hxxps://drive[.]usercontent[.]google[.]com/download?id=1TLQoIzBrxfTEmDxJ7qflPQSw7eDLbvqL&export=download&authuser=0

Analysis

max time kernel
239s
max time network
222s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
06-03-2024 19:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.usercontent.google.com/download?id=1TLQoIzBrxfTEmDxJ7qflPQSw7eDLbvqL&export=download&authuser=0

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
3788	Universe.tmp
4280	fc-cache.exe

Loads dropped DLL 6 IoCs

pid	Process
4280	fc-cache.exe
4280	fc-cache.exe
4280	fc-cache.exe
4280	fc-cache.exe
4280	fc-cache.exe
4280	fc-cache.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in System32 directory 6 IoCs

description	ioc	Process
File created	C:\Windows\system32\is-K43CJ.tmp	Universe.tmp
File created	C:\Windows\system32\is-IQ4K5.tmp	Universe.tmp
File opened for modification	C:\Windows\system32\Gpu_Shader_Engine_x64.dll	Universe.tmp
File opened for modification	C:\Windows\system32\Noesis.dll	Universe.tmp
File opened for modification	C:\Windows\system32\UniChooser.dll	Universe.tmp
File created	C:\Windows\system32\is-I62JU.tmp	Universe.tmp

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Noir_Moderne\Resources\noirmoderne\projector\is-CMT78.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Generators_Spectralicious\Resources\Presets\is-AFEKF.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\presets\Slide Styles\is-1MPBR.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\Presets\is-G199R.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_CrumplePop_Grain16\Resources\grain16\7219\is-HCV7F.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_RetroGrade\Resources\retrograde\grainimages\16mmaged\is-JDS3T.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-3P5EB.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\BlankTape\is-3VEE3.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Luster\Resources\Presets\is-59ST3.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Distort_Camera_Shake_Pro\Resources\Presets\is-H3TDT.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Luster\Resources\Presets\is-OIPUS.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\Presets\is-SMAVP.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Film_Transition\Resources\filmtransition\Blank\is-TGEEH.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\KLF\Resources\presets\Action & SciFi\is-M67B2.tmp	Universe.tmp
File created	C:\Program Files\ADOBE\Common\Plug-ins\7.0\MediaCore\Red Giant Universe\is-DI6OG.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Motion_Graphics_HUD_Components\Resources\AnimationThumbs\is-0IBDN.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Channel_Blur\Resources\Presets\is-UNFLR.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashglow\is-5PSG9.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\BadTracking\is-9EH7O.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Film_Transition\Resources\filmtransition\Leader_Flash\is-R2J25.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Glow_Glo_Fi_Premium\Resources\Presets\Glow Presets\is-NVUUA.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_CrumplePop_Grain16\Resources\grain16\8622\is-2QD0M.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\wipesparkle\is-BS9FJ.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Film_Transition\Resources\filmtransition\Sideburn_In-out\is-553E9.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Glo_Fi_II\Resources\Presets\Vertical\is-MQ655.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Noir_Moderne\Resources\noirmoderne\streetlightflicker\is-R59VM.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\wipebeam\is-6S5S1.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_RetroGrade\Resources\retrograde\splotches\is-PMU6I.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\frames\fr1_1\is-KGKC4.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Film_Transition\Resources\filmtransition\Sideburn_In-out\is-A8DO3.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\Motion Only\is-OMIE2.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Recolor\is-LJ8Q2.tmp	Universe.tmp
File created	C:\Program Files\ADOBE\Common\Plug-ins\7.0\MediaCore\Red Giant Universe\is-0JI46.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\BadTracking\is-U55LM.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Channel_Surf\Resources\Color Noise\is-PELU3.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashglow\is-GR0NM.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Color_Mosaic\Resources\Presets\is-GTMB2.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Glitch_Transition\Resources\Presets\Glitch Transition\Video\is-MQG3S.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Turbulence\Voronoi\Length2\is-1O80L.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Ecto\Resources\Presets\is-FPAON.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\BadTracking\is-3M8MJ.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Motion_Graphics_HUD_Components\Resources\Presets\Arcs\is-3UTKF.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Carousel\Resources\Presets\is-734IO.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Hologram\is-E4EK2.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Hologram\is-6VM27.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Knoll_Light_Transition\Resources\presets\Lens Preset\is-18H8F.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_CrumplePop_Grain16\Resources\grain16\8622\is-FM8GH.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Noir_Moderne\Resources\noirmoderne\streetlight\is-0FNUP.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_RetroGrade\Resources\retrograde\grainimages\8mmcamcorder\is-9OAFF.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashbeams\is-A8FEO.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Hologram\is-GJM32.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Generators_Soft_Gradient_Background\Resources\Presets\is-GK709.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Knoll_Light_Factory_EZ\Resources\Presets\Motion Graphics\is-JB09L.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Glitch\Resources\Presets\Glitch\Text\is-1U34T.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Texturize\Resources\Presets\Grunge\is-FEV59.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Noir_Moderne\Resources\noirmoderne\streetlightflicker\is-TFTBB.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\wipebeam\is-ES52Q.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Glitches & Distortions\is-9M6I1.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\wipeglow\is-OROJD.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\retrograde\grainimages\is-08AFS.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\Text Only\is-KFUN1.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Generators_Fractal_Background\Resources\Presets\Fractal Noise Presets\is-HKNME.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Hologram\is-S678P.tmp	Universe.tmp
File created	C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_Holomatrix\Resources\Presets\Holomatrix\Hologram\is-MDMLN.tmp	Universe.tmp

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133542262657067575"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4280069375-290121026-380765049-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Universe -NicoolTutorials.zip:Zone.Identifier	chrome.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3044	vlc.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5112	chrome.exe
5112	chrome.exe
1940	chrome.exe
1940	chrome.exe
3788	Universe.tmp
3788	Universe.tmp

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3044	vlc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe
Token: SeShutdownPrivilege	5112	chrome.exe
Token: SeCreatePagefilePrivilege	5112	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe

Suspicious use of SendNotifyMessage 15 IoCs

pid	Process
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
5112	chrome.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3044	vlc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5112 wrote to memory of 1588	5112	chrome.exe	80
PID 5112 wrote to memory of 1588	5112	chrome.exe	80
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 4060	5112	chrome.exe	83
PID 5112 wrote to memory of 2984	5112	chrome.exe	84
PID 5112 wrote to memory of 2984	5112	chrome.exe	84
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85
PID 5112 wrote to memory of 4456	5112	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://drive.usercontent.google.com/download?id=1TLQoIzBrxfTEmDxJ7qflPQSw7eDLbvqL&export=download&authuser=0
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffce06c9758,0x7ffce06c9768,0x7ffce06c9778
  2⤵
  PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1568 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:2
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2948 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4492 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5224 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:1
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2408 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:1188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3972 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 --field-trial-handle=1824,i,11446198087609693500,16056333746326001051,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1940

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:668

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4068

C:\Users\Admin\AppData\Local\Temp\Temp1_Universe -NicoolTutorials.zip\Universe -NicoolTutorials\Universe.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Universe -NicoolTutorials.zip\Universe -NicoolTutorials\Universe.exe"
1⤵
PID:3100
- C:\Users\Admin\AppData\Local\Temp\is-O2M1M.tmp\Universe.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-O2M1M.tmp\Universe.tmp" /SL5="$20312,1229863330,199680,C:\Users\Admin\AppData\Local\Temp\Temp1_Universe -NicoolTutorials.zip\Universe -NicoolTutorials\Universe.exe"
  2⤵
  - Executes dropped EXE
  - Drops file in System32 directory
  - Drops file in Program Files directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3788
- - C:\ProgramData\Red Giant\Universe\Libraries\fc-cache.exe
    "C:\ProgramData\Red Giant\Universe\Libraries\fc-cache.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:4280

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:3564

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\UnpublishInstall.mp4"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Red Giant\RGFX\Brushes\is-PF59F.tmp

Filesize
640KB

MD5
d23b4f8728fbf700fedf5763363f92d2

SHA1
f9e21a4fbda34df637c1c87a184dcc2ea6e020cc

SHA256
3303febf7431952957618646cd4fadb25af14082264f9476a7635d1cce815f93

SHA512
07645ea40d4627110c93a60ac431950a042ad30b4391ceb03404807f07a752e1c566a5c1f4da0fda7fce46b97f4edb292cb5c9dbad0cfbae3063b04ace716179

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Mixed Tracking\is-1PN9K.tmp

Filesize
10KB

MD5
0eb9b61520faeceb76deb6b007042ff6

SHA1
ec4df38b85315eaa055a9c59553154554b7c3a6d

SHA256
2c22cf3eb0bb1de5ae52a669bfd211128fd01b20e0f0657c51bc223f9bf5ed8b

SHA512
1ea2273dd309f66cc30234152bf816ced3ca5aa674d05dabb91561b101b3c5f813a06c640ae20241c58fc062e695d6215b1303ca68007d565e6dac2971212f48

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Presets\is-KETPK.tmp

Filesize
140B

MD5
2c8f56e32c46ac87db3983daff970ebd

SHA1
e9d660c58466816ac947635256bbe4a1a22fee26

SHA256
f14cf1a8984a604f9f63fb7e4408b5782ccd39edf02035fa326af859b1c7d713

SHA512
ee6b344dddcb6a44670a7e807c69711c5a1342b460f839951610aa20871677fed42930ac34965bdb94a1520a508314bf47bb59ec7167f55413f744b663d30057

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-E5LDF.tmp

Filesize
115KB

MD5
e107ca29ca57a3c35eca95aae65d818d

SHA1
d3fe317991a5c3d5598a9a51cf75de77befd2e10

SHA256
c0b41b8ab41e6ffce48c02d26d6783a8b1abf29fd04997c29819a122718493bf

SHA512
237db70bf58841d507e739a168f6bedce4c71bb8af1d7c073a21a102cbd0e9ccbaa79cebcff46c8cd2134e3f193f87853e1db8a5dae7782c2bd0f802b193a83d

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-I30SF.tmp

Filesize
114KB

MD5
aa08bc67e266167d66b357e534f35279

SHA1
2db704330d31578a6b5ddccb63df9d7f12bddd35

SHA256
9dcb506c59dec3754830375bd5d1c1df30dfe3c1aefde33dd816a08db8865afb

SHA512
726c4b04255703f0735105ef5432fce9eb5c0353a8d0725baab4da6ff2b7babd866798b61fe6c69e269df62bbe3e239fbb992cd99c80f2f961d5618d5417c498

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-NGO0K.tmp

Filesize
111KB

MD5
ac69789df73f2e2406585b887b7e011c

SHA1
f357bb3af296cde29cffac647a7f6c1d9c8d2214

SHA256
0bd1b836d9378d197d6d127db78e80566a80850dcff2e505c06c1ccbfb800256

SHA512
343d0ff2d763230befe6b47c7e1931356f70856491fd9082db4b45379a73419ec19ad9ad9431b32077610bbe122f7c02a08839822215fe8bf7b4fff579325516

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-TG96G.tmp

Filesize
113KB

MD5
7bf7a91b56095963dcce0d9ac5818656

SHA1
147210db420f18bd34f2cd81b753fe492b2cc4fe

SHA256
e19cee237837835b527d5acc1a0fccb6f3ffa026caf5b6d475814bc246438ed5

SHA512
b9083149812947526d9ee73b726717e1d9de3a5ce2c4772473bff5f213f4185baaf7fc6a35b0f6d23110d14ab6bd6baaefcf82a11af6e2b4385c45e0b106531c

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-U06CA.tmp

Filesize
116KB

MD5
e1aa45c591057095d2aaa7766e456c63

SHA1
37e9fb04a34d820418fe94a811c4bcd87445d715

SHA256
ee63c04c3dc6a0324e2148efffc9f0579c8568403baccd616eb9b5c82cb8c07d

SHA512
449429426a41a7b7a3afaf19dafe42e818fe7fde69309ab7de7d8d516b87816c52596dae3713ed8d08201c068289d405f4215bdcc56656f9ef94d5ad1f6e76e5

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-UTQDE.tmp

Filesize
108KB

MD5
e9971855e189cf393994143137f2391b

SHA1
d78222e603799937c94c33f5aa752540dcab181c

SHA256
e9d29b6aabbc5fb2ebaedea702df9121a7ca857c8164dcd55afd2fe289eed324

SHA512
e83e95867884397fc622beef2b9c698365b72d8226d8131baf7acd09105db881db2fb4aae3b9e0906a7677fad4523ee7d59dd14ca990540f02cceaadda4d73ae

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\Vertical Slip\is-VCAJ7.tmp

Filesize
114KB

MD5
a62b446fdfd9a88836e94dbe23b7c857

SHA1
032ca034f0cbf740d9697b252d8d7a61d654bcc2

SHA256
b73beeef62798eb986b4a3c5e41e327c63303061833002787d1efd8e67d81f01

SHA512
e6fbcd596d116df9b6c1cd9afc1af65af226b0f0e990c3ed6f4dded83f9f1dc73ef19e323fbc486aaa3cd612f9f4b5c5d3e05095b44a337f93dfb9bb77d976ac

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Stylize_VHS\Resources\VeryBadTracking\is-UH6PL.tmp

Filesize
234KB

MD5
a84e4abb1a9c61b5546389e296610a06

SHA1
d1955b0e200ee730c6eba11b9462df7585cb10c0

SHA256
0b979a62f3d70c6462b79b8b1b298efa5c565b4e8e8232b112f2efc13ed8f702

SHA512
622b9d0f2b5d28c5a3d181445eb5a4f2f4d69771b79d32faa17064515069b46ec0a23cda09c7ccacbaccb4e9c88dbcebb9047811fb83ef2e642c54af779dd519

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Ecto\Resources\Color Presets\is-8L3O0.tmp

Filesize
86B

MD5
83ab691bb9b964a8e758ff7df3d0062b

SHA1
e0c897e0551dc0a0bc8a9f952d5895dd3f13f65a

SHA256
a548fee16a0bce03d151e5b34b3327b158b0789a80b639137e87d207b1aa9c06

SHA512
82ff380bf924bf0be78621dcc8e50661e6e5f0a82fef72ad61e99ff6060eed5e3cece620aac71c182cfa6471a05a31b9db690ca22f6cd6ccfaae0db0263270af

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\Motion Only\is-D60EH.tmp

Filesize
5KB

MD5
cf0719f2eb42fdb689f5a20382693e52

SHA1
57faff165f46b7d4e75cc63e81d49c3f25f60649

SHA256
bbceafe7c25dcf415bebbdf7774c59199936d02e9f053f5bdbb354a13850a12d

SHA512
dfb13a611106d58c4a456c2aa7a980e49828b1977745cd68009096729b05241317b18c0d336aea271aacd54f9146c4666ef24cca52a8401cfca0203f37777ca1

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\One Line\is-N3E2A.tmp

Filesize
3KB

MD5
313801c392cd56f2b68646b7f7c8fe0f

SHA1
9f79b3813f01306ee3188391f0a7d9c6029a190c

SHA256
56dcc59986ae7f2b5e468d26acdeaa5c79e75987284fdaad15abc022cf250f2c

SHA512
3674c4f230c8c90d52be6166bd7cfe885753c90dc6bf721cab1b56a369629f04a4780bde6f7aa504c1170a6f765e5a8df82ae633b71b4737d43068136e519678

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\Text Only\is-DADJQ.tmp

Filesize
3KB

MD5
eb241c3e852d4cef490eca1b5e833703

SHA1
d696427b4488cff740c7df3689ab5bd895165b9e

SHA256
757581c392d02dca158e7b85bc1e949aefb11edbee5f81a7dcd72251cf5ea54d

SHA512
4fca6152c793e711094a0af6ffd83137cde128940daf91657e5bbadb965ae52c09793963fa25dc5ab3c00ce3cfb899fbb54cafcd3befcdde065d0ac963d0d59b

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Text_Title_Motion\Resources\Presets\Two Line\is-CR0GO.tmp

Filesize
5KB

MD5
26a65d3a4b34282ebd4790ae108f4340

SHA1
c5f5c22ddd43a0054345adbff603dc6303a4447a

SHA256
952f09472a8720dc9527c015f1cb2105debfe31b591afddddaea8becb0c5730b

SHA512
699cbc9cf119a16e9ac778abe3f8fd6d16d567e7485d4d19c8d334893f398ba61856801d83e041babe434d21325014244863a14dfe1695d8d9ba115e0446d020

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_Exposure_Blur\Resources\Presets\is-7C1N5.tmp

Filesize
202B

MD5
9a1489509aa44dd8cc9396d327dcc550

SHA1
838fff6fb1c2c395fc6d02863d87f4ea416b2a7d

SHA256
c1de612d1f772383e1afcfaaac58727d136e24e91ab1eae069208aab924a9116

SHA512
b021fde08eb9caca53561f5cf8fd066acaf0d227a3a2a4ac20372ac666c6123ee80c5859610d2c1c3a67744e2b6b2f31976019a6be0ecadf24e2527350869636

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashbeams\is-79U6G.tmp

Filesize
35KB

MD5
82db91a6544de7fd962273162dfcacca

SHA1
2f6258399cc43c56ab5aa4485719edfa18d86331

SHA256
e8a211ed4e2961cddc7f4d76c6946211c1a0a05c167ef4b0d8a02668a37e0269

SHA512
5d8e06f1bb781b9af9a057c7cbc5de51d76b315b1ec03f3ce43f49c759cb3f835c51a1586a41dba9fa56f7d118496e23d8cded2d0f15eafa943e6d5c35808c3d

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashcircle\is-8VD4M.tmp

Filesize
124KB

MD5
9139a3f07926e8ffb1afa9a9fe5b14df

SHA1
e4ad42959617fc36685b40ac5a157f5f41abd10f

SHA256
940f35987222cf6920d070052fcc7edc0b7b6fb123a31361990d9d5a62cd0b84

SHA512
7a7d946f2c2e5c9196595b485c97bc44c52694d253e29271df7db374cb0f7d021d7ae9cea2567209398f5b4fd4867d9f2879795f67022ad2c277410d72dc1f7d

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashsquare\is-4EPDD.tmp

Filesize
62KB

MD5
c109f355777a98009159f71f6438437c

SHA1
78c8650a7043c0ab5d426aff2741cd123c37d044

SHA256
e4374c6a188ffcddba4da2facddd8291b9f9daf631fea9812065876af695f1c8

SHA512
f4ee5931eb3041ce1ea633cc8381702c8aecec273b1c53eaf7c445e69a12d4693b2867a747a0c396337c1fd435227b93f5e5bd79cd5bfc95445cd1206ea0f6da

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\crashtriangle\is-RJPQC.tmp

Filesize
38KB

MD5
f07ab59a7aa3121bfd79c0f69bf9a545

SHA1
3e2a6cfb97bd0deed1153097c3ade4a235415fa8

SHA256
b8a8435f7c02e9b66c659caab33aeee69003f68cc514d29f0e6163b9b5b7dff5

SHA512
0ae689d3682cea5f5582b618198890aa4509b83d73e24c537a94b3de5a8dcfeb872ab7f126fcacd7562a6e923fc8e7d539eeb4d6db4303635b5bf4b81c4d4706

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_HalfLight\Resources\halflight\wipehorizontal\is-VCDI3.tmp

Filesize
35KB

MD5
508cdd68efbd3c03b0c81bc0848bc8f7

SHA1
5078ad5e46126a59c11cae5a8f59020b745b5be8

SHA256
2dbf427aae820a716b3e289bc3c14e6ca35bb516f4a2a286ee09774e0f61da0c

SHA512
08ebd3835773bd19f5386219f047c231e73c25902c597c0979712c6d20a41f087d892c8a85b8fb8b6fc0408da5605305d6cd88d7b2cbf2e878808f2579e6e9fc

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-6QBBA.tmp

Filesize
158KB

MD5
f04567b37a10e955e428453e3e492e52

SHA1
70f93949af854e7ab3642091f329db288008ab57

SHA256
4f028a15b4f40077b35eb1eff8f8c81bfcc0e6c6eeb4944bfd49d2001b16f91c

SHA512
69e0e93ee1ab6a9cf4e5c01ec10fd802f8df99947af78e117a474cece6a5f36efb5e5774df9b3825068e8aebd70affe32173ab20c8658a306f6c6e0cf13f341b

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-EQICT.tmp

Filesize
179KB

MD5
9484d77dc1d2fa41372d4941cafa43a5

SHA1
283ff6186874b3c04c25e48dbea1d02e2fa97229

SHA256
801d688422d65d6716ffac014e49b78b49cbf74a822a19c9cfd145070a79d246

SHA512
83b494108d64aaab4850959e76939628519634922be9f2409786f67b1ddc390de9a83a8a956a9d51aff2f4f38453b861be42ac953baa28425fe0f597d60b21e1

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-HH6MU.tmp

Filesize
167KB

MD5
4ae90028a903d13a7f323c5de83eae19

SHA1
69358d0fc8d9470f54bd6bf4567fe21c1c7db9a8

SHA256
fd5e411c6fce41811235c14b4d18b6fe1657535ce02e9229bc094d5b54ed1488

SHA512
a0f89d938a81dcf9832514df6ec9eab84d0b8dfa3285917886a89d18fa89ca3107b0874507b5cb2c6648011c99406b79e35f9a46ebee3f0636c9b5d6ff96ebcc

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-MMCUR.tmp

Filesize
200KB

MD5
d1b9e7eaa6426919593b3711f6292296

SHA1
9160cfd8f67d6668ab7b4e4207ced83bdb41ad5d

SHA256
2410044f1b989d3e225c1982828fc4cf6e3b03ca8e6d1077868b638d04c5300f

SHA512
4628c7c38fc224547ea9ed68027d1acfe8e5b2f91b85d14ec73a34cdc582334658c462aeb81c76243ab70c3238a60705957e06b113a046c5c75c808bdea11754

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-TA5SE.tmp

Filesize
157KB

MD5
5d296cb57fdc496a069d03f8de092f4e

SHA1
a547ef680b2ec5d843489eef0dbfaf98f518d88e

SHA256
f4335325eb776a7ecaf55853a6497efbee8d47267c8d35e79475bd89198f2440

SHA512
24d101ff76c3cf58538756649cd44fd97a05c6c1f82518fdd604f8c5c51d1bdbdd2fc28bac709b3d8b81456002540eb143f09c7044c6b9aeb727d256965e7778

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crash\is-UFO75.tmp

Filesize
187KB

MD5
148ca2b219f30ad2b0adfabc47ae870f

SHA1
66ad7706d33f1787e7e48e3bef0bc3ce051212d9

SHA256
c42d721c692c8134acfa1f27feda01da13c1afd54e6069b9ed00aabda85461f6

SHA512
2620c24ef5e71ab578223dced681728f3e404439011103c62423712999f774d8bbb76d0dce1fc5dd775dab57a20ae88ee68d00d94cda9ccde85f1250511554b2

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-22401.tmp

Filesize
296KB

MD5
fb836a667cdb8ec568e96c11d2073bba

SHA1
db3a8c1c1471ba6fc97a248c856dfe97eb030e3d

SHA256
4997e5f04a6a27c18fdb2eee2ba0abc050db23975f27fabcc5b34f814a8a4f0b

SHA512
c561edc6c6740d499370af764744076a231a9c33eef52c831ab8675d31919946f55e391ccec9f2a691bef5e898c30c80574dcb4a9e4276884e53dcd3ab35367f

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-74686.tmp

Filesize
292KB

MD5
b9f2a8ebd237e6ee687b4396cb0def86

SHA1
4bf42c7ea41b23955afab7c0d60881a8d1f74221

SHA256
94d3a0de170ef687aff55e78ac96a8c3f067312177f04461983415ea76c6ba18

SHA512
bc6593624d9e92ce30600b46ff847c7ec34f351361c441edd10e0d19381d5f2587c3c8daee30941c07a374606d2b7d1e8446c019c715da37919892f650126756

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-8T9TT.tmp

Filesize
288KB

MD5
6dc2e082ea280c8e51d2a1b1b3c323ab

SHA1
1bc952642599fc18cfcbcc9551075e3b7167b985

SHA256
3a78fd0b0c3faac2830b80cbfc9e2d9d9f8714a4a0ec4db10e69295282fa1e3e

SHA512
fda1daf1be5509a1e111172e347e1d3e2621dcda6a9502d2718003ad1d9a0332f6b64cf677d3c9e80976ea8e08afc6b2d3827696532d1311b854e40b678bfc9c

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-CA3VS.tmp

Filesize
300KB

MD5
3109e54490eaf6dcc9a2a6b35b2ffda2

SHA1
ab0d4dd47a25f2ed1b1e64eedca9289d40521aa2

SHA256
1cc230004c8f48e8921daa5b632dc1ecf2158e9e6d319f26c6ea7f368dd4b8c4

SHA512
f95eab30e1b5e3855635e975c0a99c94ac9fbce475e1e718cfc7e0a498a4ed9952c3335a38b324f76296b35248d1b787d536f787cba68364531fd506304e39be

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-CUPVT.tmp

Filesize
250KB

MD5
085477cddae52cc856071a55d851a254

SHA1
d8484cf69401c301be5ae66507d0384db74332d5

SHA256
27aac8dc4a8cecb61059b18d26a598bf5f1df2ad14c884b661557c4e552f316f

SHA512
d94a49a478cd0d9223bd0588620074fbbddca1d4dd4d47d29ec1a690202bce5a878b88b81799f3ee126b0f310b475c2c4a1864fe7457fe176ff201cd716e195d

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-I7QKI.tmp

Filesize
232KB

MD5
798c11f55805c3a86c6b42093c2b0910

SHA1
2e22be2153f5b3c5d2e4959bf24e9cd5e3ffc756

SHA256
277fa67091d97dc8755b1cb222fb0f0f673ffefee94fd1520b11d49f6fbb89d4

SHA512
0b4adc288d82308d2c22eca550e6d6b66f2f6a87ef9181a85e0791bfb5a85b083590ac388ca39402bb3b9f9a98d79279ae6ccf17a339e0386bf854e0576f1b25

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-N140I.tmp

Filesize
256KB

MD5
e190d0324cb389eb83bd36ea1fadc9b3

SHA1
765383b3412d850ba63394f925f64ae7fc269869

SHA256
dfff12151c82779a4f4fb861e105f5bb44bcf31e831e5f0558bde3bb2b2b7889

SHA512
8e93710e911720df220fc8e9257e4b65956ee5708efbc61d6a68abe69a29d7b1cbb5f49df1da48ca33ee15cd86b6e2e00b87089dc1b93a30e9f44c3e83c87d3a

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-NHB6M.tmp

Filesize
291KB

MD5
56caa500391d0930cbcf4c0155f55902

SHA1
ffaf960061bbab8027f823bc3c828db9f8e54eee

SHA256
c8f5c0ac95bd0643fbb5f6dbd0246013689833d39e4365392e0d4ed7b6b9eb26

SHA512
4bef310c460f5297aa7a23f5c600b25d78ed0a63129f4116b820019ae77ab1dc5200f7d38cf2688a2e36dcf12c79a6fec2d673a11a0fe5846dbc21b159f2092f

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-UH0C2.tmp

Filesize
284KB

MD5
ffb8c1a1fed830129e07c894886bcf64

SHA1
e144f7e1fca921dc7d4da97ab0b05df09851b9bd

SHA256
6b2af442969990c2f329c305044ce9fca2ef56edc4700d50a09f9df44dc92d12

SHA512
c7087de8d87d07a40adc2a1b81f1332c25051cdd25c5b8be7cc26c4daf3f522154824f71164afb49b37409569829ac552fa264e36d6d310f6adef294228e718e

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\crashtriangle\is-UV80V.tmp

Filesize
238KB

MD5
149d9a56789edff53d8ad523782ec909

SHA1
a8895285e2b6d0422fb6eb82b27449529b6a7f48

SHA256
53c344d57c7934e56269fa19130d71c1b1c140638b814f40b97f1976426fd841

SHA512
84fd8c4238fb6363bfd4672362093add384496f8c37ec9c59cd4b633fc181bf6cdae0de1f950d01ebbc6d24a8913ab04687a82855317f18eb61082dbbf74423b

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipebeam\is-9SIHC.tmp

Filesize
149KB

MD5
e6798931804e7ac6e1ccf56272487ee3

SHA1
29dd9e3c09a75cc49666886f6e150b10aaead013

SHA256
1810d652331db736810d68cfba05c1c80c0f6af7c0c5f64c1f6a234c110425cc

SHA512
73ff3370b5e4eac700718c3a44869e8a8b2006512116c239f525e1828f0ea5c5dcc79bcb8e94cc388835c6c80055203e75a4823b4fd21698c74dd94479acbffd

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipebeam\is-PV5M0.tmp

Filesize
146KB

MD5
a0973617719844d20572381b37214f64

SHA1
fb8ac0f63651e57e3b2eb425b11b9535eaa5204d

SHA256
35a130d947ae94d076a59f6d3cca23d69fc9de057d8d5f8fd95b733c8fdd5464

SHA512
2dfd7bdce5c60e658a2d1ccb5455c4b295f69ab6548a203f364ac513d88646369efcdbad0abdf4eeb6e4c9c235b0655023b3013f45f4b87ccdc04a890cc0d9fb

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipebeam\is-QH51P.tmp

Filesize
140KB

MD5
cb595c3dbcf012d0ff7273a27b86df8e

SHA1
9c6f60a5cc945669d0ffeba2816ef5b4d1ec2b54

SHA256
234655bf87bf9b93fa8287c80f1d2798814015e76e0f77ca00b3e2886bcb6d8c

SHA512
ed536febb0eea69ff07416cac158f34555fdab35fe33a91ae4e0a4f49f6192ad7d77d08945c4c1fa33bf3dd1ada97deba208a92322d864b2de06a6ee1d0073c5

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-3JRSS.tmp

Filesize
141KB

MD5
c03f4e665f77625aa90907c8e66d13b9

SHA1
e8ee77b90561a1c45cc4d8fbd715284408046406

SHA256
b628cef9e4da597683e8c1ebf8df576b9a4d8f9ad351f44231118fa5446916b5

SHA512
fb4d30ef05f54ceb1c1f4070f3f2bbb4216f3bfead822ce6d1c2deca3cf56ada08ccb05952ec42915cb4864e6e51638bceb7ff9ae32b469d90db10424542e649

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-BRCLR.tmp

Filesize
158KB

MD5
33eaf53a89d47d191dfddd01ae7fb0e1

SHA1
20c8c1a4157089b3a3924f7cfeaf9b576cc31ec1

SHA256
761825c2d2c9a92122a5212fb321124d1b3748f27c16902e47bb61149714d691

SHA512
fdbc8191f67dfa5dc8d176d9efd140ea63a9faba6bfcbbbf7ee5097c36c0f6d0dbc6500d78158064a7aea5bc3b6da74e1f64c6fa2fc599d512994d4c07135cab

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-FSC2B.tmp

Filesize
106KB

MD5
f9aceeb7cc9546e719237220d1c42b7e

SHA1
24d44a7089e4fb41d4857e3e7cee3d720af93974

SHA256
cd8f994acbe2edf8c002af48420bfe59325c459373baa3d7daf7b07834b8a4e4

SHA512
fa35091684b5b9dfcadf577eba78d40cf635b47176451b2d401707706c8e1ccf16de3eb3c8e568a87fcedb1590ecfb8c5ce9a65138fb902aba954d54711f85f6

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-IA9TG.tmp

Filesize
124KB

MD5
8c9b366dacf8c3efb88c809e1087bea1

SHA1
d9f3c1ba19d11a0225b8a9a477668edc9afafddb

SHA256
3f567eb3c710d6833e7dd389026505cee0ccdb3f339bb3c51e607e7b9fede278

SHA512
aac4870c3bf196ca9486fa54575664f7ea7a80210629e0f599bbc5df8d4d83ffa854f623d60ad1847a47ac52d9d3dee9dda09489bd75cd4551de377baea1e3d9

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-SBNH8.tmp

Filesize
147KB

MD5
150d95cc3a0d63aa4c3e585949627d8f

SHA1
41f1ccb6af67ae188973058bdbd41a3e4ad4e996

SHA256
92b929dcfe0a2f6e5de2be05d9e3bac6193d7684ce175c79357bab1c5ed0e333

SHA512
6b140f6e12d8dd8f07f18674941453075b82679c7cce7a94492f2e21961f2bb3ed269c7e793d2ebb3ca021407643b1e939b8009f6ca4e0c7c839f05bdf483f81

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipeshutter\is-V5M3C.tmp

Filesize
155KB

MD5
2d3fbebb7b90ea9ac6add898bdd419d2

SHA1
fd1cf94ebaf559b86264a1f104cf3467b387324e

SHA256
582445d049a1ac02cae1e2efaa44b765e7c42ea26c384b543965113a0a2f308f

SHA512
ceba82dc87cb786b5b6701d3787033321b377d5c5799139ba133ac92e119614f3f2af399c1104af0678820718950960d084b0aae148d93fcc6ee061a709ac624

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\light leaks\wipesparkle\is-JTB62.tmp

Filesize
199KB

MD5
229d4f1b40f7686dd3ff927f19cf5994

SHA1
a11663109d82e13cb07a4d5d5cae2f199e02f6e5

SHA256
7ac82cae7c77372ed471f21398e69ae0e34bb43f0eebb07fa5974c00063f8968

SHA512
111b0f834cf6950c497e376a908d732645d5d56ed049868dc6978533753d37e0c2c89c45afd4180fdf1ee9f1500c7fac73af5e43c19067999dd040505a370362

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_RetroGrade_Transition\Resources\vignettes\is-BQIQU.tmp

Filesize
1.4MB

MD5
d606353bba183b79ccff990baaabd1a1

SHA1
314b94cde0923194898407c42c389953a7b42b90

SHA256
f4fd91369498efbc07fac155f5db83412221c8f30e42a208b380113dd1824439

SHA512
4b7b3a87dbd32262631fb0cc699caf3fdc1979308cba15c54315f4bcce511f268821a215709b4c927a79fd888f3b9c36a95f2ec13e2da480232ff17d93d1e205

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-6J5P4.tmp

Filesize
199KB

MD5
ec410f4e7ec95dfccc6817bde653e92b

SHA1
7bba51808341fefdc517d2af6f9f96df749f73bf

SHA256
126017183938c668a3703b411a7a9e9c473321e3faff8dac202306797ac25a50

SHA512
60cbea682a121bd3c71b8e1ef6dc2b7bf45bc6354ec8490e265945cd731cd8e98783c64729f88e6c70d76bc1de999da9aba77151b420e16f30eb74acb9af7240

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-6RNTC.tmp

Filesize
263KB

MD5
d1a7c4f554cc2969b171e575f31bbbc7

SHA1
b7a98515757bf052cf21ecc474573076d961d137

SHA256
670852786d1a9a27b639552b01e2f3d7d67ce0bc6571bb3235280a91e667d047

SHA512
cc0df9a30564fc9aefa91be66f6e5b681db4fc26f141d234e318fc8294fabee72e66f3e092a0178f47535fba081d1d3eb23574dec55c2c7f9f5b55776289b05a

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-954RH.tmp

Filesize
191KB

MD5
c12e0543753fe0ab2f32117752ea9dae

SHA1
4f17d93af6df97a5e7bc2fb6515d12417275befc

SHA256
b83c4917bc0bdfcb739d8f1a227ec1e9f834bfb242128ceeeaffecf18009c184

SHA512
704a7542879f33205fa6ffce6da463664857f3f65781b107a9d1694a8b90627c7e253f6ab1145b8ca5fc2d2cd33a1de514d971779c25a6fd7fb04c02dd0eaf50

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-9VK4L.tmp

Filesize
231KB

MD5
e75e0a3b56afa2c800595e395f6e34e4

SHA1
257ff1d43d9c5066a780cb43d6e762741dbec75b

SHA256
a6f933caba33de01e512430eed83c023cb04b4a6c4b0ec0e21ec9eb8cc055888

SHA512
f4e1dc4fabbdff4772c62de3a9a9e9838e9d9b6ea7ca117d53c51c48f468284156c21f8820ba2a51e0ea4875bedc8668a30d79b9bf101c75ed67a3344aebf699

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-BGHNA.tmp

Filesize
229KB

MD5
51bdd22ed91516730ff4356bcb90d8cd

SHA1
fe8ebc2e10d0864c93a18c8eb049c6db81971006

SHA256
08d8c343583bc1c21c748b811dbbe7b66ce73eafcf898bf0d29151d7058cbdec

SHA512
0164946a4d23e651e3263e4fda1e9a41b217755cab49ab921f32f6edc8469ad92a2b1293d96a9f40e0f023ea91c2a37ae6bef0189d300f7d96bbe70ea293a7c0

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-CD576.tmp

Filesize
224KB

MD5
e8ca2c5eeec1b7f8a6b59f5337ec589a

SHA1
71e9bc49ca093ab0794a06e0e9e37c739cddd1f3

SHA256
8b020a277c2a773179c932ea68b14acca2dc011ead096f3c12033db1906d4514

SHA512
4bc760b8799f856e157661e0422bbde6ee2bc615ac1e1e157980dd084a89c601233c803ddec9af3d1525980b80be54d4eb2ebe713aa649fd05da983dd495acb6

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-FOG53.tmp

Filesize
222KB

MD5
b6caa41ef1da0d091767a8e47f6d2ee5

SHA1
9289671e7a82e6d8c0083dcbf0c76dc61d7ac889

SHA256
82aa9e144333ee4efc93a99b1d80c194c8af6c4a0becfabd9fff8e457d61ef53

SHA512
edf7902c5baeb556531ba75432be83330b533b7953241d5923e19d0d6875cfb2410c9e86617f7b4a49a38818a3fa2a5c11b682bd3a17f2190ac0a406f760dfff

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-H698B.tmp

Filesize
237KB

MD5
26df0c493d3a1dda626a2ccad2f71256

SHA1
8517feb73e6deea0b4f816d300bab9a2594448ed

SHA256
d50b3cc9fb530cf8c4c7dbc758f95ebbda4407c209653f757b5d2d8421937082

SHA512
9bbc8f7cbe99bfc70625b0631696797f9d1a6c2992d3ba6b262149ba245b438043fac6c16c817e316f6d5a29a1f227b59b0076fa3db3855ab2b8e1cdb3a73753

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-IMLGD.tmp

Filesize
212KB

MD5
1295887ac789316ad78e06856b5cba77

SHA1
8514b632231be6554762c03ca254db023f8f3377

SHA256
b6215b00835fc2ddbe498a589c672f1bf85912b73b28edf57cbb61ecb99e4207

SHA512
6c2e985ae8b82bb726139d889e0697b4db0721e33fd329d0d64353214527ab7d238e33178571c353de00e00260401bab13ed076962f5a352b3883319a72ffcbd

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-IMQ34.tmp

Filesize
220KB

MD5
0b721a33c2e4f90676398a62f1d8d947

SHA1
f1893c7edf4da1e4d4c591030670b659139207f0

SHA256
ae722177d679c383b7e13472f0e7d9ec2bed79c7a0e20f29a5d331bdd9f79ece

SHA512
768fa3b818045d15898af4f5f2707ef1138cd2fa263c0f4fbf50864e6f8258984b8884cfef89c88ff9a27cfb96ffa81bcc555a6eefed11e95622a8d5dfa7476c

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-JB13G.tmp

Filesize
223KB

MD5
2cc09dd9ad26d24dde591a6423ab6618

SHA1
8597cfa4f3d2a6de80558908a34e8f6aaa2167ee

SHA256
1ef6d2ed43277691ca866a9f0fe477dd1a46035964a8a66a39aac165ce76d2bc

SHA512
8eabf54bf50373b2877f3127a6caf7ad802a410352b06fdb14eea69f95c24be0149571b1f1a960c974f0d0afcc2a5561b0516b35828789f9f95ac58014ddd930

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-K80HG.tmp

Filesize
237KB

MD5
5d437e6021f4d8f392cf3018eefc8922

SHA1
e91cb594de0c7bdf9f33784beea4fe644a228636

SHA256
cfa97da1ec0239e44fad03a36e317ca462f911862b653314da25dc5cfe1fd852

SHA512
893075471197099d635efb76ad26856600424206d7a755119adc139dffe333805110c62c41a0863b628487abcb2c1a37014338ea9b47a7fa9c50605a30cbe7f7

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-N3PVO.tmp

Filesize
241KB

MD5
3ee7630291b2ef2268e86292e9e2eac9

SHA1
0f0b593422ee85b631cbc2a5f109a0f53c7463d3

SHA256
7e75fa2036b75590b32c7f353a84756ed5bc541a910fd118abe28c4126a53412

SHA512
f84f13370096630fa437b1a0b13483da849d4978fbc6e55dbfed8c21ebec0b5325cf4338c78804c7fde14a1217312ba2d923eee9c735b6b138c2ad276141a017

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-OKFUE.tmp

Filesize
233KB

MD5
fd85d503412b16984a42e8f3437bb11c

SHA1
87cc0a184b75f7c03cd40a04df86a2702e27e078

SHA256
439aef5032dd289891b970bd5702fc538fa766abc32fca31d9e61521f22c28eb

SHA512
175fce521f178078955a4d136df853e8660ce80350dbf82d8fa9249e5000ffa203a206411d25633cf7404df152111a9347de43b235798190aefd11899967e974

Download Submit
C:\Program Files\Red Giant\RGFX\Plugins\Universe_Transitions_VHS_Transition\Resources\VeryBadTracking\is-U5KG4.tmp

Filesize
235KB

MD5
cbd422769748a3a496dfd1a50735509f

SHA1
357824d7f8fefd3c4d56120449ec72d6ce22ef53

SHA256
d5d480a007434a7375d47b2770b4c86622bf05025c704190303db460a0bc5aec

SHA512
ff9dc6439dd08abf3311258e5b77e2aaeb851fabbb9a9314fb9ddb7878b9b5fb56d901c1adc0432ba840a8b17e3b5d2f665497639414562060a51c5d0dcc3f96

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\10-scale-bitmap-fonts.conf

Filesize
1KB

MD5
19fed10414ba0bcea055f4703d175fbc

SHA1
def927c2cd6e8cabfe3078c5357cfa618654df4f

SHA256
74b56fe3817fb2d6e5bd4b63b78458f09c26f49a0633b555b940580e70feae96

SHA512
4824275c7f64af9024f0a587a4636dea22de7909ed44fa721d0619fa36eabee02464c0a02dbc2dccbcc3e57b03ec74c1178b52deaad44e4771226685a27b6eb4

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\20-unhint-small-vera.conf

Filesize
1KB

MD5
465e4aa85401614e7dd258af9634fb73

SHA1
418baa7660657c15af1921ed1a9d2e041a2f1924

SHA256
a35f1f81bb4747eafc08b8132ec876cf044684b42cfee144673152c10454ef1d

SHA512
27287b9e2701c7bf4f694f71b4084963d57ad4415f92e64d3c408a8e1df3be676372d91c1fc5baf891cffa3dead4e9ce5a600af645bafa4ccbf5563ea0782b68

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\30-metric-aliases.conf

Filesize
11KB

MD5
7a3c6299063d5e951613ec39eabf8443

SHA1
a2f7b9dbc5a633bc1c1ba2da0db39b9eea85b6ca

SHA256
de44690d08097a518ac31cffa85655dc8e408fa88bf999e6f79bf52f16b71b94

SHA512
f13749ab5b5c1cbf0670295f404993dffa0cdd403b9cc9578cdebac5f15772fbaafab36c18b04b34518d557268eb9406fa0712a4930e26a04d2f3a31ce760873

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\30-urw-aliases.conf

Filesize
725B

MD5
20f657cc167bd69303e791ef73c834d4

SHA1
0019b039ffb28c6f8f9cabcd729a9b8a35065b6c

SHA256
b9acf05c86ed84ff8c15042f4ae594d3e9f517ac3156e84a281f28eba9842ced

SHA512
2c8c93e32770f1e4bbb67de5a5aa3709d6670d7ba8f0a90c346b5e7a46e283089ca29901f55e6ba9e50d23028b02dafa2ad65a501f19e090b68adeb8dab0b751

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\40-nonlatin.conf

Filesize
5KB

MD5
cdfd5a784eb7a05a9535e03c6cbc624e

SHA1
6b3565c5063e48043bcb494dcd80b84461fa7c6f

SHA256
757608f1d02f4b2542229dd2bad2f85019b8010c2cea8e3b51c687ecdbae4597

SHA512
4a7a49802dcfa686a06e5c1f3008f1febe635ffdc29c6b9ff9db0c95f35228c9bbce9f086b98e3a6e6e3d0012be59136141b74b1c348f5620f615785f01ebb7e

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\45-latin.conf

Filesize
4KB

MD5
a3d061c9ab2eb8aceb0f2790af215744

SHA1
04ea14084fcc3f63c0d47465132f287f63ce9083

SHA256
e19fc20123cd3533761c87726ad00a3113a997093d692e04d451ae8dcb433244

SHA512
0d8ce66135cc5406e258b8f346247d8a796ed3789f23360fe6f0a8efa6212ca50cf86881457fb724abd1cf579983353353b97f864833d680ceaedfff9f59cdab

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\49-sansserif.conf

Filesize
566B

MD5
2af29419e19f4efd5b23aae788df77f4

SHA1
be9fc58147615eda57a66ae45e061a16977f588f

SHA256
d620813d169a4ce95f8d1ed012271da6c32ccbb117e4a11a2d5a3437d5f2c807

SHA512
3df68c371763d6b6ccc891aaf917fdcaa0a087901742b7b3e21117921976440eebe574bb1d9fd310b1957d61dbf6dcd4954fad7389b0c88d444bc35988137426

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\50-user.conf

Filesize
688B

MD5
3a146ad251ebf5a309286c94763f33eb

SHA1
07c970734ae8ad57e3714cc1ffe9d02ce2d629d6

SHA256
913bb70766225e7f67396dd9fbf09a5bb30ca555c374655882e799fd776b08d0

SHA512
0746cf56754edd46da61211c2c7646c4690fb82570083ec003095538f302669630cdffb037e2ff463024e16ae389c033ad495a690d2f0512af31477d33ce8765

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\51-local.conf

Filesize
195B

MD5
94c2bf8b5ca3a4723c011ae95a777c21

SHA1
f9fae47abaf60a00a85ad85398d55f12c35c7893

SHA256
50768af1574929d8af3ad9b216715ac1afcc4588a32fb334b4b934c40baff814

SHA512
b4a6cf19013c136220f9bd9564b6848d0a6a4a291132c88eb0f7516fa034e204a5d09b42a45a691a4f9e421ad27f58e5151fd8107d0e4d5ffcd084f951244dff

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\60-latin.conf

Filesize
1KB

MD5
86b1061959dad8e296db82b9e2c19952

SHA1
58d6461e204e6f892c9734a15f4227556d783184

SHA256
dab0749f73625b4cef00c4966d2dfd4cfce5fa9a929c07b9cf1e807314680827

SHA512
fa44f65d53e57c26e5259616335a27a39539c8495f7756d3b4723a0ec2c9d1574719066d9bd297b5a0ee47498a36c98a0ac7aa83266675c35875c6b7b5e24f53

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\65-fonts-persian.conf

Filesize
10KB

MD5
2d79533728003aea85a40a6f3c776745

SHA1
502a1d31f36fc5e28e716f0cb5ed7752fb527a07

SHA256
5291eae913264d70d92b02f8c35ce999dcf515046ddc926c5365b05fc17f1229

SHA512
b0da2d35400f90315e7ae29ee4406ae2d734d89a7dbfbbd309c9c6d934f407e0736a92c96abbe9a29a090c0d44ae0acb32ab70d30f89bc924bec604cbc8b8fac

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\65-nonlatin.conf

Filesize
7KB

MD5
76feb004a4f070762a42c9633d676215

SHA1
75f76375aa08073bd221f10b7415f12d2c6e8e19

SHA256
6fe3585e34297391009c2518b06e37ab90a8715e6991ad3effc47ba4df4da22b

SHA512
c2bdf41052d81595a211b36efaaa46227c9559a53bc77b26bb5d3efb862171b3cc149ee06756342b8d15fc7707771b4475297ad7fe284abe7a2423b9af3689ad

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\69-unifont.conf

Filesize
700B

MD5
972bf7c88690e5a7790453830111e534

SHA1
6a70104a43a39e118c3192819f0fbbbc5f8ec20f

SHA256
5d49c5b3c372cdce076a3f634460d1ba98d2acec1338b16106cc8448401128e8

SHA512
3f23b3a797b7ee814008ff09e963a794e55216e5a56a0379d1546e09d69da878c2d361ba1cf3c5521a3b70f67abdb753276431b866f3db19fda6bc3b5ecb8210

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\80-delicious.conf

Filesize
441B

MD5
7b1f881357b9401f1318e204d25de8b1

SHA1
c63bc6c9641d45916b54addbbe3eb454a9f924c2

SHA256
911c0320ce00939a4f9fddae56afb03cbfb3b0185458ee5b677ce03f305cdb3c

SHA512
e9daa5e44ac7da003f9e8a237e196fc8afe59fb48fd3fc31e4887b8e021023ec2250e73bb6ce1e28939d362429f303f39c18fbd54409c255e1a7477e91d8c935

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\conf.d\90-synthetic.conf

Filesize
1KB

MD5
711984c7c96035f4a965762531f2271a

SHA1
695e54f9dc1c254882a22a688c3833b4464dd817

SHA256
d11df61bffbf0fabff7199f34e9f47dda4fc73b4d4efbe2857f3700a7a5f043b

SHA512
0b27ec3025ce912a9d9ec3b2dbbb82eb7b12fd699ef0632bde5eda0fdf5a2f63a29369e0bc582049dcadb6e3fba87a893870eeccb4a3dd2e0a31bc86c44d024c

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\fc-cache.exe

Filesize
11KB

MD5
e68026449c6a69d4961fa1a9ce315d38

SHA1
d65e9b921caf5fdd0e4828bf6efb2ac32590e091

SHA256
da1504a8ba6e4ac64e337323cd18eb79466bab7dd2d1c9f6616321c941a1ceb7

SHA512
beb96996b0d047b452d3f3d096b521782d0e18ca712c0c73f071151d4c9eb6eae7bd09561e208d27a64521d88ec7583f594a64aa906d89937dd02181fb9d751d

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\fonts.conf

Filesize
5KB

MD5
d1b52aff33d87933ae7a486f9a5c3f27

SHA1
be4ec8f6ed295cd1ffee4b4e23352b17e23f3743

SHA256
c8e41e2b764952826120a93e13363f635845e40a42c3b31e4d359a4247b0878f

SHA512
1a78235591bb0d6101692715f322f3cc8b887afff5e7667afb729232b4515d4a3d50150debb58104c6e0c68a3d97d9af17d2452d11b11612b6ed45adb083f07d

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libbz2.dll

Filesize
341KB

MD5
313e1da8c509b7febfe96ea5479af3b6

SHA1
8dd32b3c2c1d461d91f26876cb0a09af54a8f56f

SHA256
3c5f99f349409b5f78e71f4d17994c4824e83a4f66e0f0aa726c723b827ceee2

SHA512
ae5afced383bf1911c5605b578e765d0ecf3481895194230e43a91fdd7e49d87e6523bc9a7af2e03a1abfafc9d78685adabb3aef3400b60cd6bad805dfffcb44

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libexpat-1.dll

Filesize
663KB

MD5
73daa97834c690cb47bdf7d6d584e153

SHA1
b4f3bd9ed8e072f12ab118bfe2e00a027a487a7a

SHA256
ea9ba4c2c8c6e66b77b511b6a293de5c13399dbb4750e1a31496b64ba5d97d9a

SHA512
eeabe42a79f7027bf192a5555ef4576b3431a7a10673e5be936437ee0ab7c5b446d2cef5c7e0d7b63602be670461c030b35271f9406edb1c2f99ea2acc4b1e6f

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libfontconfig-1.dll

Filesize
238KB

MD5
dca8d01a2aa7fa4031a16a394e158fd5

SHA1
d1f75bcd2f08a93089552dcf26f8e6eeceaafacc

SHA256
367b1134c19be4297685e6a9ca7e1fa3c0cf1af3d0b1e060fea290a40ba2b729

SHA512
886842c20b3fc4a41dae0d3b547a896ae79580d8c041a2b3fd5661b7b005c6d47c17c67313ad778f2cd3c0fc3974b1b0645de6159c4949d2019d0b9d1e3e6064

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libfreetype-6.dll

Filesize
3.4MB

MD5
72be071fdcdd6c7da279388b048a5316

SHA1
83a3dceea815fe542035ffce8d48e93b259098a4

SHA256
0cd07dc0272143add9925ef250408c51b1af525be22daf196d13b9c5457cd5b9

SHA512
6c4fa217c56d48193e89fd8fcff080d37a58378e4251fe3bdbcaa1fb5f557b9e216abdc060b220fed045dcfd93a83b9f8ec01e125e438140d0ebdda82864a89f

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libpng16-16.dll

Filesize
1.1MB

MD5
4d6c2041b76828cf6f781376000e15cd

SHA1
196d83c66cb50ff883d7d633263929279631852a

SHA256
1600f590aa52e8a27dc97d26f13bf0b6843fa6c3ffd9e083d9f28465434d25eb

SHA512
cedc2c56da55a6acb9eaa072543eb59a3a8f86892a889ab202009bb3bc3b4ae5b8e5b71d5b945c43882722e21297368c63671fe4ab2793bfc17fc04cf00b678a

Download Submit
C:\ProgramData\Red Giant\Universe\Libraries\libz.dll

Filesize
93KB

MD5
a5db4546d2860ea085559d6998f50479

SHA1
173ad3046caa45b4e7b55c2016071303ccdf0fd5

SHA256
2e3b6d4b2df39ad6bf63865fbe212edfe6f7948b107acc8332f0d8f5db3dc94a

SHA512
65d2d58e2bc42ca3bec4502ebbafa769ab2500de13bb62fe2c3e5daaad984226c479defea6c657121c6932e1756fab3ebafb848ec651fb91804961c26f46fa35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f4c5f2c485598da945dc6642d45476de

SHA1
e7b1a468ed8efc0b8ecb5afdc75bca08f1169a27

SHA256
53462196ef0aa273942b00e6879fea18347fa47b3affd9acd292221b903c917d

SHA512
917fe14f71a8a1a813b340b227690a4ce8e962ebc3f6d7c70fecfd8811c64a1c405e52eb3c7a6c6b3077c8bbff43d034f3a3b6008a79ea650bc51baabf716940

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a6b138338060f64429ae22887a8e3f50

SHA1
84b8dd7ed06c624a3aa76fca79a9ae45db50205d

SHA256
83ea5af32bb87377fe93c5f506b1b8e523a312e7305df2d98528abac6f9081d7

SHA512
cfbfa395596b963db698d07f6f4879339948910c0822f2bf85e849428501dc7925086b43eea85e8216a4f1bf3770eecbf7baeb13b79464030afc44b617d096ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c3503d3239708944e503e8ba0dd810a7

SHA1
c6e3c3c5e12d7dc49dc238cb786029fe0d8fdb83

SHA256
3be82fa30f38cdb4cb755d613bea499c6a3b3886285494ddd7ce27b4c0e681db

SHA512
f635914b2597fb9b048464f712e9a23affc1e7413bba0db359b77cbc7f103ffa29a2d1bfcea14d63b3527d0157dc0ff9bfe724022b9c091bfb24e69668a179fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
fe268acd30a3488adac8697d53cbe944

SHA1
6e3c64b8d62c8bdd31db1fbe053ae202451775c3

SHA256
603e1a653257c8d4ad526a67e87bf7dfff691a83b2565fdb49f0c819cda1de7a

SHA512
da27a6e2b927485ef6ba9a95243f993f1d4aa47be5b4b8775b4a72f1ea4834da56209e404ff58f6e4cd1e161bdf554d039fcd4dd77481fafce1d2cc2ae7e5252

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d684b8ee62eb05996ddfe1d8e67ddd3d

SHA1
329faeaf36a811f05c85261e69885488e39d9862

SHA256
74ef5b63726cabc42baf9af46ed2e7a7218f0ff9ce26a9991cc226d57001294a

SHA512
c9d1cfbb7f78a405f0717d287a343fb9daeac61cce4ea9c1b5e9c55a5358e73cd10dedfa560aefe9585b17afef8a827d57445e9cbebe9d99f97b502c61046853

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6b8602d9ba99bfe73c6fe68091a21bff

SHA1
ed058f331017073d7c92e588d9981e3f93235e6a

SHA256
24227830380805348eb10cbce9c5e9b1e9ed342a17d560d2982f6688b2562d40

SHA512
98920c9865cec46a44650efb28d10b1ac875259f9ef64218d2493f39da42d93b26de3f9c04f41fe2fd924edd939eebfff2b9877def71d81723db722dd8760211

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
6a3eda4dbce5d28a1132a48900c9267d

SHA1
a0754b303a721a1053a1c2531bd53cebbb6e805c

SHA256
8fa376e850005ee7304d50e9f291493d8fdea28efff631ba4d7381f4e5b42bda

SHA512
518da87be1e603f2c32ac0b877819601d784ffc8ac935a4266efba0ef223b7e554c03841b3df9d31081a150858a43d264f02960ff726eaa08269ed7d390acfdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
4745a8566d0d13b784343a8653b18d5f

SHA1
c2b68e5e29a4e4d5708a776863c577619c31e4ea

SHA256
5da876ca6246f5ae954089b3d98431eb7e5c49f0803a8eb0d27416edcd5e528d

SHA512
a2a835d1b20e4750f483e1dc2ffa8b7f34b44aa45a9cd3af11943234b0235194f994073c4bd14b98fd8cdeb047dc7e203be972c0ea422d3c16ee0fca74a0596a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
896f0f5cb194fd321c20f343f9d16d7d

SHA1
04dbdf162237e05fa1b016b334600049ff2ef469

SHA256
c719ae1ca7ef12940391d28265390783816bbf68b2f5fdf1a290984952c81624

SHA512
9ade4c2be51da85c30e37859ac44af7401fb6fef8c0887032f927f6774bc6a3601c4a1988c707e49b9f8ba96f0c85caf460093a0cc1780520108ab65759bca20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
e51f3aa299f3e2cca398f19b105a9ddc

SHA1
ba756d42a05146a179c6d5fc6e1f268ddf742922

SHA256
80d1b59b559c282e3038ad9436355297e3ad1ff74d6218963dd153f6f84206ab

SHA512
df7ef5963d8122854f1d0215aecc5ac19391635588278c34adc137487dec547b01caf95e2d77ee4de370cd915b3e5195eade61a9e77333ef89048d66c0e2224e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
8b84e6320f085df905168c7afaf1b9f6

SHA1
1ed1fce834fda48f2b31f9e0b9255bdee79daaa5

SHA256
06397dfc28553f1ccb7aba87789eda33dd41fbf71741199d1fe72a4e7b3b653a

SHA512
f15804d95186343b5239bbee5d7d906b185ccee41a746322a84df481c458587e380ec4acb89360e74ef7bc95ed0169f7b1b3ff06172784ab4121efa4997f263f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
96KB

MD5
09639a62fa174a836f6ad15921e4220a

SHA1
5fe8268e182c97b947046b8c1dd28c82cd81edc0

SHA256
d6277b5aad2f7e7e1f419448038faf10b9e6cf37d4ea4609f804e030207a4ee1

SHA512
3fdea91ba1ad85f75ca84780c2e6e7f3093b43d29a78f036ba0550d549c40e48cb6f5e6455c3de6a40daba62f3fceb7554bd4d871eab814f7673dc71edc50eec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58312d.TMP

Filesize
94KB

MD5
8b22e285ed5facb798c370b202d50f2c

SHA1
bcf99a956ea993b67c940ccaa3744302f8d84c27

SHA256
d9407e70514b9276995480f3d69866721b232d13687b3ac41494da03ea0357fa

SHA512
9e13859edd3b4bf87d02864a2047a4342914650defb57259d1b16e8739be142b35eddb16b7b56334a37ab2153ea2fd14b693e307d97250967329f1797f874fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
4de34529361b151aa711751f51479e52

SHA1
2f23a5b5342cc5a5165769ce06470b0e6a40b3f8

SHA256
d16be655ba29ae48e5ae532e9e8758588651537b9bef0050069c17454cc94904

SHA512
bc8b3452ef8ab9d342693e6fa68b0e246201994b4b58f6527d4a0b23b4e7e0c0e90b5c47b33ead2d4a89041812c377e7f34e40789cfc367f3bd2b68244549c52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-O2M1M.tmp\Universe.tmp

Filesize
1.2MB

MD5
07599b9f2894ebd23d466450b47c1fe5

SHA1
19583969c025f53c0b8236f893e06df39c596c42

SHA256
87a8a986376d73c71987e18efad14451e14b463ac0e604bacd84eb0597223a3b

SHA512
3dc1c24b226c40ccb05e464e033947d32ecd289e14628930fc52d6306df60be1f4518e8cccf19f5f470c27e7a5e43c98fb57b22af91dd6f41f8ba6aaf38a91aa

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\Universe -NicoolTutorials.zip

Filesize
53.8MB

MD5
b6b66acda3be32ba64b116d7cee89b6e

SHA1
bd0db248538392663f6055b313cfedabb40a9ce4

SHA256
7daebef5b7789f4f9529dd4352e7313a2c883a1c22185de385407899fad402c6

SHA512
a36773db5ef5a159ba908b8b65f7fcee7bda7a73201036d5913d1b40c4d502677814ce88e204ee62b3aa1c7cc8d8a54d26ee4d617ee64d935913a5394351bb4d

Download Submit
C:\Users\Admin\Downloads\Universe -NicoolTutorials.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
memory/3044-11174-0x00007FFCE8E00000-0x00007FFCE8E34000-memory.dmp

Filesize
208KB

Download
memory/3044-11173-0x00007FF7CDE30000-0x00007FF7CDF28000-memory.dmp

Filesize
992KB

Download
memory/3044-11175-0x00007FFCCE380000-0x00007FFCCE634000-memory.dmp

Filesize
2.7MB

Download
memory/3044-11176-0x00000142AB470000-0x00000142AC51B000-memory.dmp

Filesize
16.7MB

Download
memory/3044-11177-0x00007FFCCD610000-0x00007FFCCD722000-memory.dmp

Filesize
1.1MB

Download
memory/3100-11300-0x0000000000400000-0x000000000043B000-memory.dmp

Filesize
236KB

Download
memory/3100-280-0x0000000000400000-0x000000000043B000-memory.dmp

Filesize
236KB

Download
memory/3100-269-0x0000000000400000-0x000000000043B000-memory.dmp

Filesize
236KB

Download
memory/3788-275-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/3788-11284-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-11106-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-493-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-1945-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-2067-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/3788-3976-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-7330-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-5534-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/3788-11299-0x0000000000400000-0x000000000053E000-memory.dmp

Filesize
1.2MB

Download
memory/4280-11294-0x000000006B400000-0x000000006B459000-memory.dmp

Filesize
356KB

Download
memory/4280-11296-0x0000000068B40000-0x0000000068C4D000-memory.dmp

Filesize
1.1MB

Download
memory/4280-11295-0x000000006E8C0000-0x000000006E8E0000-memory.dmp

Filesize
128KB

Download
memory/4280-11293-0x000000006F4C0000-0x000000006F81A000-memory.dmp

Filesize
3.4MB

Download
memory/4280-11292-0x0000000068F40000-0x0000000068FE7000-memory.dmp

Filesize
668KB

Download