4f00e52b67df81eae3af2de34c38a6d02cb215341c02b7c4c9427a3f3f044758

Analysis

max time kernel
39s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
25/02/2024, 00:27

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

DiscordSetup.exe
Size

91.7MB
MD5

4284989e0e4855f3192787e17d052559
SHA1

f44ce02d81b0c7ff01e6e103c9601f9a4af3c7e2
SHA256

4f00e52b67df81eae3af2de34c38a6d02cb215341c02b7c4c9427a3f3f044758
SHA512

47e63f6d8e04595c2e4b026e4228447a3112dddfa35d6055a701d24d33d491fe463a3fe5dec0db50d1b3a21f15d8f29e89853b8d9f97aa253d44dd9ac4490f40
SSDEEP

1572864:cj+KJ0shd3zsMNOJlLLp19n/chn4O7seo+ARYZKWKIbAU+Z54kz4M:++KJz3I7XLLpLn/ch40Z/KJ2bMf

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3844919115-497234255-166257750-1000\Control Panel\International\Geo\Nation	Discord.exe

Executes dropped EXE 6 IoCs

pid	Process
2392	Update.exe
4976	Discord.exe
2400	Discord.exe
3080	Update.exe
4940	Discord.exe
2816	Discord.exe

Loads dropped DLL 8 IoCs

pid	Process
4976	Discord.exe
2400	Discord.exe
4940	Discord.exe
2816	Discord.exe
4940	Discord.exe
4940	Discord.exe
4940	Discord.exe
4940	Discord.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 7 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Discord.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Discord.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Discord.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	Discord.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	Discord.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	Discord.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	Discord.exe

Modifies registry key 1 TTPs 5 IoCs

Modify Registry

T1112

pid	Process
4704	reg.exe
4892	reg.exe
2236	reg.exe
220	reg.exe
1380	reg.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe
4976	Discord.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4976	Discord.exe
Token: SeCreatePagefilePrivilege	4976	Discord.exe
Token: SeShutdownPrivilege	4976	Discord.exe
Token: SeCreatePagefilePrivilege	4976	Discord.exe
Token: SeShutdownPrivilege	4976	Discord.exe
Token: SeCreatePagefilePrivilege	4976	Discord.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2392	Update.exe

Suspicious use of WriteProcessMemory 55 IoCs

description	pid	Process	procid_target
PID 4552 wrote to memory of 2392	4552	DiscordSetup.exe	86
PID 4552 wrote to memory of 2392	4552	DiscordSetup.exe	86
PID 4552 wrote to memory of 2392	4552	DiscordSetup.exe	86
PID 2392 wrote to memory of 4976	2392	Update.exe	87
PID 2392 wrote to memory of 4976	2392	Update.exe	87
PID 2392 wrote to memory of 4976	2392	Update.exe	87
PID 4976 wrote to memory of 2400	4976	Discord.exe	90
PID 4976 wrote to memory of 2400	4976	Discord.exe	90
PID 4976 wrote to memory of 2400	4976	Discord.exe	90
PID 4976 wrote to memory of 3080	4976	Discord.exe	91
PID 4976 wrote to memory of 3080	4976	Discord.exe	91
PID 4976 wrote to memory of 3080	4976	Discord.exe	91
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 4940	4976	Discord.exe	93
PID 4976 wrote to memory of 2816	4976	Discord.exe	92
PID 4976 wrote to memory of 2816	4976	Discord.exe	92
PID 4976 wrote to memory of 2816	4976	Discord.exe	92

C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe
"C:\Users\Admin\AppData\Local\Temp\DiscordSetup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4552
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2392
- - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
    "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --squirrel-install 1.0.9034
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Checks processor information in registry
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4976
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9034 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.26 --initial-client-data=0x534,0x530,0x538,0x524,0x53c,0x8665d78,0x8665d88,0x8665d94
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2400
  - - C:\Users\Admin\AppData\Local\Discord\Update.exe
      C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
      4⤵
      Executes dropped EXE
      PID:3080
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1988 --field-trial-handle=1940,i,16106143954298899174,8805449151318877079,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:2816
  - - C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe
      "C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1940,i,16106143954298899174,8805449151318877079,131072 --disable-features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:4940
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
      4⤵
      Modifies registry key
      PID:4704
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
      4⤵
      Modifies registry key
      PID:4892
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
      4⤵
      Modifies registry key
      PID:2236
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\",-1" /f
      4⤵
      Modifies registry key
      PID:220
  - - C:\Windows\SysWOW64\reg.exe
      C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe\" --url -- \"%1\"" /f
      4⤵
      Modifies registry key
      PID:1380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
981KB

MD5
0ce7bb5f1b72dbe2aaec7487c9f7e0cb

SHA1
26bec773778668252d95d9be1e3a472364c10327

SHA256
51eeb6038fbe1828b940ea4105768587ede93288315623ccdbd0b942e5e71bc8

SHA512
661d178f45b0effaff226557616b298470ba41cbe93eed47b8da814ed0752125734663c3cd569b44af91c3ca13cc990ecb02963c3ab1b5870954ccba9882ba22

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
1.3MB

MD5
8e694f55f738dd5d3aea85c22dfffe03

SHA1
f69300479ae1319bbc82d5be7b81667a57c0dab3

SHA256
2f9dcfb56f064533712c4cb495728685ec73f745eec8b7e1ba7f79399f7d9915

SHA512
52796831e40d2ede7564e90c5226a9517a2f92f42e9b8a1dea26278d243ea69c4cc9e4a7ca4597000560287b55614969da7480a14be623bcfc917d715aa2b41c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
260KB

MD5
3452e81d6806375a3ef30b895795ef19

SHA1
6ef6e49b4bfab5ee3fbfb3b1b910698c786b43bc

SHA256
cb9f260550d35332a574de6e119760cfec8db8eae46d0313f6054c419e481f84

SHA512
a2dbc60f2126a0f680df3cf727f530cfc7fc36929e477d8c87eb2f89c0dae197e945825e3e99aaa86639fcdd796efb00e90600a1849601d51a7ecc4baf1bf8f0

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
586KB

MD5
6271bc21d5a1aa5f4ade13d330f25ccb

SHA1
fb34e52dedceeeaaa5cab472e6d802d3b0236cc4

SHA256
aa35c32c2b0951c51e955bf816c7647444bb8f1ef32cfac0cf7be24ff2bc8af5

SHA512
34d6116ed5f6b3be8d594f12da39796e92c424d8e040e240891dab37cb944211ef0ca21b6f239fb12f56ec4b5710c52462e29b06a8217d20d5c9381fe873e9ff

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
687KB

MD5
66d98fb7738e6d37aff6b5ef043ace68

SHA1
358558c56f1ba9445594237f4ff8e3580a1034b2

SHA256
8fcb3af3a08c5840b763512f5e3c2d7529ccc71c09711e6f583f91773ca71205

SHA512
f85bc9b69b6278a4be0b8f738a34dd2ef3b6d30139da0c1f667c9cb815aa9a9fcd661e5834966de7c8a49bfd653e505cb86ffebb33cbb527487acbfac60d8d80

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\Discord.exe

Filesize
412KB

MD5
0f0eac6e0117f7a7c47f8ac4254e9f65

SHA1
3e085540c3fbfcb0d080a5da25f8e9beab8c44c2

SHA256
000ee98dcc5b275c120ca4ba6f481f32fdbda01d40224063361f20428e1cd433

SHA512
7f0c9d197b6d81a0305fc8ce225b59126c34c0ab719b304ef845bb91f6db1691d6d44383b5339ecaa545f271383d81b90d0290ab2e724aec3c6c9fbc6c662e31

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\app.ico

Filesize
278KB

MD5
084f9bc0136f779f82bea88b5c38a358

SHA1
64f210b7888e5474c3aabcb602d895d58929b451

SHA256
dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43

SHA512
65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_100_percent.pak

Filesize
126KB

MD5
d31f3439e2a3f7bee4ddd26f46a2b83f

SHA1
c5a26f86eb119ae364c5bf707bebed7e871fc214

SHA256
9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

SHA512
aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\chrome_200_percent.pak

Filesize
175KB

MD5
5604b67e3f03ab2741f910a250c91137

SHA1
a4bb15ac7914c22575f1051a29c448f215fe027f

SHA256
1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c

SHA512
5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\d3dcompiler_47.dll

Filesize
1.1MB

MD5
1552f50946cdccdbb1335ed2af6d5180

SHA1
99be1fb94f466703e677aa1b97301df93f64597e

SHA256
4bc90ce3e18c4c481d56b93534764698b07069e70a4ce3b4e7309640b61530b4

SHA512
caff540b4b6217ada1ff4a6f0e4416e1a93454cf6997c5e695509ca16b420ece292dab033830ff18ee39919a58e175576893c6de8167a6d98455a3892b10f759

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
1.4MB

MD5
dfe7a19e2c1c270946ddb749d27a4272

SHA1
0a151a62ef6a792cea4e888e973335e619ba1dff

SHA256
2fbf2ea5c635a42a3fb8cc45b5dd65c257f4492699de63774fbb447d8c663608

SHA512
33a15e4e709e1948450342b072a9b50e19d35ef846933995121bbae82e1aa2f264069c09e733c1db8b4e8dbc976e55f30893d0dd0912232f6c72597b1285ef99

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
1.4MB

MD5
e440c273eb709b56bb97a613c7064a3c

SHA1
9a39cfe1b53902a0941edd11ab8962a504bdca47

SHA256
2c345f9e2663f0caeff86d0570c17edbf16098af0ec8ad71eeb59635f2c60b55

SHA512
e92760693cb9234eeab933b99d7c9551ba83ab36582fe5834f3810b0f7a1aa1885713787c20be650ae9ebc752fd9b29df1236ab13b4caeb78a1046e9c7b89a1c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
330KB

MD5
ed1225146ea491c3686a2e2fd599dccb

SHA1
3b37d7b985dbfef0cd359d908804fcbe123d2dfb

SHA256
6e6e7acc7c9cc8c05fd561c23108568d6e5a02f3dc3b21435ac0b74196cf5854

SHA512
f5ce4ea5be3083ae85330eab532892071b7562349e393b0bbbf5487d0c4cd6b09acf173c8d386ffd5e96360c0fe38f000f5011a8102aea030e40e14f3a9516d3

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
644KB

MD5
ffc1da931566e7211c1cdc69f095fd22

SHA1
9a1609ac52ee288d36bebfd4dd0b8801733d944c

SHA256
f69d5431b097d78308f9c5d018d42943d0825e117356343a94f161a9e153f3e1

SHA512
59cf74422b810931f29d9584d6a5112b6b77fcf34fda7338751162c73d51560c974f3f7283bd9cc062adb7d9a0b2eee6742b615cfb06a4a2a63747dc9b9f0a58

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\ffmpeg.dll

Filesize
591KB

MD5
a5db44280fa471fa128c6e2acbae6ef4

SHA1
c2829e9fcee8798a09397341b522c64567e139d2

SHA256
9b6c21bcc7b5fb7fe83541842088425ac8741b71d8079f8d09003b3a749b2050

SHA512
d6bd4bbaff38e2ef192cd9e22a1d8505717ca3449dd2cba55fed9082c10f3e524be63e849b76046f72770c5d90077bce21d95ba598b1b6ae726e5c733dd936ed

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\icudtl.dat

Filesize
126KB

MD5
a26f7aa6794ce3e6a017671313220029

SHA1
87a7b359d8f81990eb0e44bb5764edb240d26bc3

SHA256
b42113a3c969424ca12a8c9ffe87a0b233da9c3f60ec1d77228bd65f9dc89832

SHA512
f41d708a49911ceab5d92fd30ce6ac0cc207d64eb7f3c122a327669d50e73c77784680a5f30090d4fb4fa6f9ddd09e01f2ad715c51036118a78572a78a06657c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libEGL.dll

Filesize
90KB

MD5
ad74d4810442314f24871d785b959481

SHA1
fa6c25341bbb903c2b5e088dc8e334eedc6938a0

SHA256
f734e4401fc092802868b4293f5f261dc81dc00b2c8df28251759c4d5ae548f0

SHA512
7563d758a9406becf1403ae31e18b06e8902c56cc0ae818d1db86449509a43c6d89869ee1864d05a81d7954a0baf9120e1ec0d4da29ea7cfa197228914c99f4c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libGLESv2.dll

Filesize
92KB

MD5
a0f446917913b1427726e37100688c2a

SHA1
d98066a13c3a50f40068026bdad5750db1f322a6

SHA256
47eff9c9fa74e086c183fdd34a64a9dbbc125ce825844d1c6a727954bc1c6c3b

SHA512
e766204656fc6cdbc4e19b70cb2c791a9c815d8a1b8b3098eb03f75a77fac4ae1359bfb9d4dd075d81be86734a1ae58e58cac45e303cd99a8b3070592e7086d3

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libegl.dll

Filesize
99KB

MD5
971bdb1ee1f25ab3ffd9741255d74cb5

SHA1
195c6c3f061e4246118f89365fcd2b1653d07bac

SHA256
8ffdd3a0e483713cfbbb15e91fd251c8b96df16a6990a3823be5c8126dd3edda

SHA512
9274c4c135fffaef8b9fc6b37db512b1057c5af1d76c066d8ca2bf02b7ea7d93f45184557539464fcdcc4355e0f73e28d17491c20831151c026f64be9f991873

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\libglesv2.dll

Filesize
1.1MB

MD5
a16ece46dab035714b493412e7dea198

SHA1
2465eaef3661b049d04e54667dc786adaeb9e276

SHA256
d126310365224f6296d3d2528373500b505fabf689ec32be70493953f844ed0b

SHA512
f84ba920d463824f290500e1b1984ee0702d4695abe5fa264905d0df5a48bb689bdf2b3c4f37b3cd34c568b37cd1716fd4003e0df6b2ce855404384e40d5e2e8

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\locales\en-US.pak

Filesize
313KB

MD5
3f6f4b2c2f24e3893882cdaa1ccfe1a3

SHA1
b021cca30e774e0b91ee21b5beb030fea646098f

SHA256
bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f

SHA512
bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources.pak

Filesize
1.4MB

MD5
3b2ea921cde3b65668a0fe568408948c

SHA1
5da61febf43d58e2c3f6a89aa4a3fb3ae6aae1a6

SHA256
4f511f6b35e62502fd5419240c462866ef44e1bd10efeed68911e6c6963f1fcf

SHA512
d33258bc1601c1935182740993b129a4fd2486de4371f58defa0e8b553685e67d20d54838fd895a2e0bd218397842a032be04f1bc62c3a47fbab40bc428f9f49

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\app.asar

Filesize
3.6MB

MD5
e7b3a09a695098e7a583645fc1446d19

SHA1
5eb2d2f95fcd54ffdcd498a1625c9508d6a90808

SHA256
ea7ac69257b7f2f5cd53a5e777c8925511e9c74f84e23f5bf38eb2f9837a14f3

SHA512
0c264f79fb32137d26894ab982bee7c86fa436c641b979c45e2d87d8755aeebbe3c8583256814db251b71e25c5577c9d6c853fd18cab276573b19f2cf758eba2

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\resources\build_info.json

Filesize
83B

MD5
bda0e192ecd5b268af1dbbf93c13a154

SHA1
d6b7b2d7027065ece9ad48c9d3719b0114fa4745

SHA256
317380e636c13649b2a612755b465680670f8b72afd54a31f02165247b2dba3b

SHA512
3afee33b1503a2306d47b65b6d8f130cc14b7ec93129dda54696f42b20ecef57b68685ce4d2ced5928ad84b08a149d1c7ade0a7e55b538ab1efa218c62c3851e

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\v8_context_snapshot.bin

Filesize
42KB

MD5
523e516b6371c6c6c00d59e28d1c3ab8

SHA1
b6fc729a0a416ab3eb086b47c046e564ad246732

SHA256
a4ca00fb7bef33b36156d6737c36c3bfff878b77594397df98b60a91c1af4dfe

SHA512
0a635b6645e1d0d46b96e5aba41e3bb5c446bc93c13ef997cd0b1cb0574ccef1861bd9f7809cfafc870b04b6368a20106a2ddeebb0619f99381eb51c216a64f6

Download Submit
C:\Users\Admin\AppData\Local\Discord\app-1.0.9034\vk_swiftshader.dll

Filesize
64KB

MD5
56ecacf0d6f598c8596005642b40c67a

SHA1
5acdf6cce0fefdeac1229bf1c3c4a531ce0695da

SHA256
bc96d8a089e7108a324a62782daa6fdab5dcc1dc11911a0b5f40ef554dec7f1c

SHA512
cff9fbcc51aab506b179551126d06ea1a01195507e9f186ed19368d708e7509f62faf720e2682486576c167ca49cec1b08c3d727ee113fb6990259e7fc95d895

Download Submit
C:\Users\Admin\AppData\Local\Discord\packages\Discord-1.0.9034-full.nupkg

Filesize
483KB

MD5
ea42cd577e2b8c00cf379569ca838e48

SHA1
57223948a924e1cc828d8e0cff958557bedfcc97

SHA256
1c5a3a022d0c6b69b17c6bbc9f6b921b49b13c450350ef5ff15611c67fd85268

SHA512
645a0728a44c7350ef62701ae07c9cc3345a8cbdb2d4d289f9f111bc73dc2d377600f6318554f21b176203c1c952b288f5a5a72e20cbe78951c3762d2e099761

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9034-full.nupkg

Filesize
16.3MB

MD5
3d16307887bbe9064f322e2baf5c2fdd

SHA1
a23facd6523bb7f4ad917f59879cb699f9c38520

SHA256
af5d788d0b480c5c6a4fb0795311f9de1df2f00f7bbe71161a6b3d8ce26a49f5

SHA512
1602c5f25d4f2b3d38d501ee745697a271eaa2d63adbd0679e1d06591840150c5a6bd80f4e50636232a0213bc6b2a6b975ba909c892ca5e79e2a6439c017cf54

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
80B

MD5
e9918809775d58624595598e49b57dbd

SHA1
d4e170c0fb629d2835e17bfefaefca66628184ca

SHA256
04e4b3bd71dac9838240c0ddcc37c69024d06d9780f6180b9617c6272647ebc1

SHA512
6ab392981d0806d41d1b991ea97be5b4a218997ef3646ee4528969660baa5bc70365d392640c6bcb9492c0fe5456b062e334c42e6884bf6ab37df372f7f79048

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
267KB

MD5
dc6f1aec48798457a118685bdfc30119

SHA1
e902aa07f295973e15113a5d1c5f31f7ac504044

SHA256
b31e163db88030e4f680e0e407e0d7d9a8dd79b71f6b139e3ac8b2a2c54b026e

SHA512
2ad4ee48a8d43b35da468f3b1c71e0b26548790b2c1d733161739b7087401efafaa86cbb6310e6eeb651f872b253c5037d73805d0bbf523a304680c0f94c386d

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.5MB

MD5
b761d7400d5136ee0b1a40b5a3228152

SHA1
ad859361b2494f2de31a85904a076c7bd3214f5a

SHA256
4e06db09b8c3769968c3d0b51d7cf7470fdba1aaf32decf49dbd923708f86ae7

SHA512
a7f6919dc30ab2b3bfd2af6e544fcfcbf7bc52aa40c96136b6a3c9707d14d1116a3f7e72bc334d465bc7dab7df8fe824e7fe74937830b3540e4fa38896c5bc10

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
memory/2392-199-0x0000000005520000-0x0000000005530000-memory.dmp

Filesize
64KB

Download
memory/2392-192-0x0000000007BD0000-0x0000000007BD8000-memory.dmp

Filesize
32KB

Download
memory/2392-197-0x00000000083E0000-0x0000000008418000-memory.dmp

Filesize
224KB

Download
memory/2392-11-0x0000000005520000-0x0000000005530000-memory.dmp

Filesize
64KB

Download
memory/2392-10-0x00000000008C0000-0x0000000000A36000-memory.dmp

Filesize
1.5MB

Download
memory/2392-9-0x0000000073F20000-0x00000000746D0000-memory.dmp

Filesize
7.7MB

Download
memory/2392-198-0x00000000079C0000-0x00000000079CE000-memory.dmp

Filesize
56KB

Download
memory/2392-225-0x0000000005520000-0x0000000005530000-memory.dmp

Filesize
64KB

Download
memory/2392-223-0x0000000073F20000-0x00000000746D0000-memory.dmp

Filesize
7.7MB

Download
memory/2392-330-0x0000000005520000-0x0000000005530000-memory.dmp

Filesize
64KB

Download
memory/3080-247-0x00000000054A0000-0x00000000054C0000-memory.dmp

Filesize
128KB

Download
memory/3080-224-0x0000000073F20000-0x00000000746D0000-memory.dmp

Filesize
7.7MB

Download
memory/3080-297-0x0000000073F20000-0x00000000746D0000-memory.dmp

Filesize
7.7MB

Download