Overview

overview

7

Static

static

1

URLScan

urlscan

1

https://wearedevs.ne...

windows10-2004-x64

7

Analysis

  • max time kernel
    112s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 12:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    https://wearedevs.net/d/Fluxus

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 3 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 44 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
  • Suspicious use of AdjustPrivilegeToken 7 IoCs
  • Suspicious use of FindShellTrayWindow 35 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://wearedevs.net/d/Fluxus
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4280
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcdd9c46f8,0x7ffcdd9c4708,0x7ffcdd9c4718
      2⤵
        PID:3392
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
        2⤵
          PID:624
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4084
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
          2⤵
            PID:5840
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
            2⤵
              PID:4124
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
              2⤵
                PID:4612
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
                2⤵
                  PID:60
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
                  2⤵
                    PID:4908
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                    2⤵
                      PID:2932
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
                      2⤵
                        PID:1448
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8
                        2⤵
                          PID:904
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:4516
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                          2⤵
                            PID:3552
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6152 /prefetch:8
                            2⤵
                              PID:3844
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
                              2⤵
                                PID:784
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:4616
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
                                2⤵
                                  PID:3560
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1
                                  2⤵
                                    PID:4064
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1796 /prefetch:1
                                    2⤵
                                      PID:5420
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,18281122988453266431,759496662863343720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2052 /prefetch:1
                                      2⤵
                                        PID:1936
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:5108
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2528
                                        • C:\Windows\System32\rundll32.exe
                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                          1⤵
                                            PID:5580
                                          • C:\Program Files\7-Zip\7zG.exe
                                            "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Fluxus\" -ad -an -ai#7zMap9836:74:7zEvent20477
                                            1⤵
                                            • Suspicious use of AdjustPrivilegeToken
                                            • Suspicious use of FindShellTrayWindow
                                            PID:904
                                          • C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe
                                            "C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe"
                                            1⤵
                                            • Executes dropped EXE
                                            • Suspicious behavior: EnumeratesProcesses
                                            • Suspicious use of AdjustPrivilegeToken
                                            PID:4784
                                            • C:\Windows\SysWOW64\WerFault.exe
                                              C:\Windows\SysWOW64\WerFault.exe -u -p 4784 -s 3732
                                              2⤵
                                              • Program crash
                                              PID:1712
                                          • C:\Windows\SysWOW64\WerFault.exe
                                            C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4784 -ip 4784
                                            1⤵
                                              PID:3840
                                            • C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe
                                              "C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe"
                                              1⤵
                                              • Executes dropped EXE
                                              • Suspicious behavior: EnumeratesProcesses
                                              • Suspicious use of AdjustPrivilegeToken
                                              PID:1096
                                            • C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe
                                              "C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe"
                                              1⤵
                                              • Executes dropped EXE
                                              • Modifies registry class
                                              • Suspicious behavior: EnumeratesProcesses
                                              • Suspicious use of AdjustPrivilegeToken
                                              • Suspicious use of FindShellTrayWindow
                                              • Suspicious use of SetWindowsHookEx
                                              PID:5108
                                              • C:\Windows\SysWOW64\WerFault.exe
                                                C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 3852
                                                2⤵
                                                • Program crash
                                                PID:2500
                                              • C:\Windows\SysWOW64\WerFault.exe
                                                C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 3852
                                                2⤵
                                                • Program crash
                                                PID:5284
                                            • C:\Windows\SysWOW64\WerFault.exe
                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 5108 -ip 5108
                                              1⤵
                                                PID:3228
                                              • C:\Windows\SysWOW64\WerFault.exe
                                                C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 5108 -ip 5108
                                                1⤵
                                                  PID:2548

                                                Network

                                                      MITRE ATT&CK Enterprise v15

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                        Filesize

                                                        152B

                                                        MD5

                                                        f35bb0615bb9816f562b83304e456294

                                                        SHA1

                                                        1049e2bd3e1bbb4cea572467d7c4a96648659cb4

                                                        SHA256

                                                        05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71

                                                        SHA512

                                                        db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                        Filesize

                                                        152B

                                                        MD5

                                                        1eb86108cb8f5a956fdf48efbd5d06fe

                                                        SHA1

                                                        7b2b299f753798e4891df2d9cbf30f94b39ef924

                                                        SHA256

                                                        1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40

                                                        SHA512

                                                        e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                        Filesize

                                                        1KB

                                                        MD5

                                                        fb17531f7b5a146958b3f282496e842d

                                                        SHA1

                                                        0127bb70cd0fe0431637f4c7b015f57fb6952459

                                                        SHA256

                                                        5f1d46852cf4b733921e1ba7d8466413cf8b5342354f2d1bea0915781428e674

                                                        SHA512

                                                        d7d87f8187e2d93eec0ef1e247d5664a1b77e0b8fcdbd7a000175d27abae189253ae40d499935e7902f07503e80cad3e33cbeaa4723932af4d349b8f528ab634

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                        Filesize

                                                        5KB

                                                        MD5

                                                        63c705e474cf2efb7e0056c40c7ff37b

                                                        SHA1

                                                        a981f6dee13940f266e2ed893f7c9798450de786

                                                        SHA256

                                                        df9725bcccbf8c81936707b1ac68ea5d53b466923aab49257e497451f572e559

                                                        SHA512

                                                        a037398af547d61f85dcb0aeeadee4a9446eae467c8ef7a05de21bd5780e3d64d1a1646326af53558524a7552781376a294696ddc8c1df3986f9440bb610360f

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                        Filesize

                                                        6KB

                                                        MD5

                                                        c3c6eac27923bdfd6efc720472de8252

                                                        SHA1

                                                        c379afc861cdb8b5f0f8ca2f14de49b924968150

                                                        SHA256

                                                        decb8945ffa9305ca1ec737540f159b4fe0f378125497029fb11feafd0a9a329

                                                        SHA512

                                                        8bdbc5584bf636573659340e0594bc6d0480fa76a607f7c889fe97eeb68dd47e3e8523d30dbd783bfaafc858c83ed7820c219d3432e2743552e6514f28e74a87

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                        Filesize

                                                        9KB

                                                        MD5

                                                        d3b8b3892d6998f95657979f9c7b52c9

                                                        SHA1

                                                        0154dae1670120eb10618f29edd62dced8afce1f

                                                        SHA256

                                                        812a73a7992111b8430b62827a4abd4471a4abe5bf7f1a79dbfd119ac58553fa

                                                        SHA512

                                                        936ec0d30e65da91a5961d3ff71ddb3245e59282fe6cb8be60afd886d645afd849854c007558ffcdea51a14e601ae6cc112b54e32b61b29f25ea8f587d061274

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                        Filesize

                                                        16B

                                                        MD5

                                                        6752a1d65b201c13b62ea44016eb221f

                                                        SHA1

                                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                        SHA256

                                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                        SHA512

                                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                        Filesize

                                                        11KB

                                                        MD5

                                                        93ec58ef0afbbceb3eae5f083733ca54

                                                        SHA1

                                                        9693802ed2a7f693930efd0c38d534d83ffe70bb

                                                        SHA256

                                                        2c5658e3f1b29559464c649357812d12549ea9fa259312305bb8ddd442eaf265

                                                        SHA512

                                                        159272d3fde68fcff9a21671ba0dcfb00dbc9ef250973aeedc7866ee9756aad3442f2ac19fec807d2ea97bce9909868647b0c5961e16ba57d4b001981f233827

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                        Filesize

                                                        11KB

                                                        MD5

                                                        3937ae6ca87949db31c722598aaa4045

                                                        SHA1

                                                        9c1c9c9f053db50708cff1fab29187a90498451a

                                                        SHA256

                                                        87eee0aa83ab27ed787bf729d38bfebd46b4fc94a9c34d84c912dc28a8762e2c

                                                        SHA512

                                                        e4b574d305863b28519987a99e57307117aa7c23f2b1d5eaf8b7acfdb786a219d161e6c0f14483f27c24bb5afb43077c55d42146987d9c433959a679af60addd

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
                                                        Filesize

                                                        53KB

                                                        MD5

                                                        124edf3ad57549a6e475f3bc4e6cfe51

                                                        SHA1

                                                        80f5187eeebb4a304e9caa0ce66fcd78c113d634

                                                        SHA256

                                                        638c51e173ca6b3469494a7e2e0b656021a761f77b4a83f3e430e82e7b9af675

                                                        SHA512

                                                        b6c1a9051feeffad54ba1092fd799d34a9578368d7e66b31780fe478c1def0eb4094dce2879003f7389f2f9d86b94a3ef3975e78092a604597841c9b8db120ee

                                                        Download Submit

                                                      • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_ekjvnqiw.hbt.ps1
                                                        Filesize

                                                        60B

                                                        MD5

                                                        d17fe0a3f47be24a6453e9ef58c94641

                                                        SHA1

                                                        6ab83620379fc69f80c0242105ddffd7d98d5d9d

                                                        SHA256

                                                        96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                                                        SHA512

                                                        5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                                                        Download Submit

                                                      • C:\Users\Admin\Downloads\Fluxus.zip
                                                        Filesize

                                                        2.3MB

                                                        MD5

                                                        120bce5f51303d34ea3635074d5d3ebf

                                                        SHA1

                                                        1bd5dc87c2788ffe578aec388cd048930613a2da

                                                        SHA256

                                                        28e904fd216f1fa26962fa9ca0be1bf2bdb1043b72fad7fd56824aa383d4a465

                                                        SHA512

                                                        f9c300ed468bb9c202658a819902a90cf4c89e9e9d56b56ea7280f0d293b83bd8ce11e28a71d0878ba4b069c3578b2595089dab8d84387299ac977acbe27237b

                                                        Download Submit

                                                      • C:\Users\Admin\Downloads\Fluxus\Fluxus\Fluxus V7.exe
                                                        Filesize

                                                        3.9MB

                                                        MD5

                                                        aa5d196260f56a93d7a9ddf32d202112

                                                        SHA1

                                                        4abe547da7e38e9facb98523e4795a71af6b4600

                                                        SHA256

                                                        653eaa58999ff72cd9e858a9661c87b049fc66172d20fc9ae0f1e3b1e2af694b

                                                        SHA512

                                                        7cf76918a4d04c628cc4e7b3a7f2674c03b97104e98b98ab8407d2e12521e48dc61438d982cfdc9763deaa1b915e4432a972274dd6ac381a5a58f08e1ffd55d5

                                                        Download Submit

                                                      • memory/1096-348-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/1096-337-0x0000000005000000-0x0000000005010000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/1096-336-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/4784-260-0x000000000C510000-0x000000000C55A000-memory.dmp

                                                        Filesize

                                                        296KB

                                                        Download

                                                      • memory/4784-281-0x000000000EF60000-0x000000000EF74000-memory.dmp

                                                        Filesize

                                                        80KB

                                                        Download

                                                      • memory/4784-240-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-241-0x000000000A690000-0x000000000A6C8000-memory.dmp

                                                        Filesize

                                                        224KB

                                                        Download

                                                      • memory/4784-242-0x000000000A300000-0x000000000A30E000-memory.dmp

                                                        Filesize

                                                        56KB

                                                        Download

                                                      • memory/4784-243-0x000000000BC60000-0x000000000C288000-memory.dmp

                                                        Filesize

                                                        6.2MB

                                                        Download

                                                      • memory/4784-253-0x000000000BC10000-0x000000000BC2A000-memory.dmp

                                                        Filesize

                                                        104KB

                                                        Download

                                                      • memory/4784-254-0x000000000C2D0000-0x000000000C306000-memory.dmp

                                                        Filesize

                                                        216KB

                                                        Download

                                                      • memory/4784-255-0x000000000C990000-0x000000000D00A000-memory.dmp

                                                        Filesize

                                                        6.5MB

                                                        Download

                                                      • memory/4784-256-0x000000000C3B0000-0x000000000C446000-memory.dmp

                                                        Filesize

                                                        600KB

                                                        Download

                                                      • memory/4784-257-0x000000000C310000-0x000000000C332000-memory.dmp

                                                        Filesize

                                                        136KB

                                                        Download

                                                      • memory/4784-258-0x000000000C450000-0x000000000C4B6000-memory.dmp

                                                        Filesize

                                                        408KB

                                                        Download

                                                      • memory/4784-259-0x000000000C360000-0x000000000C37E000-memory.dmp

                                                        Filesize

                                                        120KB

                                                        Download

                                                      • memory/4784-238-0x000000000A2F0000-0x000000000A2F8000-memory.dmp

                                                        Filesize

                                                        32KB

                                                        Download

                                                      • memory/4784-261-0x000000000D010000-0x000000000D364000-memory.dmp

                                                        Filesize

                                                        3.3MB

                                                        Download

                                                      • memory/4784-262-0x000000000D370000-0x000000000D3D6000-memory.dmp

                                                        Filesize

                                                        408KB

                                                        Download

                                                      • memory/4784-263-0x000000000D3E0000-0x000000000D402000-memory.dmp

                                                        Filesize

                                                        136KB

                                                        Download

                                                      • memory/4784-266-0x000000000D5A0000-0x000000000D5EC000-memory.dmp

                                                        Filesize

                                                        304KB

                                                        Download

                                                      • memory/4784-276-0x000000000EC50000-0x000000000EC6E000-memory.dmp

                                                        Filesize

                                                        120KB

                                                        Download

                                                      • memory/4784-277-0x000000000EC70000-0x000000000ED13000-memory.dmp

                                                        Filesize

                                                        652KB

                                                        Download

                                                      • memory/4784-278-0x000000000EEF0000-0x000000000EEFA000-memory.dmp

                                                        Filesize

                                                        40KB

                                                        Download

                                                      • memory/4784-279-0x000000000EF10000-0x000000000EF21000-memory.dmp

                                                        Filesize

                                                        68KB

                                                        Download

                                                      • memory/4784-280-0x000000000EF40000-0x000000000EF4E000-memory.dmp

                                                        Filesize

                                                        56KB

                                                        Download

                                                      • memory/4784-239-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-282-0x000000000EFA0000-0x000000000EFBA000-memory.dmp

                                                        Filesize

                                                        104KB

                                                        Download

                                                      • memory/4784-283-0x000000000EFC0000-0x000000000EFC8000-memory.dmp

                                                        Filesize

                                                        32KB

                                                        Download

                                                      • memory/4784-284-0x000000000D620000-0x000000000D628000-memory.dmp

                                                        Filesize

                                                        32KB

                                                        Download

                                                      • memory/4784-300-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/4784-301-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-303-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-304-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-309-0x000000000A4A0000-0x000000000A4AA000-memory.dmp

                                                        Filesize

                                                        40KB

                                                        Download

                                                      • memory/4784-310-0x000000000A4D0000-0x000000000A4E2000-memory.dmp

                                                        Filesize

                                                        72KB

                                                        Download

                                                      • memory/4784-311-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/4784-237-0x0000000005C50000-0x0000000005CE2000-memory.dmp

                                                        Filesize

                                                        584KB

                                                        Download

                                                      • memory/4784-236-0x0000000006120000-0x00000000066C4000-memory.dmp

                                                        Filesize

                                                        5.6MB

                                                        Download

                                                      • memory/4784-235-0x0000000005770000-0x0000000005780000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/4784-234-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/4784-233-0x0000000000A60000-0x0000000000E54000-memory.dmp

                                                        Filesize

                                                        4.0MB

                                                        Download

                                                      • memory/5108-350-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/5108-351-0x0000000004E00000-0x0000000004E10000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/5108-352-0x0000000004E00000-0x0000000004E10000-memory.dmp

                                                        Filesize

                                                        64KB

                                                        Download

                                                      • memory/5108-362-0x000000000D430000-0x000000000D4BA000-memory.dmp

                                                        Filesize

                                                        552KB

                                                        Download

                                                      • memory/5108-363-0x000000000D5E0000-0x000000000D5FE000-memory.dmp

                                                        Filesize

                                                        120KB

                                                        Download

                                                      • memory/5108-364-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download

                                                      • memory/5108-365-0x0000000074F60000-0x0000000075710000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                        Download