f0c3a28ca87c34f09095ea606e5abea56ee1f5871359a21d3f64e21eb99

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9034-full.nupkg

Filesize
15.0MB

MD5
a7eaf01ec3fefef3e47869bb093c82fd

SHA1
b44e4d7711cde906a305c4b432a206aa01e45803

SHA256
c8275394726e8ab99fc1b6788dc3ae6035af02acdd8c02e3b81875dbb601ab03

SHA512
e32795fc7f6794a5129ce97dd08668e5ae681650eb6af3948dad37026b13f1c6c934522606528c2c420185131c808ce83e5f06356ece39e90610babc08c925b2

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
80B

MD5
e9918809775d58624595598e49b57dbd

SHA1
d4e170c0fb629d2835e17bfefaefca66628184ca

SHA256
04e4b3bd71dac9838240c0ddcc37c69024d06d9780f6180b9617c6272647ebc1

SHA512
6ab392981d0806d41d1b991ea97be5b4a218997ef3646ee4528969660baa5bc70365d392640c6bcb9492c0fe5456b062e334c42e6884bf6ab37df372f7f79048

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
411KB

MD5
f5e92e70d57848c2a0d33c9a5a75793c

SHA1
4934b0ded0529a0027183d04ae54c27db9df919c

SHA256
29c6201650011ea9dce4684abaf966f0d6fcbeffbda8fbe65f3fdda9b2f55280

SHA512
1381da9b0b48b0b3da9d86e63364870fdc8d190f9dbd3fb11ef3476db16accad6cc758170cb89e924562a7a429384fa22ad69abacaf661476c30e097339ada07

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
633KB

MD5
9c9230383e64fd4c1179d085003d85b2

SHA1
ce9be95fa9f670c8f5bf8bcba05126e19e73a57d

SHA256
26fe90f430005067d46ccac392c96c610870b67ae3f13bd0530ac7c322019302

SHA512
5186899d2eb17c009ed57729e17a7601a3787851698b122488f06562c29a7cf5999385d0af876a8daef66fe5ef8c3e10f8d361768ad0fa58555b0e65cc252aac

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk

Filesize
2KB

MD5
663d3f319acf2c2aaa113843829eb5a7

SHA1
9b912feda6a28e25e6737085588ec11420134c74

SHA256
61a547ff3d1a6c93fededcb7347b274272bdc67572b5d468aa65d457be1dbc83

SHA512
3478ecf3181e29d6d0f03323a8172ec130b6e1c482f55312459ab35938df9070af3c5f09c322dd32752f58f0fd2262dd08c2ac7096190e61bb3f7a54228536c4

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Crashpad\settings.dat

Filesize
40B

MD5
c7aa4ee2da231a85a683d0b212db1f9a

SHA1
c06e36f8572da031c991a5a1698c7034459b4bb5

SHA256
3c6f9e38f906052abc225a0b5212f9c160ba959f0dbfefc637f55eb9380b23af

SHA512
ce17fcb6d6f392382c797c1aa48becb27c35ef19793390c837c6b5ca04721c4006708058d9fae3e38b8ab6cc77282d09ac22212c8cfc19f6195270bf977e7eb7

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Local State

Filesize
389B

MD5
404faf123ed2d8be15516337da9c4539

SHA1
8996692ad0b47766227b3a917ee5638425234c0c

SHA256
cbd4bc152a31e63bb09a1069415685cb5897f6d63b21020dda8c3e62ea913bd1

SHA512
8df07f5dfa7b44219a76a5a5d9a1ff38cf2e0605337b3a0c17b169f6863c58cbe856e03582b174ba9d4c81fd9d722c3e07bb46a24421442573e2a4d9f16937de

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\CURRENT~RFf76f1ed.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\LOG

Filesize
168B

MD5
19f90640b8822fce59e10378d8191a67

SHA1
a8ccfb431642353faa7a20b95631fd3fa3f025d7

SHA256
e9d1c5064be1543c539a48dd9bd005355d0fd349d397ba857c86a31ed8306b82

SHA512
fc531aefb673a0b76d10b7e47060e8bcf340da304d87a2ef3593d3ced2c4e68137ea16c73b33076e0e65ed9a2c5eca0807ceac9ffd367dad544434a8501f2203

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\MANIFEST-000002

Filesize
50B

MD5
22bf0e81636b1b45051b138f48b3d148

SHA1
56755d203579ab356e5620ce7e85519ad69d614a

SHA256
e292f241daafc3df90f3e2d339c61c6e2787a0d0739aac764e1ea9bb8544ee97

SHA512
a4cf1f5c74e0df85dda8750be9070e24e19b8be15c6f22f0c234ef8423ef9ca3db22ba9ef777d64c33e8fd49fada6fcca26c1a14ba18e8472370533a1c65d8d0

Download Submit
C:\Users\Admin\AppData\Roaming\discord\Preferences

Filesize
57B

MD5
58127c59cb9e1da127904c341d15372b

SHA1
62445484661d8036ce9788baeaba31d204e9a5fc

SHA256
be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de

SHA512
8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

Download Submit
C:\Users\Admin\AppData\Roaming\discord\sentry\queue\queue.json

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Roaming\discord\sentry\scope_v3.json

Filesize
1KB

MD5
66ee11ba4ff9efb9b293b686e07aa70c

SHA1
6ac29c545ca0a1a15decb14eb1788a03322cbb52

SHA256
e53551cd1a48ff786a7a645ed58c7800dd9d7fdaacbc5d2d22095d4f330c192d

SHA512
80aec3a93da14ba523d9b5b912c3955c92acd917e403d8635dc5c11c5aba3b0543764aec4d2f402b6e31ff8782808124b43e3cc02abcae3891504edfcf24be3e

Download Submit
C:\Users\Admin\Desktop\Discord.lnk

Filesize
2KB

MD5
c199a045319dbc9bbeb8b9ba7b36ed97

SHA1
39c1e893ea9afc263be409274da9ad038dd63cc7

SHA256
98fb31e417ec271b54558b572e45a30a6771541cb9d24e40bbeff77c8eb78427

SHA512
8f33e1c4f104dd232c85ab901a1db7c629e6f17b84d09308d5ad652a79822104cd570c12e63b7e9ac51f488c9fa4c2ccff182d758f45806422fa38824cec528a

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.1MB

MD5
d9483ca87886c4d0c514fb5b0da8112b

SHA1
5754e96e334dafcd1e36e19221b0336153c1240e

SHA256
ccd5fa22201d4314b0dc6a41e07aa68097faec8c852e67e9cb882441acefd1b9

SHA512
e14343f2ab5f3a3d8d9cc045d3b0de89a6532c4417c5e23f38c5984420551ace793512b33b1d711a6d16f02b128271fe3793f793fa195189a3447f5020f9e960

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
128KB

MD5
7f2b42ec591fdbdfc9c878a4789cd8c0

SHA1
cbe4a4d15b65bf74e7ef39f22d550e1f9f20e06e

SHA256
6e114e1fdba800300cc44635813abddbc1b5d9a131673069f7ff0873300e1cbd

SHA512
800fe0ca7cf14d088d2dfdf7ff6b98a0067e82cb8e2f09873f34493d40aa0e2662db4acd711a31fc0b184e0723e2d78b7e6684d7f799df02b46c9a07c858a50d

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
768KB

MD5
05a8cf904fe5329309a1e1ab9ce9bcd5

SHA1
e085456ad30181ee423eb57e13950aeb86642013

SHA256
071eb7d49d4a86e323259eb015c8d1291bc023c84d8444d4f87ecb0c0eb8b9c5

SHA512
19be79a2cb6b54e990198940ec6ca954378656effa18aa074b8a3d9c2d30e0521cb9ea485599cfe01f12cf844821a095c79541ee76872aeab7bfaccffc3c623f

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
2KB

MD5
2cd24a82bba47badb9d60985a97db3f8

SHA1
ded417222fd37e59662df77d0ee38022d90ad7e9

SHA256
13b831fe66509331bab3a8f22a31b53379587a22a569ad0778e7adc3410c376e

SHA512
caad5f03072e2562891a25d7b5f14a6f4374318c02f755567d1f411bc46efe7f6ca9f1ea86f50c024c41ee92c60429b3d9b9b4f5691e62d887cab34c15380910

Download Submit
\Users\Admin\AppData\Local\Discord\Update.exe

Filesize
1.4MB

MD5
40ff1a0201339c94413a75a23d181d64

SHA1
ca0eb9c0a260594fd66de99c226ff3ccb4d89f82

SHA256
441b0385b0fda01f440adf142b718d166b922a90e4c1e8f10d3b876fe3013b2b

SHA512
1d973a2f6faad8e245fa2059a9828b3ae906ea11a536a62f6909cf44947e18f688b6547f25f4e0120907bde6cbaeade327e052ae69a8aff3c5fcb252bbce8716

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
4.7MB

MD5
069a5c5cc575be04c692d8063034ab9d

SHA1
15b2193548b178e3368b30fdf1c963c882fcf147

SHA256
9561a9a5ec88e0374c0c65c6abd981e9b5ccb142483595210e0f1b051a4f91a6

SHA512
5e7800cfd5ebeb5f45d97fa5cba5a858c533a9c8620e380cba33dc31e4e4e411c941b160b1bdd6047b7ed8c9b0b0c3776bd019c3b93324935b2b51202dc280ad

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
1.1MB

MD5
c0129c40639b587a4022b1636ca93086

SHA1
db6425ed90b5b9aee957ed1f51251af4b4d2fb55

SHA256
dc931e5a27044d7d32eda83925cf0065c560f40d3d09ec77ae3c5ffc8dd99b56

SHA512
3ca6ad7dad5fdafde18046a6bbe465aafb91895b34b7d5c5d80f2adcf2f8b87d44574207545ac43cb6b934c1b6034d188e207e7c8cdb5c1a3cad38caa4972e1b

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
4.7MB

MD5
8a56a23854079f607421765cc2ee3038

SHA1
8ac6e799d051abd4ce095b2c38c52cd63aeb23be

SHA256
5c829fa14eea68a5d11c4a4a08331117504e02df5d153df6be52a7a137440279

SHA512
5d989d3d3faf336a4f1f744110d41c90f3631032d0a41c2abd6f1c3018bd023ca6836d43620c270a5c1fa3797f48030596ea7ae95463699c0ebe4e4bffd30543

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\d3dcompiler_47.dll

Filesize
384KB

MD5
c2314491c3cfa3a6a193ca55e3a489ca

SHA1
718518d46506f7975604ab0ca590b888d0259bf6

SHA256
1f8660d54f1cd28c082590a4abced0f717150738e4c60eaf12c9b4e0ba43653b

SHA512
45efd45427bfae6ac595f3ff3376dbfbbcf17202431b2f9c80c2038abf094616318d64cabda0c201dd2185bea3ae5bdd6ebaf768e003fcd2d891435d6a048e73

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
128KB

MD5
2a8ef969a87213ec78fcb56f04cc3798

SHA1
3d76ff0e8a7691f9a0c39fd03198df710f861c9d

SHA256
707fe54b1f205a9e7b987e69a21bdbafd72cc6c9432c5ad6f677da7ff0f15823

SHA512
e8dccdf1faf98de1fb74fadcde32d9ca30b2f8a30a58b8916af6b2fe38e39766ead3f237af5309b685b9cdc295ebe7d8dea660ff6c566ab6c94842e36827d77e

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
2.4MB

MD5
0a8c58d771ffed77c96aa6aacfc5f6ae

SHA1
4ec38eec74170bd537d6c17246b516c4f80edde3

SHA256
b6d020964a9cfd989c430c604a297696e3acbd43b59dbfeb301be8911dab9f80

SHA512
4182c920032e2a6f0af99d2861e25cf852859e72f81bedebbb93624afc073cc3a0f1ac5412b40d6c4f924ec52dcf278abb1af83e26cce7b6d77f660f2aba8a77

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
960KB

MD5
174a56cb7fa473565fa9de28524ccc6d

SHA1
6f373f9e371ba38ef0fef58006b85b8d76d10e67

SHA256
b0ebad4e4b865a002f7f88c3a3678690b54a6dc6db6bdcf9c312609a238f1c94

SHA512
e7a956b26a494b854e19200b34a707e5124cf7c1eafe4d579d0cf75f1aa0c6768e7923ecfdac5045ebf2550545a72d79ec7a3f0555119f1a7a0c3f8c8c4357eb

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
896KB

MD5
b4218b58b109628f146cb1245106bfdc

SHA1
b1b8a0a80b567e82bc5188307ded2e82b47d24ab

SHA256
2ef2cbaa5c3c608ca8fb3c27b043d7a6a8e6d029d32a9016c6794566c0a36118

SHA512
f4323f9a94edf68c23743b0c19eb40775bc378f2fb078212b8670fc089222bf1b9265a2a79d9ba66954f11f7117a91cd3a447b4b2c3dfe407f0172ddb376757e

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
1.6MB

MD5
257b535d9dfc6052d8f8d9c8e2b3486b

SHA1
b9d9c6b6e74ca15fe934cc9e94ca311b292c37e9

SHA256
e78dac576f3f51e110dd2dff0f3773e19b18c7dd227280e4d328b1f998f9d79c

SHA512
3c0d0be7a2e35c37120ec1ffff7906e99d63fab4529ff15cd3cc60661935fa4106941e6e87dbd5aef62adc5faa2c154526cc4d21fda4e7e0aa7f6ab66199ee1c

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
2.8MB

MD5
0174c2e8a66b35287c67ec10d438b0e5

SHA1
0806037dad13386874e5ab595393ffc6a70d3b58

SHA256
c3cdff85b8e95b2b81cb911a59926d00fe4385f10199797b06911ed543535c21

SHA512
05e2b8ae54c52a0fac04987277a245860f91308f7223316eeaa8cad1ff3467b7f5603873d5ddb933ea52aec52051c47159c03823b09648ff7e321400cd0375fd

Download Submit
\Users\Admin\AppData\Local\Discord\app-1.0.9034\libEGL.dll

Filesize
384KB

MD5
e6cdbb239c74be4c9b2ab8214087eeea

SHA1
250798fbd12b89a44c8e56da5139e66218818aa3

SHA256
496b0b32569eb675e32344fb0b6a14bf17ada7f42caaf623157252076f779e0a

SHA512
e070e53008c98feefe0a67bc5be85230f93db4da81af9d5a1727db12c69733883a01b22687b010f290da597946442793826e3fe6bf4f317a974f449c0d46baab

Download Submit
\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
b761d7400d5136ee0b1a40b5a3228152

SHA1
ad859361b2494f2de31a85904a076c7bd3214f5a

SHA256
4e06db09b8c3769968c3d0b51d7cf7470fdba1aaf32decf49dbd923708f86ae7

SHA512
a7f6919dc30ab2b3bfd2af6e544fcfcbf7bc52aa40c96136b6a3c9707d14d1116a3f7e72bc334d465bc7dab7df8fe824e7fe74937830b3540e4fa38896c5bc10

Download Submit
memory/940-239-0x0000000000A90000-0x0000000000A91000-memory.dmp

Filesize
4KB

Download
memory/1996-407-0x0000000000F60000-0x0000000000F61000-memory.dmp

Filesize
4KB

Download
memory/2008-312-0x0000000074100000-0x00000000747EE000-memory.dmp

Filesize
6.9MB

Download
memory/2008-228-0x0000000000350000-0x00000000004C6000-memory.dmp

Filesize
1.5MB

Download
memory/2008-229-0x0000000074100000-0x00000000747EE000-memory.dmp

Filesize
6.9MB

Download
memory/2008-232-0x0000000004BF0000-0x0000000004C30000-memory.dmp

Filesize
256KB

Download
memory/2916-210-0x0000000074100000-0x00000000747EE000-memory.dmp

Filesize
6.9MB

Download
memory/2916-352-0x0000000074100000-0x00000000747EE000-memory.dmp

Filesize
6.9MB

Download
memory/2916-211-0x0000000000E00000-0x0000000000E40000-memory.dmp

Filesize
256KB

Download
memory/2916-34-0x00000000009D0000-0x00000000009DA000-memory.dmp

Filesize
40KB

Download
memory/2916-30-0x00000000009D0000-0x00000000009DA000-memory.dmp

Filesize
40KB

Download
memory/2916-230-0x00000000009D0000-0x00000000009DA000-memory.dmp

Filesize
40KB

Download
memory/2916-12-0x0000000074100000-0x00000000747EE000-memory.dmp

Filesize
6.9MB

Download
memory/2916-13-0x0000000000E00000-0x0000000000E40000-memory.dmp

Filesize
256KB

Download
memory/2916-11-0x00000000011D0000-0x0000000001346000-memory.dmp

Filesize
1.5MB

Download