Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Launcher.exe

windows7-x64

7

Launcher.exe

windows10-2004-x64

7

Launcher.exe

windows11-21h2-x64

7

Resubmissions

08/03/2024, 09:25

240308-ldsftacd9x 8

08/03/2024, 09:09

240308-k4tacsbc94 7

Analysis

  • max time kernel
    303s
  • max time network
    299s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/03/2024, 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Launcher.exe

  • Size

    81.7MB

  • MD5

    d4f685deb88b48dc0e55703f7ab56d82

  • SHA1

    4db0f7c4a2c299eeeecb258c14d13c8c0714206a

  • SHA256

    98faaafd3b450d836415eff09da56591fe31c54b4a668498416537262f2cd4c6

  • SHA512

    e5794ca50a3336f4a0cd0f135fd78900dc6104c5e83791e15bc4887bd3b3ae3f6eb991fcb1261fcb6a15a539724f2b6b7ec4a8535a3a885be721a27413de8b36

  • SSDEEP

    1572864:V/WHHr9qNUFkOVYIIu+eTt1Thl1RJzve1FizRreIQeLcsbI+No77:V/8L9qKiOYu+yzThlFzW1FizAIBQcNM7

Score
7/10
spywarestealer

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 14 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 7 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Detects videocard installed 1 TTPs 1 IoCs

    Uses WMIC.exe to determine videocard installed.

  • Enumerates processes with tasklist 1 TTPs 64 IoCs
  • Runs net.exe
  • Suspicious behavior: EnumeratesProcesses 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1372
    • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
      C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks processor information in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:844
      • C:\Windows\system32\cmd.exe
        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:3196
        • C:\Windows\system32\tasklist.exe
          tasklist
          4⤵
          • Enumerates processes with tasklist
          • Suspicious use of AdjustPrivilegeToken
          PID:4016
      • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
        "C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\script" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1692 --field-trial-handle=1736,i,3117788174762961356,4042480024724447055,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:5000
      • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
        "C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\script" --mojo-platform-channel-handle=1832 --field-trial-handle=1736,i,3117788174762961356,4042480024724447055,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:4244
      • C:\Windows\system32\cmd.exe
        C:\Windows\system32\cmd.exe /d /s /c "wmic process where processid=1372 get ExecutablePath"
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:3664
        • C:\Windows\System32\Wbem\WMIC.exe
          wmic process where processid=1372 get ExecutablePath
          4⤵
          • Suspicious use of AdjustPrivilegeToken
          PID:4924
      • C:\Windows\system32\cmd.exe
        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
        3⤵
          PID:3540
          • C:\Windows\system32\tasklist.exe
            tasklist
            4⤵
            • Enumerates processes with tasklist
            • Suspicious use of AdjustPrivilegeToken
            PID:7944
        • C:\Windows\system32\cmd.exe
          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
          3⤵
            PID:2596
            • C:\Windows\system32\tasklist.exe
              tasklist
              4⤵
              • Enumerates processes with tasklist
              PID:7952
          • C:\Windows\system32\cmd.exe
            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
            3⤵
              PID:1580
              • C:\Windows\system32\tasklist.exe
                tasklist
                4⤵
                • Suspicious use of AdjustPrivilegeToken
                PID:7960
            • C:\Windows\system32\cmd.exe
              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
              3⤵
                PID:3780
                • C:\Windows\system32\tasklist.exe
                  tasklist
                  4⤵
                  • Suspicious use of AdjustPrivilegeToken
                  PID:7988
              • C:\Windows\system32\cmd.exe
                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                3⤵
                  PID:5020
                  • C:\Windows\system32\tasklist.exe
                    tasklist
                    4⤵
                    • Enumerates processes with tasklist
                    PID:8020
                • C:\Windows\system32\cmd.exe
                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                  3⤵
                    PID:2724
                    • C:\Windows\system32\tasklist.exe
                      tasklist
                      4⤵
                      • Enumerates processes with tasklist
                      PID:8008
                  • C:\Windows\system32\cmd.exe
                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                    3⤵
                      PID:4268
                      • C:\Windows\system32\tasklist.exe
                        tasklist
                        4⤵
                          PID:8124
                      • C:\Windows\system32\cmd.exe
                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                        3⤵
                          PID:1828
                          • C:\Windows\system32\tasklist.exe
                            tasklist
                            4⤵
                            • Enumerates processes with tasklist
                            • Suspicious use of AdjustPrivilegeToken
                            PID:7888
                        • C:\Windows\system32\cmd.exe
                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                          3⤵
                            PID:4784
                            • C:\Windows\system32\tasklist.exe
                              tasklist
                              4⤵
                                PID:8348
                            • C:\Windows\system32\cmd.exe
                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                              3⤵
                                PID:5080
                                • C:\Windows\system32\tasklist.exe
                                  tasklist
                                  4⤵
                                  • Enumerates processes with tasklist
                                  • Suspicious use of AdjustPrivilegeToken
                                  PID:7788
                              • C:\Windows\system32\cmd.exe
                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                3⤵
                                  PID:4208
                                  • C:\Windows\system32\tasklist.exe
                                    tasklist
                                    4⤵
                                    • Enumerates processes with tasklist
                                    PID:8408
                                • C:\Windows\system32\cmd.exe
                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                  3⤵
                                    PID:2552
                                    • C:\Windows\system32\tasklist.exe
                                      tasklist
                                      4⤵
                                        PID:8400
                                    • C:\Windows\system32\cmd.exe
                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                      3⤵
                                        PID:3700
                                        • C:\Windows\system32\tasklist.exe
                                          tasklist
                                          4⤵
                                            PID:8364
                                        • C:\Windows\system32\cmd.exe
                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                          3⤵
                                            PID:4136
                                            • C:\Windows\system32\tasklist.exe
                                              tasklist
                                              4⤵
                                              • Enumerates processes with tasklist
                                              PID:8320
                                          • C:\Windows\system32\cmd.exe
                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                            3⤵
                                              PID:908
                                              • C:\Windows\system32\tasklist.exe
                                                tasklist
                                                4⤵
                                                • Enumerates processes with tasklist
                                                PID:8140
                                            • C:\Windows\system32\cmd.exe
                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                              3⤵
                                                PID:1344
                                                • C:\Windows\system32\tasklist.exe
                                                  tasklist
                                                  4⤵
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:6336
                                              • C:\Windows\system32\cmd.exe
                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                3⤵
                                                  PID:2132
                                                  • C:\Windows\system32\tasklist.exe
                                                    tasklist
                                                    4⤵
                                                    • Enumerates processes with tasklist
                                                    • Suspicious use of AdjustPrivilegeToken
                                                    PID:7896
                                                • C:\Windows\system32\cmd.exe
                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                  3⤵
                                                    PID:5032
                                                    • C:\Windows\system32\tasklist.exe
                                                      tasklist
                                                      4⤵
                                                      • Enumerates processes with tasklist
                                                      PID:8116
                                                  • C:\Windows\system32\cmd.exe
                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                    3⤵
                                                      PID:2068
                                                      • C:\Windows\system32\tasklist.exe
                                                        tasklist
                                                        4⤵
                                                        • Enumerates processes with tasklist
                                                        PID:8040
                                                    • C:\Windows\system32\cmd.exe
                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                      3⤵
                                                        PID:408
                                                        • C:\Windows\system32\tasklist.exe
                                                          tasklist
                                                          4⤵
                                                          • Enumerates processes with tasklist
                                                          • Suspicious use of AdjustPrivilegeToken
                                                          PID:7932
                                                      • C:\Windows\system32\cmd.exe
                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                        3⤵
                                                          PID:4328
                                                          • C:\Windows\system32\tasklist.exe
                                                            tasklist
                                                            4⤵
                                                            • Enumerates processes with tasklist
                                                            PID:8264
                                                        • C:\Windows\system32\cmd.exe
                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                          3⤵
                                                            PID:2336
                                                            • C:\Windows\system32\tasklist.exe
                                                              tasklist
                                                              4⤵
                                                              • Enumerates processes with tasklist
                                                              PID:8220
                                                          • C:\Windows\system32\cmd.exe
                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                            3⤵
                                                              PID:4160
                                                              • C:\Windows\system32\tasklist.exe
                                                                tasklist
                                                                4⤵
                                                                • Enumerates processes with tasklist
                                                                PID:8336
                                                            • C:\Windows\system32\cmd.exe
                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                              3⤵
                                                                PID:5088
                                                                • C:\Windows\system32\tasklist.exe
                                                                  tasklist
                                                                  4⤵
                                                                  • Enumerates processes with tasklist
                                                                  PID:8068
                                                              • C:\Windows\system32\cmd.exe
                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                3⤵
                                                                  PID:4148
                                                                  • C:\Windows\system32\tasklist.exe
                                                                    tasklist
                                                                    4⤵
                                                                      PID:8236
                                                                  • C:\Windows\system32\cmd.exe
                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                    3⤵
                                                                      PID:4772
                                                                      • C:\Windows\system32\tasklist.exe
                                                                        tasklist
                                                                        4⤵
                                                                        • Enumerates processes with tasklist
                                                                        PID:8032
                                                                    • C:\Windows\system32\cmd.exe
                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                      3⤵
                                                                        PID:3520
                                                                        • C:\Windows\system32\tasklist.exe
                                                                          tasklist
                                                                          4⤵
                                                                            PID:7924
                                                                        • C:\Windows\system32\cmd.exe
                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                          3⤵
                                                                            PID:220
                                                                            • C:\Windows\system32\tasklist.exe
                                                                              tasklist
                                                                              4⤵
                                                                              • Enumerates processes with tasklist
                                                                              PID:8100
                                                                          • C:\Windows\system32\cmd.exe
                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                            3⤵
                                                                              PID:4952
                                                                              • C:\Windows\system32\tasklist.exe
                                                                                tasklist
                                                                                4⤵
                                                                                • Enumerates processes with tasklist
                                                                                PID:7904
                                                                            • C:\Windows\system32\cmd.exe
                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                              3⤵
                                                                                PID:236
                                                                                • C:\Windows\system32\tasklist.exe
                                                                                  tasklist
                                                                                  4⤵
                                                                                    PID:8060
                                                                                • C:\Windows\system32\cmd.exe
                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                  3⤵
                                                                                    PID:1188
                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                      tasklist
                                                                                      4⤵
                                                                                      • Enumerates processes with tasklist
                                                                                      PID:8356
                                                                                  • C:\Windows\system32\cmd.exe
                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                    3⤵
                                                                                      PID:804
                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                        tasklist
                                                                                        4⤵
                                                                                        • Enumerates processes with tasklist
                                                                                        PID:8164
                                                                                    • C:\Windows\system32\cmd.exe
                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                      3⤵
                                                                                        PID:4412
                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                          tasklist
                                                                                          4⤵
                                                                                          • Enumerates processes with tasklist
                                                                                          PID:8184
                                                                                      • C:\Windows\system32\cmd.exe
                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                        3⤵
                                                                                          PID:4452
                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                            tasklist
                                                                                            4⤵
                                                                                            • Enumerates processes with tasklist
                                                                                            PID:8860
                                                                                        • C:\Windows\system32\cmd.exe
                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                          3⤵
                                                                                            PID:8
                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                              tasklist
                                                                                              4⤵
                                                                                                PID:8108
                                                                                            • C:\Windows\system32\cmd.exe
                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                              3⤵
                                                                                                PID:4956
                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                  tasklist
                                                                                                  4⤵
                                                                                                    PID:8536
                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                  3⤵
                                                                                                    PID:4252
                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                      tasklist
                                                                                                      4⤵
                                                                                                      • Enumerates processes with tasklist
                                                                                                      PID:8384
                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                    3⤵
                                                                                                      PID:5060
                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                        tasklist
                                                                                                        4⤵
                                                                                                        • Enumerates processes with tasklist
                                                                                                        PID:9140
                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                      3⤵
                                                                                                        PID:4144
                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                          tasklist
                                                                                                          4⤵
                                                                                                          • Enumerates processes with tasklist
                                                                                                          PID:8048
                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                        3⤵
                                                                                                          PID:4872
                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                            tasklist
                                                                                                            4⤵
                                                                                                            • Enumerates processes with tasklist
                                                                                                            PID:8132
                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                          3⤵
                                                                                                            PID:4896
                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                              tasklist
                                                                                                              4⤵
                                                                                                                PID:8828
                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                              3⤵
                                                                                                                PID:3160
                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                  tasklist
                                                                                                                  4⤵
                                                                                                                    PID:8200
                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                  3⤵
                                                                                                                    PID:3240
                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                      tasklist
                                                                                                                      4⤵
                                                                                                                      • Enumerates processes with tasklist
                                                                                                                      PID:8084
                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                    3⤵
                                                                                                                      PID:3624
                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                        tasklist
                                                                                                                        4⤵
                                                                                                                        • Enumerates processes with tasklist
                                                                                                                        PID:8520
                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                      3⤵
                                                                                                                        PID:1184
                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                          tasklist
                                                                                                                          4⤵
                                                                                                                          • Enumerates processes with tasklist
                                                                                                                          PID:8256
                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                        3⤵
                                                                                                                          PID:5124
                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                            tasklist
                                                                                                                            4⤵
                                                                                                                            • Enumerates processes with tasklist
                                                                                                                            PID:8304
                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                          3⤵
                                                                                                                            PID:5144
                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                              tasklist
                                                                                                                              4⤵
                                                                                                                              • Enumerates processes with tasklist
                                                                                                                              PID:9016
                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                            3⤵
                                                                                                                              PID:5164
                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                tasklist
                                                                                                                                4⤵
                                                                                                                                  PID:8580
                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                3⤵
                                                                                                                                  PID:5188
                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                    tasklist
                                                                                                                                    4⤵
                                                                                                                                      PID:8472
                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                    3⤵
                                                                                                                                      PID:5208
                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                        tasklist
                                                                                                                                        4⤵
                                                                                                                                        • Enumerates processes with tasklist
                                                                                                                                        PID:9092
                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                      3⤵
                                                                                                                                        PID:5228
                                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                                          tasklist
                                                                                                                                          4⤵
                                                                                                                                          • Enumerates processes with tasklist
                                                                                                                                          PID:9068
                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                        3⤵
                                                                                                                                          PID:5244
                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                            tasklist
                                                                                                                                            4⤵
                                                                                                                                            • Enumerates processes with tasklist
                                                                                                                                            PID:8376
                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                          3⤵
                                                                                                                                            PID:5260
                                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                                              tasklist
                                                                                                                                              4⤵
                                                                                                                                              • Enumerates processes with tasklist
                                                                                                                                              PID:8208
                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                            3⤵
                                                                                                                                              PID:5268
                                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                                tasklist
                                                                                                                                                4⤵
                                                                                                                                                • Enumerates processes with tasklist
                                                                                                                                                PID:8504
                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                              3⤵
                                                                                                                                                PID:5276
                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                  tasklist
                                                                                                                                                  4⤵
                                                                                                                                                  • Enumerates processes with tasklist
                                                                                                                                                  PID:8148
                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                3⤵
                                                                                                                                                  PID:5296
                                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                                    tasklist
                                                                                                                                                    4⤵
                                                                                                                                                      PID:8512
                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                    3⤵
                                                                                                                                                      PID:5320
                                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                                        tasklist
                                                                                                                                                        4⤵
                                                                                                                                                        • Enumerates processes with tasklist
                                                                                                                                                        PID:3692
                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                      3⤵
                                                                                                                                                        PID:5340
                                                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                                                          tasklist
                                                                                                                                                          4⤵
                                                                                                                                                          • Enumerates processes with tasklist
                                                                                                                                                          PID:8156
                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                        3⤵
                                                                                                                                                          PID:5360
                                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                                            tasklist
                                                                                                                                                            4⤵
                                                                                                                                                              PID:7748
                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                            3⤵
                                                                                                                                                              PID:5384
                                                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                                                tasklist
                                                                                                                                                                4⤵
                                                                                                                                                                • Enumerates processes with tasklist
                                                                                                                                                                PID:8932
                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                              3⤵
                                                                                                                                                                PID:5408
                                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                                  tasklist
                                                                                                                                                                  4⤵
                                                                                                                                                                  • Enumerates processes with tasklist
                                                                                                                                                                  PID:8172
                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                3⤵
                                                                                                                                                                  PID:5424
                                                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                                                    tasklist
                                                                                                                                                                    4⤵
                                                                                                                                                                    • Enumerates processes with tasklist
                                                                                                                                                                    PID:8852
                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                  3⤵
                                                                                                                                                                    PID:5444
                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                      tasklist
                                                                                                                                                                      4⤵
                                                                                                                                                                      • Enumerates processes with tasklist
                                                                                                                                                                      PID:9124
                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                    3⤵
                                                                                                                                                                      PID:5460
                                                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                                                        tasklist
                                                                                                                                                                        4⤵
                                                                                                                                                                        • Enumerates processes with tasklist
                                                                                                                                                                        PID:8924
                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                      3⤵
                                                                                                                                                                        PID:5488
                                                                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                                                                          tasklist
                                                                                                                                                                          4⤵
                                                                                                                                                                          • Enumerates processes with tasklist
                                                                                                                                                                          PID:8244
                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                        3⤵
                                                                                                                                                                          PID:5508
                                                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                                                            tasklist
                                                                                                                                                                            4⤵
                                                                                                                                                                            • Enumerates processes with tasklist
                                                                                                                                                                            PID:8868
                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                          3⤵
                                                                                                                                                                            PID:5524
                                                                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                                                                              tasklist
                                                                                                                                                                              4⤵
                                                                                                                                                                                PID:8328
                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                              3⤵
                                                                                                                                                                                PID:5544
                                                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                  tasklist
                                                                                                                                                                                  4⤵
                                                                                                                                                                                  • Enumerates processes with tasklist
                                                                                                                                                                                  PID:8312
                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                3⤵
                                                                                                                                                                                  PID:5568
                                                                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                    tasklist
                                                                                                                                                                                    4⤵
                                                                                                                                                                                    • Enumerates processes with tasklist
                                                                                                                                                                                    PID:8528
                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                  3⤵
                                                                                                                                                                                    PID:5596
                                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                      tasklist
                                                                                                                                                                                      4⤵
                                                                                                                                                                                      • Enumerates processes with tasklist
                                                                                                                                                                                      PID:8480
                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                    3⤵
                                                                                                                                                                                      PID:5616
                                                                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                        tasklist
                                                                                                                                                                                        4⤵
                                                                                                                                                                                          PID:8844
                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                        3⤵
                                                                                                                                                                                          PID:5636
                                                                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                            tasklist
                                                                                                                                                                                            4⤵
                                                                                                                                                                                              PID:8392
                                                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                            3⤵
                                                                                                                                                                                              PID:5660
                                                                                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                tasklist
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Enumerates processes with tasklist
                                                                                                                                                                                                PID:8092
                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                              3⤵
                                                                                                                                                                                                PID:5680
                                                                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                  tasklist
                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                    PID:8884
                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                    PID:5708
                                                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                      tasklist
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                      • Enumerates processes with tasklist
                                                                                                                                                                                                      PID:8496
                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                      PID:5728
                                                                                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                        tasklist
                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                          PID:8916
                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                          PID:5752
                                                                                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                            tasklist
                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                            • Enumerates processes with tasklist
                                                                                                                                                                                                            PID:9132
                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                            PID:5776
                                                                                                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                              tasklist
                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                PID:8892
                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                PID:5796
                                                                                                                                                                                                                • C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                  \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                    PID:4016
                                                                                                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                    tasklist
                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                    • Enumerates processes with tasklist
                                                                                                                                                                                                                    PID:8488
                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                    PID:5812
                                                                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                      tasklist
                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                        PID:8876
                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                        PID:5836
                                                                                                                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                          tasklist
                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                            PID:8556
                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                            PID:5872
                                                                                                                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                              tasklist
                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                              • Enumerates processes with tasklist
                                                                                                                                                                                                                              PID:8464
                                                                                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                              PID:5884
                                                                                                                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                tasklist
                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                • Enumerates processes with tasklist
                                                                                                                                                                                                                                PID:8820
                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                PID:5928
                                                                                                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                  tasklist
                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                  • Enumerates processes with tasklist
                                                                                                                                                                                                                                  PID:8076
                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                  PID:5952
                                                                                                                                                                                                                                  • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                    tasklist
                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                    • Enumerates processes with tasklist
                                                                                                                                                                                                                                    PID:8908
                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                    PID:5968
                                                                                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                      tasklist
                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                        PID:9060
                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                        PID:5980
                                                                                                                                                                                                                                        • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                          tasklist
                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                            PID:9024
                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                            PID:6000
                                                                                                                                                                                                                                            • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                              tasklist
                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                              • Enumerates processes with tasklist
                                                                                                                                                                                                                                              PID:9116
                                                                                                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                              PID:6024
                                                                                                                                                                                                                                              • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                                tasklist
                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                • Enumerates processes with tasklist
                                                                                                                                                                                                                                                PID:9076
                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                PID:6056
                                                                                                                                                                                                                                                • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                                  tasklist
                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                    PID:8900
                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                    PID:6072
                                                                                                                                                                                                                                                    • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                                      tasklist
                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                      • Enumerates processes with tasklist
                                                                                                                                                                                                                                                      PID:8456
                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                      PID:6108
                                                                                                                                                                                                                                                      • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                                        tasklist
                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                          PID:8836
                                                                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "net session"
                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                          PID:6132
                                                                                                                                                                                                                                                          • C:\Windows\system32\net.exe
                                                                                                                                                                                                                                                            net session
                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                              PID:8948
                                                                                                                                                                                                                                                              • C:\Windows\system32\net1.exe
                                                                                                                                                                                                                                                                C:\Windows\system32\net1 session
                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                  PID:10476
                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\resources\app.asar.unpacked\bind\main.exe"
                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                PID:4588
                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "wmic csproduct get uuid"
                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                  PID:4860
                                                                                                                                                                                                                                                                  • C:\Windows\System32\Wbem\WMIC.exe
                                                                                                                                                                                                                                                                    wmic csproduct get uuid
                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                      PID:8288
                                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "wmic OS get caption, osarchitecture | more +1"
                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                      PID:3868
                                                                                                                                                                                                                                                                      • C:\Windows\System32\Wbem\WMIC.exe
                                                                                                                                                                                                                                                                        wmic OS get caption, osarchitecture
                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                          PID:8416
                                                                                                                                                                                                                                                                        • C:\Windows\system32\more.com
                                                                                                                                                                                                                                                                          more +1
                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                            PID:9252
                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "wmic cpu get name | more +1"
                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                            PID:11868
                                                                                                                                                                                                                                                                            • C:\Windows\System32\Wbem\WMIC.exe
                                                                                                                                                                                                                                                                              wmic cpu get name
                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                PID:12048
                                                                                                                                                                                                                                                                              • C:\Windows\system32\more.com
                                                                                                                                                                                                                                                                                more +1
                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                  PID:12056
                                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "wmic PATH Win32_VideoController get name | more +1"
                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                  PID:12272
                                                                                                                                                                                                                                                                                  • C:\Windows\System32\Wbem\WMIC.exe
                                                                                                                                                                                                                                                                                    wmic PATH Win32_VideoController get name
                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                    • Detects videocard installed
                                                                                                                                                                                                                                                                                    PID:9636
                                                                                                                                                                                                                                                                                  • C:\Windows\system32\more.com
                                                                                                                                                                                                                                                                                    more +1
                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                      PID:8992
                                                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform' -Name BackupProductKeyDefault"
                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                      PID:4216
                                                                                                                                                                                                                                                                                      • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform' -Name BackupProductKeyDefault
                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                        PID:4540
                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' -Name ProductName"
                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                        PID:10840
                                                                                                                                                                                                                                                                                        • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                          powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' -Name ProductName
                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                          PID:472
                                                                                                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "tasklist"
                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                          PID:3752
                                                                                                                                                                                                                                                                                          • C:\Windows\system32\tasklist.exe
                                                                                                                                                                                                                                                                                            tasklist
                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                            • Enumerates processes with tasklist
                                                                                                                                                                                                                                                                                            PID:5540
                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "wmic process where processid=1372 get ExecutablePath"
                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                            PID:9088
                                                                                                                                                                                                                                                                                            • C:\Windows\System32\Wbem\WMIC.exe
                                                                                                                                                                                                                                                                                              wmic process where processid=1372 get ExecutablePath
                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                PID:4596
                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall""
                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                PID:11444
                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                    PID:9928
                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall""
                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                    PID:9932
                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                        PID:10684
                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip""
                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                        PID:10932
                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip"
                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                            PID:4276
                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook""
                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                            PID:3516
                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook"
                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                PID:2304
                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager""
                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                PID:11988
                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager"
                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                    PID:4372
                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx""
                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                    PID:12084
                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx"
                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                        PID:3644
                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime""
                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                        PID:12196
                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime"
                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                            PID:12048
                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore""
                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                            PID:2708
                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore"
                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                PID:4968
                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40""
                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                PID:1164
                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40"
                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                    PID:10808
                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data""
                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                    PID:3088
                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data"
                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                        PID:10796
                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX""
                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                        PID:4020
                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX"
                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                            PID:5452
                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData""
                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                            PID:2576
                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData"
                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                PID:10064
                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack""
                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                PID:6404
                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack"
                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                    PID:6444
                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 105.0.3 (x64 en-US)""
                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                    PID:7520
                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                                                                                                                                                      \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                        PID:5124
                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 105.0.3 (x64 en-US)"
                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                          PID:4588
                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService""
                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                          PID:848
                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                                                                                                                                                            \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                              PID:3780
                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService"
                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                PID:9020
                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2""
                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                PID:5148
                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2"
                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                    PID:10128
                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ProPlusRetail - en-us""
                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                    PID:8892
                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ProPlusRetail - en-us"
                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:9900
                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent""
                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:5672
                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent"
                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                            PID:9352
                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player""
                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                            PID:7144
                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                                                                                                                                                                              \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                PID:8060
                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player"
                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                  PID:1700
                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC""
                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                  PID:5644
                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC"
                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                      PID:10000
                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}""
                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                      PID:8236
                                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}"
                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                          PID:9164
                                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}""
                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                          PID:10416
                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}"
                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                              PID:7724
                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3544B2EE-E62F-4D11-B79C-3DDEACE94DA5}""
                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                              PID:6280
                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3544B2EE-E62F-4D11-B79C-3DDEACE94DA5}"
                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                  PID:8840
                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}""
                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                  PID:6112
                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                                    \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                      PID:8836
                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}"
                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                        PID:11348
                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A706840-2882-423C-90EB-B31545E2BC7A}""
                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                        PID:8948
                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A706840-2882-423C-90EB-B31545E2BC7A}"
                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                            PID:9772
                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}""
                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                            PID:8056
                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}"
                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                PID:6940
                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}""
                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                PID:5196
                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}"
                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                    PID:9500
                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0180381}""
                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                    PID:7656
                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0180381}"
                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                        PID:11304
                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{662A0088-6FCD-45DD-9EA7-68674058AED5}""
                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                        PID:10316
                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{662A0088-6FCD-45DD-9EA7-68674058AED5}"
                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                            PID:5536
                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}""
                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                            PID:4744
                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}"
                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                PID:10476
                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEEAB3-122F-4231-83C7-0C35363D02F9}""
                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                PID:5788
                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEEAB3-122F-4231-83C7-0C35363D02F9}"
                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:7660
                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77924AE4-039E-4CA4-87B4-2F64180381F0}""
                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:8448
                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77924AE4-039E-4CA4-87B4-2F64180381F0}"
                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:11384
                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-007E-0000-1000-0000000FF1CE}""
                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:4828
                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-007E-0000-1000-0000000FF1CE}"
                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:8252
                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0000-1000-0000000FF1CE}""
                                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:6344
                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0000-1000-0000000FF1CE}"
                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:7812
                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0409-1000-0000000FF1CE}""
                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:7312
                                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90160000-008C-0409-1000-0000000FF1CE}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:9580
                                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AE86D888-1404-47CC-A7BB-8D86C0503E58}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:7352
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AE86D888-1404-47CC-A7BB-8D86C0503E58}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:9180
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C7141A99-592B-4226-A4E9-B767C1D0FBAF}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:9520
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C7141A99-592B-4226-A4E9-B767C1D0FBAF}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:3476
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB0836EC-B072-368D-82B2-D3470BF95707}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:8356
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB0836EC-B072-368D-82B2-D3470BF95707}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:3872
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:7760
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:4000
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D44822A8-FC28-42FC-8B1D-21A78579FC79}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:10212
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D44822A8-FC28-42FC-8B1D-21A78579FC79}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:8628
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E016F2B9-01FE-4FAA-882E-ECC43FA49751}""
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:10420
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\reg.exe QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E016F2B9-01FE-4FAA-882E-ECC43FA49751}"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:9528
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /d /s /c "powershell -ExecutionPolicy Bypass -NoProfile -File "C:\Users\Admin\AppData\Local\Temp\hN1s0RNrLiez_tezmp.ps1""
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:8020
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              powershell -ExecutionPolicy Bypass -NoProfile -File "C:\Users\Admin\AppData\Local\Temp\hN1s0RNrLiez_tezmp.ps1"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:10400
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\system32\cmd.exe /d /s /c "powershell -command "function Get-AntiVirusProduct { [CmdletBinding()] param ( [parameter(ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)] [Alias('name')] $computername=$env:computername ) $AntiVirusProducts = Get-WmiObject -Namespace "root\\SecurityCenter2" -Class AntiVirusProduct -ComputerName $computername $ret = @() foreach ($AntiVirusProduct in $AntiVirusProducts) { switch ($AntiVirusProduct.productState) { "262144" { $defstatus = "Up to date"; $rtstatus = "Disabled" } "262160" { $defstatus = "Out of date"; $rtstatus = "Disabled" } "266240" { $defstatus = "Up to date"; $rtstatus = "Enabled" } "266256" { $defstatus = "Out of date"; $rtstatus = "Enabled" } "393216" { $defstatus = "Up to date"; $rtstatus = "Disabled" } "393232" { $defstatus = "Out of date"; $rtstatus = "Disabled" } "393488" { $defstatus = "Out of date"; $rtstatus = "Disabled" } "397312" { $defstatus = "Up to date"; $rtstatus = "Enabled" } "397328" { $defstatus = "Out of date"; $rtstatus = "Enabled" } "397584" { $defstatus = "Out of date"; $rtstatus = "Enabled" } default { $defstatus = "Unknown"; $rtstatus = "Unknown" } } $ht = @{} $ht.Computername = $computername $ht.Name = $AntiVirusProduct.displayName $ht.'Product GUID' = $AntiVirusProduct.instanceGuid $ht.'Product Executable' = $AntiVirusProduct.pathToSignedProductExe $ht.'Reporting Exe' = $AntiVirusProduct.pathToSignedReportingExe $ht.'Definition Status' = $defstatus $ht.'Real-time Protection Status' = $rtstatus # Créez un nouvel objet pour chaque ordinateur $ret += New-Object -TypeName PSObject -Property $ht } Return $ret } Get-AntiVirusProduct ""
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:5020
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                powershell -command "function Get-AntiVirusProduct {
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:10216
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:5396
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  powershell Get-Clipboard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:9588
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /d /s /c "netsh wlan show profile"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:4604
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\netsh.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    netsh wlan show profile
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:5804
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /d /s /c "C:\Windows\system32\reg.exe QUERY "HKCU\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions""
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:8160
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\reg.exe QUERY "HKCU\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:8376
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        "C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\script" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2964 --field-trial-handle=1736,i,3117788174762961356,4042480024724447055,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Loads dropped DLL
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:8784

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Network

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Replay Monitor

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Loading Replay Monitor...

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Downloads

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6cf293cb4d80be23433eecf74ddb5503

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    24fe4752df102c2ef492954d6b046cb5512ad408

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b1f292b6199aa29c7fafbca007e5f9e3f68edcbbca1965bc828cc92dc0f18bb8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0f91e2da0da8794b9797c7b50eb5dfd27bde4546ceb6902a776664ce887dd6f12a0dd8773d612ccc76dfd029cd280778a0f0ae17ce679b3d2ffd968dd7e94a00

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64B

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    27b00b0d2db7a8557e340da08c1993ed

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    39f15b1a9ad62dd0177024fe62985c8ed0049cac

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    62587e449266393b0389fbdea62a3303c0dc412a5d939d21b02240a195c09b82

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    90f433478adfc15d2633ea718b0756aedae81c1c38a1ca6421014fec5ed48cea2afaf6b0963838d489777e292db511d1b7a8f8e61a6dbb0882f49a97687e48dc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64B

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    446dd1cf97eaba21cf14d03aebc79f27

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    36e4cc7367e0c7b40f4a8ace272941ea46373799

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a7de5177c68a64bd48b36d49e2853799f4ebcfa8e4761f7cc472f333dc5f65cf

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a6d754709f30b122112ae30e5ab22486393c5021d33da4d1304c061863d2e1e79e8aeb029cae61261bb77d0e7becd53a7b0106d6ea4368b4c302464e3d941cf7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8d460ce715a00afd56cda62e926b8b17

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3aa1ed2a3cd5e6e1a3240f222492c9e49c4eaf22

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    195c9d4857b9486e312f80264b31ef7e9ba014ececd7731397ee75ce8d8f38cb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1b9efe45bea12e59e552dcce73d597ad431aa274621d96e5a3d146e28cfb11d9f5af256f0bc986e8d4d043f6352b9410d01ddb048bd57445f544502eaf28d969

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\D3DCompiler_47.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.1MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    087279eade893faec709879438bccc6d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0088cc9771ae5f23cc7621ddca3135fd99653c6c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ccb98f793aef11e099570f5084e904972215c139a42e8848dbd50867983e8ff5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6d1c18eca71cf4c6a51f98a7ca302e3ddb3b8856f40b3d7dead831e1165866d4ca0a75bdba45e77fd8ced8a1e98a4fec59230a8ed15f2a4f06766a760b34f83b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    640KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c814f42adcecd2a07fc75c931f2a5a1b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9d8ad23740aa5ada61b51ef3c48c83b7dde29611

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8342214d279e19ca83662d7c90638ee6e1174fb675920de7d436f93c8bfbeb36

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    db9bc3d92eb1e8e4e24e86084ec00ab754c022ff359b74cf471555893e2a35cb4594073ffbe704471bd2d5ee337e2fc92d3546c53b5ec90b9bda306433d8e52f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    384KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5c4930a07be14cc8bbf7f82bf2f0944f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e72e8d26511885a9d22a25a2187d685b9672763c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e0ea50392f85f577b506e0f3f3cb7aa93566d7d3fd4a3471d2a6d6f4c740a730

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f9de4aa7726aaba69834d2b173ace16727aeee304bb61b9c0bb34d5e01c7cd7572b9a2eb57c4e99a20b54651ad73419893caa7f31688ba0bcfcdc3ace795d3fd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    256KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    58ca4044ffd8ee1cfef2990b928b2b22

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    aff8f64be7e57c9548393a0b145cacedbd277dcb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d7a1c014cecfa2bc6133508613fc0d04f94e2cedefd192d825e6ad708fc760e8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    62e8c38a1860fd8519bdfbf10e8ff9e7f2709fc1bf19d85ac6cc075aacc825e8d6f742d7cbfe922a0bce867eb502a546edf99cca44c49f3c97b4667c745385b6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    54c454311bc77335b649011d61290153

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    11ee3d045e12606e2677149f2785e20b1419e30e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c46d10ab02c6e7d026ca3963add7137545ca465607d921e88f453a02499d8abc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2ad9bd667f9bc20569dd1352ea37d88a0a07635b00567a259d6b70f0d477eadedb2a7c08446825f2c0d25870623768098e8bd2ac1d569a3532373966f6848337

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    695db590bef2bb8f8add7a0e62bbb3e8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e42066541fa573ad9dd08c025fdb464188cffa2a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d5f06e0fab78c6582249668626246e329c00ec3e983a4de6de9fe0ae1e633411

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0bd304d8fe24d8681457ef1d96e68b8d67a12e812e5a6c69d725f4d8973425e92bb98a48156351cfa9523792333d10605fb985539853aa850593f9894f80d487

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\chrome_100_percent.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    132KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e4cbb48c438622a4298c7bdd75cc04f6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6f756d31ef95fd745ba0e9c22aadb506f3a78471

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    24d92bbeb63d06b01010fe230c1e3a31e667a159be7e570a8efe68f83ed9ad40

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8d3ea1b5ca74c20a336eaa29630fd76ecd32f5a56bb66e8cef2bce0fa19024ea917562fd31365081f7027dde9c8464742b833d08c8f41fdddc5bd1a74b9bc766

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\d3dcompiler_47.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f06d92bdf0bebea2a088eb6b47026155

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7a83019937387779b5e80d84aaf8dedbf1180ec6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ef1a24b6630266c9fc2813682bc41eb93a43b682d6f9eacfa7ccc4334712568d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    73a8d1a839fb7408a63b77824c577f50a77ecc8bf69ba69ac0738e3c4b163c984a6ee8a9230d0e02eef9886328f1eecf2cd2d17fb8b986f13e14c750c0e8c5d0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    384713176a162115d30e9af7ee20a5c6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7efd2c9adb08fd4b893cad5613891f2e96e88351

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64dbe39b8bced2d4f2ddd727e914f17a385366cac4d4e63118915b2b093d90c9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2d25176ae9f9d35f82c713e2321e74fbe4e730437a0ae733adc49d85f41c6c47287617f497ea0b414716bd790079d1b4372bd07f51664222276879fcec15af5a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    83895a3e7dd43f358f9b8306fb293c8c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    364ef78f6a5dc23f095ae75df7b2df3e718cdb3b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8af30ca41873dd2efbf6140a8833f3929562fe5d591d877a7739b5756975740d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1fcab00ed4aff8a4c0c0f5c1c0cd72e1c383f009d07bcd4d12172949a61c130ed57adef06c223cbf5794e15ddba51a4d2676ccb585b3a4fbf13e1268376da14e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    320KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8f7bcc75ec5751e02112ada9160139ad

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2ee5fac403851ff0617d193bbc2726304ffb304f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    27e6adbc91ce79f6abcbc31dfd0e75a6af62b5892025e336124602fba6d8c83d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d6da35e0b9f34bcb25653f8e90b6e2c17599cd7f5903c7d936b7dc454fa2638bbdaac9eba4d25938754a7ab34971e3a2a673b3f569c9df6b0de79c874535a9ab

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.5MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    aa621872c3e83852650f3f8ff26ff508

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d124f2f600715677d46a4157917403b461843539

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f2823aac357a8969da45eefef227bb2276143e3379c45947f53eb019ebd4fba5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d73e50f393f677dc4adeaaee24c860a311bf7deda1bc0c046523b2573b75b67c9458812af61d78d2edad3ec1062a1730341f95f8e3d0d55a2185e0cc5901b413

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.6MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    585fc1a288345ba09b89ad3286edb2ab

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    af876fe9f1f7b98f7079f09c69bf7483cb0619c3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    eb360a2a04d45273035ca1abcfccad1184cefa32084c5be16927dd78e688cb4a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d068937d9f29865cbd0d796863ff126fa96983ce65ff53653e9c87fd6be2d5889d780ef31c674352e4634731cb512128105eae0791084ec68484485f093df1cc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\icudtl.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8553150fdb85642e1edce2d4cb1d8356

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b156ec2a1f9e1fc34ed3bd30963a1571280e1351

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c1f6f98d3b1179c2b11c4776a0277fdc0c6a01990e63d223d662fffb8389970b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b16e7bafe42b96f28a94b2aeab1f244655bcd7bf54d7e304b5f731d04545498b269cc4618eb59fcf6ee2a3a40c0c7cfd6f02bf662d90ce48c19372fdca2c29d7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\libGLESv2.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.5MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5e0e87276f60d29b02630189309af4d3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    42e98848fa7f554fdd91493749ad77da04834c61

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cf67a1df0d69a1ebacd85904a9aae51f81cfc383d5569b0563b2943d9bf14b60

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bfd22d8b4f0326113bbac4f105b7cadc4e5714d204fb592f10cb3782870a76d434dbb549c05788269f9c6a306f35b602d2dd0367b2b36a6d501ed2634971fba5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\libglesv2.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d330b9bda47faa60177b3e7719497760

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6b16aab28f12780b96e087bb7075867bd0bc3a36

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a64b0290e52ce8ea7082c6adf4268734a17d6eb4d37f0aac6e02dc6a2f075b26

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6c8ec6867694a1e6a091ff9862fff5f4943ba407431bcc443fbd48316fb67b23469aec85d08a609641ceb3ef4cede3201060a0a676547121e2a6e38bc4ad460d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\resources.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    59a245a242a75fa54e2a2dd673ec7113

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8f17e6e95e8dfc6c7f305a0237d029b377787270

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    287fa2f0217a256ec49fd1e7e5c9eb2ffea500d87f9c29036429e6017cf26140

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    53dacb01bb4dfa806547b0a7dccd2f2b50d4b979dd6f4bbb26cecc1348e2c59c3fd59c027f0b2290c14f089514339f1cc4973ead84e9fbef13416fcea8802469

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\resources\app.asar
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6d18ecfa8fd3e9a6dd7f9a4fbf7659f6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8eb5c83ac264849f5d7cd93762669dc07767a031

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8f8ae79dbfbad15f333b05a738edbcd5fa769768b7ce6cea4c8356074422b81f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    aecdf559a4b283152239e42946d892cc314af8dafe6be649e79431c6523864ddac0640423c1cb2dd46fc4161e79154bf4b2b0910262b802e91640fa75c6b0f2d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\vk_swiftshader.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f2d87c4ca93fc23184f3bda4d612148c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    82703aa591522ce5aaecce461ed92bb153df5d78

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    071b833db67adbfa8d9cbbd644949749cf0f0f889ad0d304d4401d2e8b2831c9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    76d060c8d2076ce7d206b9961fbeccef4d2d8a40b6dabd4d479a3032d8a5bb2396c45a432b044f07a9bac03e613b436d8ca4d196b90a69e7bc57722bee86c7d9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\vk_swiftshader.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c2c4872123d1fd2a5f2b768b41e85046

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1f2b4cde30ffa3b4d803090743d77d4bcf180dd5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    fcff80320d96be23ff5cad450aa992c09274edd7677f4ba62852a9e729fdb5ae

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b54355839ad3d9b2027d12eece487e3b355756ba1badd54edada47210340397a6e1014a458763006ceae7e5d44be5710b11f7c85ad9305f5d930b441a054ef08

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\2dNiu8JVoUWUZ7CbD8IhUkJqPNY\vk_swiftshader.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.9MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    413700033c7a02a0fb21eb0b57e3d87e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    77961132c3450418f6f8601e9210420602039cf0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2a711ae49eea54fd2d7e213af228ffaf57f5a76d8c8d9c225f4b055198f47bc8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9341b8395d4a689b215246171f05f5a0ef7c02b9d1716bd43ed5ed1b8047042f29be4f7a11145dae40afebcd1b28b27519dcaf113398c181082d3e4e6b45d92d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\35d1684d-162e-4628-b846-7b659e2443aa.tmp.node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    56192831a7f808874207ba593f464415

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e0c18c72a62692d856da1f8988b0bc9c8088d2aa

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6aa8763714aa5199a4065259af792292c2a7d6a2c381aa27007255421e5c9d8c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c82aa1ef569c232b4b4f98a3789f2390e5f7bf5cc7e73d199fe23a3f636817edfdc2fb49ce7f69169c028a9dd5ab9f63e8f64964bb22424fc08db71e85054a33

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\38d0761e-bf1e-4a5a-ba9c-f7448faaf333.tmp.node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    154KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cd377b1b62e707f788b1eb4fc7eb9033

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e0156d4b0ec82ae2a0c5bcecad9e51fd4e6ed384

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b3534aa759829810c18a4c8b9c85935c909f9aa38bd994239a09919365c7ce40

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1d7b14f7a589c9b06ff25f280e7b42ddfde9e27e7331e6c758a7d220f3c90b74099d1b9e5c253086263b4cf71145b56c3adf481a11fbf0a11f93ac750a2e1241

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_k30jy2rl.t3w.ps1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    60B

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d17fe0a3f47be24a6453e9ef58c94641

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6ab83620379fc69f80c0242105ddffd7d98d5d9d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\hN1s0RNrLiez_tezmp.ps1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    728B

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    257ff59a229219d85ab7d08694c97ae5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c92fd034c0645242415fa86e27c256a53877752f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    59d3a0043ec3fe46c74f1a0d38af6d38fa2b9493e4ec009b48b330cacfa639f3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d1a22d29318c8fb5748c24c268c69b40a2f8eb2e7d2ccf1ec9a8f9803311bcf2560e3b4a0a0de921b60c7a3f5b9c6a36e66874a76172430bc9e508c7ae9337f3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\LICENSE.electron.txt
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4d42118d35941e0f664dddbd83f633c5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2b21ec5f20fe961d15f2b58efb1368e66d202e5c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\LICENSES.chromium.html
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.4MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a4ebaf78f70efb70881fca236e6d8d44

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    50eacf644f14bb9e4669fcde0b5f4f2555d7c575

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9c769fea4dc6e76e427ed6d47e5d5a2c47720c9b1093bbb2c4d6a8558f75c0b4

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b03b81a8752e59e54cfe8faf0db388e893a01b06f1949ae2e6c64daef74e32abb4464cc69afbf9919113f913fb67a9df3636e274638f8febd9cc3247e6880ba3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\Launcher.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.5MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cf489bab05e593bc0964a3917f71cb0c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c687f41b4ff221a7df1a2f9345bbfa13368b9565

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b496f6c0b04fe003d38dbc9b8d6eaacccbeafcd72e7c28d7d1ec0fe46508da5b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    447d60e806b89d9d394341180b6684bc525b7e2505f21a6d14c1607b6597cb3123e746e5a7f04eccf8fb99754c6066c2bb0342ac5a9d819fa56ecb812b215ada

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\chrome_200_percent.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    191KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    99b95d59d6817b46e9572e3354c97317

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6809db4ca8e10edd316261a3490d5fc657372c12

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    55d873a9f3ac69bbf6eb6940443df8331ebd7aa57138681d615f3b89902447e7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3071cfeb74d5058c4b7c01bfe3c6717d9bb426f3354c4d8a35bd3e16e15cde2f2c48238cb6382b0703b1cc257d87fcecfb84fbf4f597f58e64463ceede4366dd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\d3dcompiler_47.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.5MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    91c1432a80d76760cf53003be7886d8a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    515a3658513f21f5127e89acd310e9199637d178

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0b36f5aca2d6b1ab954157f458ad1a201b23ef186299939ac92e423f74d56d40

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6abdbef94a4ca646af3c056f3d7b91938e3d6a1dcb61462b5ffe38787b94c2703b4cc1a0de7e37331b3bfd6e1f930d5b1c438ad5fb54a4c8352f96acff32b537

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\ffmpeg.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    692de9e8e4cf888d542af20bbb75bdc3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d307fc0ed58e9415e1a1a51d6c79e3f686791158

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a1ab125548e23fa062815d245592d2a15ebfb8bb4ee8c9b637ab9d2b128ede43

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f0db1d9c5cb7fa8572337ffb96820a1786b208412d435e64ae3ee47890c5fa9c7cda4db97095b03c6b9160a66a4a97ee05d007ea8111c85ba8a4b064cbd445d1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\icudtl.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6.0MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c6ef728c31ca96ffefa5849e34167509

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5f107d6790ba54445e48e8211e3d0ac3a4d1914e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    06a65cb8ffa731a6c87420a87fa29981c6b7b5aeb1ce0337e2f6cbd95d79c8f9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ee8d36270663ab09fb03ef1ef78ce1d35c4b7aa4a5c678d4a91a745a1a4e79c1f32ef506ad96cadc065cb45c8310433f8e11fbb621518ac57cf8ece3f7838aac

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\libEGL.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    469KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6c5b0b0db75e8c47ab56becc18711074

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    496fbf7623a6c81b5c7ffa9b24b73281261653ee

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f37e1330f5213a7171d8d227300b431dee8ba4f5809c86dd88240ce440724d0a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cd5689cd1f72ef0e7f92515217290179885ae9a47186351347cb93354c028eba1c543920cf51c0f83ae16543c1dffd7f7cfae05d6883c1bf40924af08fed89ed

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\libGLESv2.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3.7MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1070e602878a0198dd0c9b07afd247ce

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0d12188158eacf1bafab1c92472de2d1d4bf7043

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ac1bf7b5204c21fd94c578b7ea9f7eaf6e6ac54f965c58f35433369406ab381c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5f657be0e60c9dd0343f0707696e366abf2eed1ffaf3ebcd08228eac8799ef945ed6c6fbf1afd8db0df8cd32cdb72258b791d5066d2bf0203e5306f83a2c97fa

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\af.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    425KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d16ef573959cf5cf0a6eea20136b9c0b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e3384ae3ee92e1dae47a48e45589372e940aab33

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    73a8401e6dc17c4daf86b42c65b81359348f7e6b4d62d8637138e747bb3ff0ae

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    064c2912f766f10ec042adf82709ac9582cb8430e3550690fc17343c380dcbabadc0084e08aa5f3eb6faf79a652d26e1fe2606625a180b7f47808df07a566933

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\am.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    693KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    39a396fce4d93f744b3c786d62d2686c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7ec8176e652b666b6ab9fffb6cb9b7dcfdd1a2a2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0b1d326be9dabcda8e37740017383f2d8f1bec7a8fdb1f11ebe538c3632453fd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    798063b51f745fc2c9e7f852f72ce55939ed41305d070d1844c790755f7ab42a6830406ba2485237d37a0c46b804512e7dc37c65b7f03249c28741a4f706017a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ar.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    758KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    14b15761cb9d4e1956812df8b42c2aea

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7c25580d892711b9eff1a3ace4e6699ea64e0706

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c8d405127b032587e6ae6426a35cb766139bae26170ca08d811354486ab667f8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ec9a6e6e715c817726ad744fadca4d1af3015d95421774ccfe54d616225b7a17e862e086fe0aebb3a903d2ebfb27779cffcd713d3042ecdf9761c24c5a56cdcf

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\bg.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    788KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    01dfb1a7815613fa0a5411235f45b27b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3bf1ea5597ac77b26bd30caa1efea7cb4f7a1b19

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    13d08d2c4972cd18bb8ea8a57587dad29684c2336f73282dd3284b0649377cf8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5d8a65e5a17aa163fb679e003e1837ea96e515b105c9977029a5ca4854845289de5d65c0edfd473cb74410c5cacdb5b360f25a69776705fb05f48688d92680da

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\bn.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    384KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    aaf93bc85b26413ab8f7cd61c049951e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bb42273603f626d39c4d544e3d8df9c5a3c5533d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4c9d3e29d351d1509f61d4d2cc6d8a25d6d216d6b39d312fd71dec6f35b3ea45

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    dff4ddb72f2529c4e8f17e61ab0a28dfd3cca5e3acd6330b8d5df2185d619eb16c84292151c49c457230dabcd72a320023c1858c13c47b9bf12db70f2dbefd5f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ca.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    384KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    509ec012b06b91628b5b2cc7553c18d1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9af60071acd0d6dbe88fe5159e63787b7de4632e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8bddc10007648cbcc133700ed535acbcc69b0d152a8f50c38be62b535e22e09a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5fc7126881735e59c5a467a5977c776e5f83331addea2470d50327b2c01a42f1d2bdb79cb1a0881c474bbcb6f22fa42f8207b55b4ea7b21e53d4b204cdfa3760

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\cs.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    384KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    256b708c7a049772e0a5032d3005b431

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a367b3002656597c1a37115ebab75f06ffdbc8e3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bfca60018235cb02d32d245cfeef26001e5591624d1d2d564dea2f42566f1f9c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f9434d1e5ff2ca0fc1f0ce6116f89251f38ccabe67e158a72c9239bda8b0c6603ad646f583b2bb40ae6adf95a8fc3c8426a5805f7c0b93402fbf88e4844cfc5b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\da.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    128KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a8f39de69ffb44be422247c60cb991f5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cb8bca398ca5af66e9d9a3626e792e283c621a2e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f0fc09e6558c137b252362be2ec64c89e827ea388aa3b25b3b3001c60378af1e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8df19b1ce07066ea8860663e19b2076d97fc63dac9953097f963e6d5a9632e63a95774f9916135fac422d2b3688f48eb189bbbebe66aa3b5f6200b62b5b3bdd2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\de.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    477KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7ccdc41a3dbdf89058d71629225664ae

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e15c35b18685d9573349ff4247733b5f5ada8717

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    163ea4c2cf67edd0526a8e18d3810872e92a1d4e17b5cf4f04107fda5967b0c9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    13b20b0db02a0a7480c56c79304ef594353507e1a30da0130b73aa8e9ec7636f306315a6f40729b10dc725f936642d2e2b282ed3040a079a6f25a7f9f7f1ae28

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\el.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    865KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2b391b2b35f7e096f696faf5dc093366

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1409134a46fcb84457a0e332edde98f7666246bd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f1fe39af50f4bfe9edcea3af6c132e87d464d7277fb491ed95d7189b3157d20d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    aa640ca41dc9d4f60392b61bbead215345abd32369b0de90ed1d7ca2ff7a838d04689d538789a1adc0324fe4539c34db26b6c245155e51fb0308af13b60bfdae

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\en-GB.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    389KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    745918a5a74c7b6f4818a8bb8813f456

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    031f50286d003844425ddac557e13e2ea4554bc2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    91bdbf5f1f6bcbcaf16e47865f72ec97d72c74174fb929f089d14c00989f91f4

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5a1eb0231352705bab527ab27543612d75cb00c522620828ce2a0fdb0b47be9daa2dd7a192f8b4bf299007c5af1d9515f900b9586ba44dd2bd9f4cd4436aa681

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\en-US.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    391KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c9c2abcb04e1ad5f1a20244da8d595a8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    89ca81da21900074a5ccdcdc852768277b2b620b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0364c73f320e441b03cb2afcaaca3ffbfac51a3559dcd0ff99a1accf82c7f762

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    96bbf21174f56a111a2fc6ec024ab2f143945306797e77d773367a7fad42b7828ebb7b08d0dab76858d9fa340bf3205be403bc53df9e5e4e390058c94a751ffd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\es-419.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    473KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c8f488b85c17431360e531aa507be979

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bea5d66bdcc05869a0389e051a9217fd49e48fcd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    536339d99dee6e8c01f018d4700ddd92ce063f765766a48073aeb256669680c1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1d7f9f84a8d7c055bf705c71efaea817f1b9dedd5ba314fec6ce5324f578d3130b5541bb52fa55db9f6e46efa8e152d50199a61c7e2466844a4414df65d61c22

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\es.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    473KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    29cbdcc2168f1bb29532122c39e67a1a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f086c79d60daf2b0a7df91916387efa461795dcb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    232f41ab5996c917687276e82c177de208b36e77aa834bb5d94d6a331f4180fe

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b603edf2a18f5893ab482b0c34e4126f824fbdd1b669927d7bc30d68e2e5bdf78d7d4b2aabdbe257987e8e19f440d9396a3683340b94c3fd844c70e34e93d8a8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\et.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    428KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5b169234895d929930140b4869a0b81a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f58ba50d1e19ce191a0f8117f3e70f7f3dcb7362

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c465da80b14981bdbc687b7c37bf70d2bd4b8e03293c04ae5410f84c91ef980e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c4297e272b5c04a0ee0956b873d5246591bee98c3b340e72202f3448381c691096a5bc540fdbcf61fb40d6a69270afa7198c1f0ccf3b2e84cabc906e23eb022c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\fa.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    703KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f7da0d07b54698bf8a213d0ccf1942c0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d64fff18274ebe71a4aaa4754f9bb99d616fa000

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    33bdd6eb52f648d475306f35b6103500b864672cbf39cc0fbd8c4ac84c997dec

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ce7a7b3df4c814a26e3fd9fddafc01ac1a4b2a87ef2d2893db5d0edf8e5b8bfe34afb6e91ff94306248361d57c6b3bd63d116635fb756aab74c4aed38f31c88f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\fi.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    438KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1cbfa553a5b1de642ea4c248dfe1edba

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5de05b3c11fdd59ff5064a153a6dcbda33350971

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8f3e8ec0fbb471b45db65a77dc1013e3363f387d3d0c6a458c90f371907d0085

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ea3b99be7da893be8c3b228d1d3d7b644a1f5425b5380dc3e0ae0ba1bd29cf39dabe73819bcc4fa67f10a488f018e9fa2328995cb78f40ae8fdb66aa514188aa

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\fil.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    128KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    046ce358ebf63d3fd98f928e0f4cd714

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3efbd468f891b2aa03757f52f21877cb90572a0e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    341fea9650ec8c2ebf48d9c0c721a0ac4949df7ed7445396b8d58fde51d7148b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    755cb5285a034168257c74b8266cb26b1f9953537ed2a60024c4f7c02adce7400a61c21d248f6341f9c52c607df1a29a903b04953c85da2fc670cd6c1f9dc5bb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\fr.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    513KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a1de4ad3d9b7aa8f122ba00cb983e49c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    323d6e1b4ed75f9406bb8488d7ffc7e12fa96886

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a69f52162f6081a06f835ede10818218df6e211f00d0ef24561e6221f4696e61

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    542f0818ea4517fdea929f3d4938f7de75e2a5e6d872607e548f87de7e9cd0737fab3f5e82ab7895f44e809279d81c490999ed055acbddafe84f85e60ce2e23b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\gu.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    996KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    02bfa1114fd5b75261c24d6c0e6441f7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d48b80339405cb8c8ec7a19b688e8d544938c4c7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bbb17268412fb3e13584ca4dc90a94f984177d3c97ee89af2a57324709f8ed1d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    751b91d381c882a5dc0c0ee6313cf3e7ef51b4d369330a169cf9625de99e6019233109e815fc474fae44d79235940ba2ce68af7033f4c4c994e2774bbd8105be

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\he.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    616KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9fccb330d8b07ca54661407cf737d847

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2c6f52801b66aac7d08acb60d9736f9149e48ae5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bb06d364a91b8641724254822b2eec5d0675e262a4cbf93b92494f601807dbef

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0cbf36643cc7b1d85dc7cb7825bc816a8538d0cc50b137dd27d5a9703324ae7ff271d38dc0cd6e4a99c6b391070690b90eb8ddb1cc511bc8d84d49a32d36c34c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\hi.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    42KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    eef17168b43595a282445a1f5b1c4792

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6113718005c58a2d7316c5a62743ceada929bfef

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9faa20cd4cc83f43d4df33f756cf3f9b294c891c7fec714db645e4a005cffeec

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    efed78e2ece26d811777d7d5a73acbb222ac9c283a50254f647934adccf63aa8081f013008abc8678548de89a05e7779f384646e393aa5ba7c0deae436dd2730

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\hr.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    477KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ef62a50cc098afcf3fab69c7502219e9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    db474cf332c90de660fc575ef897d5389b65784c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    07effa557c8bc822626c05a4d299296f88d3da0654248c326d796f7c2de3ec64

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7ae6f40c7bf404532df0bc2ffa449e0d99debc2b9816450ed0d015b1634dd96cd5650ab6af5a6d44d52d0e3c9c81836ee350210c4f8a13be6cc0cb796a630350

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\hu.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    513KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    51b14b96d1b9fa99ed849347a8954133

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5259b749576a9612e429a665dfc8bf47651c39ea

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    70d4a0724a2e0e80ec047e7683eec7715c0fb5f88795cc97a63e4c2ee2237800

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b68d4bc792f29df210602a557d0b3333a95e30cd03a0a4cb5f537c9c51da9937119391f2a359c03fb874c1f540c23f44bef121e45f048f32b1db06d67a0bad1b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\id.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    421KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b5e08406059d1a76566e9a5d4c9b15a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6bf45f2647e959ec1b545763180e8f29961ab3e1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    60409d8b785dd057e3495190b18e6d6d235d8313555341cba5f64327e3d8c3aa

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6c4150c064edf6ed0b83b216ce62134bbab12137e6b45749dad08d1d1734b3365309414900615137c6acdd12250add5c69a222daa7984a94ee850aaa55af1b8f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\it.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    14KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b682ab4e39192e7438098c7c8cc9cb0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    048c44ba4a3a707931e38e7fdfbef1471b19863e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    600117e160542bfd2f09dd1c5b65f84880ecb6f2ff966c7e021c7e3d1d25a1d4

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    11526ae86c7423be02943e814dc59a232059411137a083ca35d1d0dfddf9bb9c907ba4357127647d1909018bb4c8b2e92dc40e074642fbbe7cf2c2b19da69f2e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ja.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    570KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    74e2430cf18db7ecae2a9b1feeb049b5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    362a5f3e4d8a79b9d0b041d62a8a5233e20fb208

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1a726c500b5b3efdbc7b9e6626765dcb8957005f9c072c09d1f517587d6b673a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    324d0ba770c09cccac4c59e0e0605846a4e18f32cc79f14fbd4e5b0172f439ef8dee538f686458b3a07e5e8b4528ef67aa5d339ae25f7c601c9a302caa7970f9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\kn.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.1MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    56c5f63f439cc962b815bbc4f3f12c32

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c96248cafd869fef11bc37aefb1382d0f60a7855

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    14b332541c2cce0835202372f8cc822aef30b3575b651c96219a88b8d1381648

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9210759d8e73266381fbf04280aad0bc5006f315ce3fca74fe304b3261af0ba399210f0b84620230d6aa0c667e60c0a6d9e67681fdfac401338e9331475bb7f6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ko.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    481KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a9b446bb79b0e5d0b4af4f7243b1f3e2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    fcf962506b32b34a6315ed61acdece33df3dbf23

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    507fc8d2a468456f2842b65a111fc0c74fe1f56d5f5ac0d6e743aef186b43b2f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e7f281206bd481427a75b581f8b2a435eb8a29bd8b5586a8db78605b1c1bbc20dc1f4b2ff92d04c62fb509dc6e1e062d1d584c195e386c5c2ffda0f764276aa6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\lt.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    519KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    49201fae17b715a15fa03c4d89dd2176

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7c559c174850de48c4a2837fe32c58f74d8150b3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4a80792cb9a401ebfa7ec3212182b5024d651ca6a5ead8fc9809d0d3ad4803cd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3016f721d77206e13e275e7eea1adc95d403feaccf595eacf933940485031e9aac0c29b6f47a9ff5f73b08c354b7b82c72193c83e1ff09d84cb5b9b72b708166

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\lv.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    516KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    335158efe454819a0dc8de0edb0f0e90

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    85871f85f626db1fc597ef24c79c84115a66c17e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    113073cf60ae3d2bcf8a61df655762e34ba28e4b35b97de33c18e13f959d76ff

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f81733bca3fa65c789630b55c4f414a8541e71c4e1aba56bdb9d231ce189677b3bff4dc57c92fbe1cbc88f1f2f7fbf1a7e4319a8918c50409fcba958d743ccbc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ml.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.2MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1030c08ffbbe7366ce5b7d55bc8ecc0f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b45b53c1e47a0051560c607874357130c499563d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e1f97ce3011d9231f23fe033bdbb0905c173921b18402d362bfc35224ff67db7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b9127a0eec02f75f79c66f5f7845b65c4ebe2e6a33989c7686815ffe0651be47d42f55c2f32a67a221495a8bebf043d853df7b244a68f89390044210e52dd3d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ms.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    442KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3d0dc94a638f98d9bf3c0f60f89a0c95

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a979b04c65832d908305fb0406cb0653271ad744

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a9f9ae23a3bc2ac919c5b46d16b7e1f3bff73698d2626260196210e101d119c2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6d687f1eb9a7fda3791295487063393b8f0a7409b55461b185aaf106c596229de6988114230625d6504b869d25d7a624bc3b90d66a0bdf561cb05a57d5b87c15

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\nb.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    431KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9c18dfa9e69c1d7810132800d084136c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    bbaa9576e1b012df33d79a5dc7776c00e67295e4

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4f3babcbec0d138654ec59fd8ab5fd58da2273237a587928b9687928c7ca10ff

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a82b1e340a25a3858906ded73624bd0be4b3ccd1f5728560480b4a4e3a78529f5a178d20cf7d95fd55ded7ca4fa95a5fff87d89f0520ea08b54e7b99c9057d6b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\nl.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    444KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5cde06a63c9dc07fdbb0fdc94e403d00

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    11be56054908f1f9cd56ab77692fe3717ee91ee8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b9ed5ed0dd07d8fa67412a046ab085137542c156876dbfe6f83376571af91a3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2716496dcbf76cc2dece938103813a8dbc17d4c795b4e3459a572de4f62f9ac0e1788de3a21f5fb287ad364decbd541a5e3bddd406e130d2a9c72118ccee5390

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\pl.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    497KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b44fcf9fdc4ec7bb5e72cae30aa15c01

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    daaae4aa7987bcce299995feea5c54f2d77b61d4

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7f1a8392fe3aff4e6bb4bacbc1f4b395f08ecafda9f81e36b41b77fb4ab0bc76

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    52b46d7affac4949fa19841d26d2f4bf877e36cbda4b75f3ff289a7abe9a80c2a014b1ae23d3079f4d31ed5fa76c320103733284a2c13d99a451810407325674

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\pt-BR.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    468KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    de8ff9456ba9ea999d0d1bc9b831e7ce

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1d67c6dd97fcf221c71137cc8b1946368807aba8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b32fe8f602ec9800d59806e097e369fd065d8fbf473da40fd29289493489930c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5a3a48ddad801382ec9065c6160698dd746aae810374c2b772d521a1764e7e0fd2c28c5dd1cdccb50834d699ee19441713fe10a91dddead46ba0cff3edbd6984

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\pt-PT.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    469KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    002d5b37e68a0725dd7d89fe3fc7ec48

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    545de8047d3f89150516b95031965adc8f17df68

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1fadff356a7e89a8ff2af3ddf84f70fd0ce69525c7787f8adae10beed9d76d4e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    abad6cbb30a958bb84a521a66636af4221a9f63774122d3ac3b552503930ad83d343ec4c8109c8031cab17c546ef7549aa0f87746e39a80f6758fad28ecee129

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ro.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    486KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7056fc61de4a16c7f4f5bf44d2e87f8a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    99d16dcb3b1aefc472601439f630e1244b1aa277

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b7ba9435d82f6bedd7005b6e868ee86f0bb6c4d7b312fe5f5d4afbd440ad5b85

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    529152da39f7ade6713206fa9f767b35b9bf03816387579522eea78ac7d0e150bad557fcdbef51e76d52e39f61a0b4e54ff6a3b592eb7e34fafdb98afe460f7c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ru.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    797KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    91379a583d22fa9343ed466c261366ff

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    61e8c39235945c4f38807b14ac74da7d3257759a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0d4d0b8052519848abd182c44dfbf444a77a0c6994965c4a3001f0a3a4d1459e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    dde26b59a1e5f94d5b245f47399d7a9d3db8d247037331a471c39b1d7e79e236c5a0732fea4c53b843d8eaff1f54ca155a816a193b7baa870fc458a5aadf76be

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\sk.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    502KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    78bc785a75ee512391a9cb462a771c09

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    229d39e017174dc0a8cefcfcc72b0feca94d6208

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ec15c82956ebddb7b246c78045ad414ed34ca97d890a915070e252c8715096b0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    96556f6072e69351e1bbce06bbf896b1ad53060c7cbaf7928eebbe0f610f5e8778b2b8b97a5a268b7942a1c8d1adc6bea0403383a2a5bb99049437e95d575ea0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\sl.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    483KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e76e473c419c25768b08a95a2822918f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0fa7e2fcabb03a8788f50f1d4b4eb383c833e9ba

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    fcd27a9f5cb4b4be373da7076a8232006ebe020999fdf90d20745f16cd7ef223

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e39ae0acbb7d148d6ade676d92e83fa9fb433230bae4339c31693a538198bf0679adef51883b96f8dfbcc8593a982544c64a2b265897f35a693183b27070ea5b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\sr.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    745KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    48abf758a49e2e8aab013f2bf56091c0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ca909bc28b03bf959ac32e218a318289e0badbf0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b4cf2d19b5e443b57ca9d1189880458a7cacfe1c8b231265557a3fb58f597617

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    22d65df1cd35a8127296420a699f26edf55813fd6a970050dc9b2b051aaf7da2cf2fe6314a94977587021c02aa7d8b42541e1d08d5940fb7e1af127e87268c68

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\sv.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    433KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    06c878c1538813e5938d087770058b44

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c8ab9b516b8470bdee86483151ae76368646bffc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    90dc45426bc1302aa05261f136881ddf038272e9ac315297aa8e5dae2b31109b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6ddf615bcf0a8c62221233687bae1eeda5cfd749aa8acc179d6650987289201b405edd453fc181a1d250eba9bbdf61ea28fb7c694539fae3d320bfdea56665cc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\sw.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    456KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    55241312a3aaba14a6b19a9012ca25b8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    69fadf0817faec3bc6b018f0af5f63378ade0939

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    722c86bd857a93ae06ca0b7cfe2cc04237a7ed5a52586cab7246336c802abe37

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    612f815c25e9f593d1f1c4de8e9016dce048cfe90f21319c4cdbb5772580cb8c71229e9ddba60852cd0bec80a07a783ace24f873d90dc3323e5fdcc44905f2c7

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ta.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.2MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2c0a9cc4a7c775ff13a6888234265cab

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    497bde42737667fc833bbb9d8a9edaf014d99957

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1dd55659ef21082b9d58bed50f387c0e1fc0f28d0ede52251b9ada25ed2a657f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b862221cf17d3f2ca0495a8a3e1f630ab915fd9b2a46ac16c71deffee9a6f71264a8550233781474d60cc6001a48c7c658c77d4e0dbd5b543e768928119d2f0f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\te.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.1MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5f9b7a945638b88e75a3175a7923119d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6af614f2cbd72da2224f48a203a6430a623fc7ed

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b476d2ce7c72c3a10170808020dc3f1a87309f9f725b08217c4716b28d10888

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3b66c9152ec032d6f2372ae5075cbfe7d0fb398c4bf173a7f8c76d91d9eaa816e6f839b90884533b46a9224e9fb52c4d439b3d1907885b8e9f80c5c55a852b65

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\th.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    918KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    84ad3f888c0ec307bb7b8c278cd36757

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    948a5f8b43d059280d5374ca6d66e8dfc6a76d49

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    56665860fe6577fbe00543a47a15e10eceae83458815f2989d179e42af07f81b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7001c0607df927145e40a605e2b97914d02712d11e09ca20339cb1aefb042a1f853fd06e78b76f6dc6f19b6df837bca12946a3470c6c064ca767af1db57042e5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\tr.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    465KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0aedf5c2f6f4f49074a2adea454df4c9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a48d9d8461e61170257897766dbd6906e754a0c3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3f4658b3811b36f5cad794e48e6507335abfe78b0bfa0c80d1ef9c5d7bb410d0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e359e446330fc154c16e34a7335174f372bce701faf85de8a5f4b432ce3e10c69f42c93b7182deac89bb4d29750d0dd525b6dcd74a5b7bd724f544d14ba44a79

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\uk.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    798KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64aa9344abd9a32f10d6c05a58eda4eb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3286ee43f36e2232677b4573e8b4a3303c7df048

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ca20af5982ae706f5029467901d7d66f90b261f03c7d240d0d1ab2fca2b50a7b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    dd768b314da50b8ba5a006a4e56d70044c1af79960834722894d930f5347194ae7f9f5697bc4cd0790a79341635cb1df8c74ff45f74d1736049161af5b163efb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\ur.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    696KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    88eef2798dee8a361c3ea9bafaa02a35

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6f8d4ce422336ca5048ef35d6ece360a9b416d8a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    91318006c880e427417a2b2fff81fd451769a5536fa16d1dc185972137bc2d6a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    db36b58186f165ff3f746ac483f75b6fed596fad9b3f335e86b374b359e563407acf58ac7cded9420e4fcb91f31eebc8a91c7777ea59bafced8cff2f1c0e9a53

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\vi.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    551KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4c5c09cb7e6eb120c8019fe94e1ac716

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f018e7f095605e21db24944b828cc3580cba863f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e7319ca18eba379772954132493bbabb448d4e97d755b85360ed337216b48800

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d171ee83cf02a8904290a74df1224556887e41333b8a01fbd95f0cacc88d230195fbfb6f99f9e02573d4864b3c95b570a77c2a0b1e19324d2599925e40684807

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\zh-CN.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    398KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    07b6c43d87dbf93ac8abe6837f3c2103

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    79e033179b445609b3f1756c3f4184d5efacf1c2

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7f85b35938fadca91bfd8f92ca53613718e375ef010c340947dd27a4ff66594c

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    38ef8f8a8a950b11c18eb7a40da721b888ef792a49e1371dc8c1eb22058a6791f95bf9b25df4ba190a7aa6cb62ce38b0bfaea83c71b62cde6980d12cf9da53f9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\locales\zh-TW.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    394KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    960e99a171c4ed4b6d787027ba88774d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e3869aff0c52841c9df718133e7c4be2977de7fb

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    e42640f5309add2ea7fd5a4db503b93e479ef14807710a06d7e53a0f261da8e6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4e51d787aff8f425d101882bd70e71b88b253f2ca61ed54dd7ff77c7e3a1d6570b270f4eb91f2d03869ea4537d09e141f3e32ea3a27537295ec698bf26305cbf

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\resources.pak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.2MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3e646aa0b4ca5f86430e9475fd278970

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d06f0db7d5a9a56d0fa0da850f67d2da90744650

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b603a6d510b785f25e30df894463dcf3e489804817f750bb39114e119a01341d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9824c7b3a5e07da31c9a1ff05e05d87c881ed510c5fa18a417a220f2c2b7d2e7695d3985ed89de8a639a9a0399ab66b166d4defff52f54b6662088a45bbe1ad1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\resources\app.asar
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7fb95c827dcc711f4f99ad1691b6b72e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f79a1c5046ecb9804ac19db18a9b48f527db8bcc

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    288840a05bb9d0a7fdc9bd32596197f1921e944b7177a209dd85ad6305d84a9d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f631a3923cf6328c5989b4ab4729e3c7102e8953fdd7a1ceb62e8915423080550c9411f46678c23577e6265d043a6cce42b530b324b42e938b2aa0a2bf53b0c0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\resources\elevate.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    105KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    792b92c8ad13c46f27c7ced0810694df

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d8d449b92de20a57df722df46435ba4553ecc802

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\snapshot_blob.bin
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    262KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    40a3c2200e4126e8c47a7802532c9236

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    212a4686dea5a467b7b6fa54397e42122b235f1e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    94aa518fc892ee9a0f1eb5fe35b60123ee61a5f848864b00519b96d8d5d9786d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    fa1a943822abe3737587d520654078117cae86c58fefe6dd6a09f4a08c09293e9547a0ad79c52f8638dfbb1c496df3d0e828ce414176c8fbb77113be41212866

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\v8_context_snapshot.bin
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    581KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    264e3b574e4f86b1fc47b2427402e779

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4a4f9e7c3da262713e4cf7af6ac51822c56b5ef3

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ed559c6e81b6003b2057e5c1b0bdb5b28ca094b895ca86c69fe11c5c9e014f06

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    144365d0fb83576aaa02ea6ecea51d7ba2cacb044eea568a08f65b98a83d3e7d7e693738e065e22f94bfd1165d0ea93a749dd1325d829257a9bb6607a9a927db

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\vk_swiftshader.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3.9MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    d2dea26a54d210c263a0ba332dfcfac9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b7fc6111931f379bea346441833a64b96a36b8ba

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9659be7368a20e2b8e6dbed2c0bf43f2b52242e8942d1bda4e4ec548e300fbf6

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a11f153513ca5b185ebd03f056eee4f335fda54616da4d5663c2ef96470378fcdba4f3ad4dc71a2b90a0dfdd0a3317b488291e21c18a013a62c643e8607ba4a9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\vk_swiftshader_icd.json
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    106B

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8642dd3a87e2de6e991fae08458e302b

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9c06735c31cec00600fd763a92f8112d085bd12a

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\7z-out\vulkan-1.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    917KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    a820f574b55fc3dd5a7a5fae89e90bf9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c0c81463a64b3f98a6a3c8810f4dbb42ae284f9f

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    52ba3ca2a03fd547e0ca45d8338265f4c5898a7c0e941dc90c80e9e5e9fbcebf

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4f0f65141a8941f66c452389d75dc719a27ea213502abe05353d4d8dc1a494ae67ea38af19bef4dc4ae6c97427043c175d98af8b0247a8fc2337a9492c75ddcd

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\StdUtils.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    100KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c6a6e03f77c313b267498515488c5740

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3d49fc2784b9450962ed6b82b46e9c3c957d7c15

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\System.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0d7ad4f45dc6f5aa87f606d0331c6901

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    48df0911f0484cbe2a8cdd5362140b63c41ee457

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsy82CD.tmp\nsis7z.dll
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    424KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    80e44ce4895304c6a3a831310fbf8cd0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    36bd49ae21c460be5753a904b4501f1abca53508

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/472-603-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/472-605-0x000001BBF48A0000-0x000001BBF48B0000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/472-609-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/472-606-0x000001BBF48A0000-0x000001BBF48B0000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/4540-584-0x000002ADEDBD0000-0x000002ADEDBF2000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    136KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/4540-585-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/4540-586-0x000002ADD5480000-0x000002ADD5490000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/4540-587-0x000002ADD5480000-0x000002ADD5490000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/4540-591-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-855-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-853-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-846-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-852-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-847-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-858-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-857-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-856-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-854-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/8784-848-0x000001DE17AA0000-0x000001DE17AA1000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/9588-818-0x0000026363ED0000-0x0000026363EE0000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/9588-831-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/9588-827-0x0000026363ED0000-0x0000026363EE0000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/9588-825-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10216-839-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10216-764-0x000001532FC70000-0x000001532FC80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10216-802-0x000001532FC70000-0x000001532FC80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10216-748-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10400-838-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10400-826-0x000002853D520000-0x000002853D530000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10400-808-0x000002853D520000-0x000002853D530000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10400-767-0x000002853D520000-0x000002853D530000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • memory/10400-754-0x00007FFC1F090000-0x00007FFC1FB51000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    10.8MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Download