Malware Analysis Report

2025-08-11 06:22

Sample ID 240403-m1skrscg58
Target TwitchLinkSetup-3.1.3.exe
SHA256 1c331de58c43be0aca0f6a6d5d92c86c09f5709876ab2b0cb8503f83b14ac5b9
Tags
discovery pyinstaller spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

1c331de58c43be0aca0f6a6d5d92c86c09f5709876ab2b0cb8503f83b14ac5b9

Threat Level: Shows suspicious behavior

The file TwitchLinkSetup-3.1.3.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery pyinstaller spyware stealer

Loads dropped DLL

Reads user/profile data of web browsers

Executes dropped EXE

Checks computer location settings

Checks installed software on the system

Drops file in Program Files directory

Drops file in Windows directory

Unsigned PE

Detects Pyinstaller

Enumerates physical storage devices

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SetWindowsHookEx

Suspicious behavior: LoadsDriver

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-03 10:56

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-03 10:56

Reported

2024-04-03 10:57

Platform

win7-20240221-es

Max time kernel

33s

Max time network

36s

Command Line

"C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

Signatures

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQml\Base\is-IB5AH.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Imagine\is-UVPTP.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-S8UB6.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Effects\is-SADDP.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtWebEngine\ControlsDelegates\is-IDKMK.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-1HNFQ.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\is-8BRIG.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\images\is-N6H0G.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-EKHIJ.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\Qt6Test.dll C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-S437V.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Fusion\is-JHRDM.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Fusion\is-BLSE2.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Dialogs\quickimpl\qml\is-DKVG5.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\is-D9JRE.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\api-ms-win-core-util-l1-1-0.dll C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-R6O8U.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-TULKV.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\impl\is-3V47K.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Physics\designer\images\is-A0G7I.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\is-606F6.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-GTEEB.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\ParticleEffects\designer\source\is-T4CCG.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-JRU47.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\is-QB2GL.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-KBH2R.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-3GI6O.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Templates\is-RJSRT.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Effects\designer\is-T3UT1.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-RFEIO.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-1GLII.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-M159R.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-V3582.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\is-HB5NK.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Effects\is-IDP1M.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Physics\designer\is-A9JQ3.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-LLVTM.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-76K57.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-MAENQ.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-NCMSO.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\qtwebengine_locales\is-QD6R2.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\plugins\iconengines\qsvgicon.dll C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-VTQSU.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-M0D3A.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Shapes\is-JQ8IP.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\is-VEC4I.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-RIN43.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Fusion\impl\is-P0GDU.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Imagine\is-BSN7Q.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\is-8N9O6.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-OPS4E.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-9UE7M.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\is-G8RSO.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\plugins\imageformats\is-OGCVU.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\is-56VOA.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\is-HM87Q.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\is-Q3G6H.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\uic\widget-plugins\__pycache__\is-6UP4M.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-LQI0V.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\images\is-0HORA.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-0K549.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\is-JP4QR.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Imagine\is-JI0EU.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\is-RPBL4.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Fonts\is-P7V2F.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Windows\Fonts\is-48TJJ.tmp C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1956 wrote to memory of 1876 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1876 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 1876 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 1876 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 1876 wrote to memory of 2752 N/A C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe

Processes

C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe

"C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp

"C:\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp" /SL5="$4011A,122591767,882176,C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

"C:\Program Files (x86)\TwitchLink\TwitchLink.exe"

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

"C:\Program Files (x86)\TwitchLink\TwitchLink.exe"

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x0

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x1

Network

N/A

Files

memory/1956-1-0x0000000000400000-0x00000000004E5000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-O4JBG.tmp\TwitchLinkSetup-3.1.3.tmp

MD5 70c25430b6d04dcae2c5af783176e1f0
SHA1 c97e53761a3e15b5f79c2e79a07f1f2fadcb3544
SHA256 735430094d5f3ecfb9618756b0161f377dd01ee2a34022b22b84f51129a39b3a
SHA512 17d8e661b103635fb6aa66804f9ba694d8250b87fd1595686791d0c17681c0bb60791f6dba60f6e528fe7795e30e15d3fee647aeaff0a412b130606e645fecc4

memory/1876-8-0x00000000003D0000-0x00000000003D1000-memory.dmp

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

MD5 5f5fda2e4e2ae2d5e9a56ea48bc20f4b
SHA1 8a441d171123bf4d3525442f257c804ad419fd2e
SHA256 eee2ca9ca6510adf07e9b54241006435bf158b0dcd281020c1975104bff24978
SHA512 573e29db6b931c6197981e9499f57fc1ff7af591e2290041a7d18f1e6082804e00fbe3a544a845e7140e568dc05126ab179003c41308a1c754f7ac8d6738935f

memory/1956-377-0x0000000000400000-0x00000000004E5000-memory.dmp

memory/1876-387-0x0000000000400000-0x0000000000720000-memory.dmp

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-OODT7.tmp

MD5 268ca4343417ef1bbec6111772662306
SHA1 5180059a57f944bdcd2d55639289ac14bcfc2ba4
SHA256 f8d2bf5bc61e2575380c2be7e6516bc0426200025ba333c744d1f212108ffe4f
SHA512 c83bbb2807a98255dc3388c4b531c25d4984c77deb71f964f963ad84651fdf52f1ac1213318bf1476da3fc575b86607692657df739ff5218d661b02cab3cc63a

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-NHT64.tmp

MD5 6fd2055c93332727a0f0a80fbd0a6c9a
SHA1 099d4cf01e806280f72afd8e2f2502ae256a82d2
SHA256 f09e9acf39237df1404d0bdb520ef0df2d35d9586f519e91416b9c02228252ed
SHA512 c839ae74896cb6c0edcaabfd5319bc9af22db94204ab6a025a1488aeb3b0326152e5fc96c3950dc9cda6a493089a4154b188944ca4b367b27fcaaabadcbc14ee

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-364OU.tmp

MD5 63340c8fcb71734ce4bbac29a86821b5
SHA1 0cfd02b3e95fa482cbd4bd83b0f2d9214acc9709
SHA256 78b5fc58e6d881d16351e92d32b8cadea6b14fbf8c20c1bc7e56d02946467ae8
SHA512 fe035bb77a32d0fe9d4983d90c65d4c2600a019ac20743dbec409f29ffbfbecd8bca2d15abfffb2e71b77e3c105e248627a176942cdf9d7b98ed9113e6f73ba0

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Windows\is-G3QFK.tmp

MD5 2006d4b7d0da455aa4c7414653c0018a
SHA1 6685b8360b97799aa4d6b18789bf84a343e9e891
SHA256 a96c7bf5832767bdc9d91e2290a3920aec3abfbf2e3814bce38b49483f16f84a
SHA512 703804e6fab0cf44317b7292c547a1348e2e7395e4b71367c32c3b097bcfb3344d3296179bf4ba33a4c752ae58a3873af57d8cdef35a34564205356bb4e6fd84

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-RRUDM.tmp

MD5 762ab24b219270dc7ee7183da2f1ef79
SHA1 de4b6ccb4d5b6743903e91915d8ff00e52f1336a
SHA256 fbc370c541a931e22eeba5157b47f30fc60c7e29580b9b4904703b6e17910bf3
SHA512 c11bae321fe32044d8c7f05590bf30f15585283c0a95ea2a2eac63e3e493bd3386354de050df13b554b197cceebe03069b523286fd3297d16cc0a27072cdc031

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-VCT7M.tmp

MD5 bbff95cfc3d26e011d4cd5b6a978625b
SHA1 6e2c4e01dcc78e1210ec39a236ccb4388a71cd5f
SHA256 20367abdb3621f0bbbe473dc2c16708318303c600356dd3a53c9465c8a694e22
SHA512 7378c69a5c23a36226c9f82aa2ef7cb693868425989a1baced24b73830917e354949af640b7b5aef82124902275debfba1d8fd46a2767c71189dfc935bcfc738

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-UHNUR.tmp

MD5 73dd25fb185b415c0590f122bf05cf7b
SHA1 0d268a5bfeaacb8744a9b372409caeb6f1039653
SHA256 ac0ced9846290510f32ffb115d29e5329442fec01b6527a863ebf541ca8c8ed5
SHA512 7c3d69594d8d73414f3ea35443a7417fe75fed45a0ac6d07f29bebccc119375d6c50a7ca78fc0a349304ce21f71847098e7c83ba9a8b624729ca6bc4e986faad

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-RV7HI.tmp

MD5 bcebcf42735c6849bdecbb77451021dd
SHA1 4884fd9af6890647b7af1aefa57f38cca49ad899
SHA256 9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85
SHA512 f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78

C:\Program Files (x86)\TwitchLink\resources\fonts\NanumGothic.ttf

MD5 77c9de73515a7120ac94e052eaa9218e
SHA1 6b61cdb4fe859e3932437d6d816c1944daeff1b2
SHA256 48a28e97b34fc8e5b157657633670cd1b7de126cfc414da65ce9c3d5bc8be733
SHA512 b599c4ff53e7cd2a39ffc45c1f8aadb699d64bd710c47345297a66627ce31dd016e3994ccb44bc5e0018b06128474be5f3f76d1fe2d642c5487e127f6e23b119

C:\Program Files (x86)\TwitchLink\resources\fonts\OpenSans-Regular.ttf

MD5 3ed9575dcc488c3e3a5bd66620bdf5a4
SHA1 babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
SHA256 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
SHA512 7ba57687079a7e1d2ac2a64d210753b6014877eeadb6cc4dd86b836f46f7a3b8d34e4350d264f4d7361b1bd4488a1169f0f3cb49a7dcfec0ade9701f4e468416

C:\Program Files (x86)\TwitchLink\python311.dll

MD5 5a5dd7cad8028097842b0afef45bfbcf
SHA1 e247a2e460687c607253949c52ae2801ff35dc4a
SHA256 a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512 e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

memory/1876-3563-0x0000000000400000-0x0000000000720000-memory.dmp

memory/1956-3564-0x0000000000400000-0x00000000004E5000-memory.dmp

memory/2752-3566-0x0000000000400000-0x000000000044A000-memory.dmp

memory/1684-3569-0x0000000000400000-0x000000000044A000-memory.dmp

memory/592-3570-0x00000000033D0000-0x00000000033D1000-memory.dmp

memory/2904-3571-0x0000000002B20000-0x0000000002B21000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-03 10:56

Reported

2024-04-03 10:59

Platform

win10v2004-20240226-es

Max time kernel

155s

Max time network

169s

Command Line

"C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Reads user/profile data of web browsers

spyware stealer

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\is-SJOU5.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-Q6C73.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\impl\is-TKVB7.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Pdf\is-A8BIP.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Effects\designer\is-242TI.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-P0HB0.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Windows\is-N7I4L.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Window\is-M8C9V.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\is-T109U.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-3TTEQ.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-66LAN.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-CHPNS.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-9D7VO.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\Qt6WebEngineQuick.dll C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Dialogs\quickimpl\qml\is-DMA17.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\is-C51SU.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\is-IL926.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\qtquickcontrols2universalstyleplugin.dll C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-NCADK.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-BNVK8.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File opened for modification C:\Program Files (x86)\TwitchLink\Qt6Sensors.dll C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-L64NR.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\images\is-BGD1G.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-1T1GO.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\ParticleEffects\designer\images\is-NAK2D.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-VHKQV.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\tooling\is-HOBIP.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\images\is-T9K87.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtWebEngine\ControlsDelegates\is-HETHB.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-D2DE7.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\is-RKABH.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\ParticleEffects\designer\images\is-NDPV5.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-49HGH.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtPositioning\is-K6OIF.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-6L9MJ.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Material\impl\is-30QJ2.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Physics\Helpers\is-Q4D9R.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtWebEngine\is-SJTB6.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\resources\is-298T3.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\qtwebengine_locales\is-E0AE0.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtPositioning\is-PFUS0.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Fusion\is-A7AJL.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\impl\is-CDFQQ.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\ParticleEffects\is-QNQRN.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\images\is-4VHIK.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtRemoteObjects\is-B2BHJ.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\is-FTT78.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\plugins\imageformats\is-QNKQN.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\ParticleEffects\designer\source\is-0QCHE.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\is-ILTIB.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-T1CRD.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Windows\is-I3N65.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtWebEngine\ControlsDelegates\is-OEJUF.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\resources\icons\is-9MDSD.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Basic\is-OOJKG.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\tooling\is-SKR2L.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Effects\designer\is-L4D8H.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-D2GSP.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\images\is-56UGF.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\images\is-QJ3I2.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Fusion\is-C2J7S.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\designer\images\is-42SPC.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Particles3D\designer\images\is-C52GO.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Fonts\is-II979.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A
File created C:\Windows\Fonts\is-1QGC1.tmp C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp N/A

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeManageVolumePrivilege N/A C:\Windows\System32\svchost.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A
N/A N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1792 wrote to memory of 3700 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1792 wrote to memory of 3700 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp
PID 1792 wrote to memory of 3700 N/A C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp
PID 3700 wrote to memory of 5904 N/A C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 3700 wrote to memory of 5904 N/A C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 5904 wrote to memory of 1920 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5904 wrote to memory of 1920 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5160 wrote to memory of 5264 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5160 wrote to memory of 5264 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5308 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5904 wrote to memory of 5428 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 5904 wrote to memory of 5428 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\TwitchLink.exe
PID 5428 wrote to memory of 4668 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5428 wrote to memory of 4668 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5780 wrote to memory of 4332 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5780 wrote to memory of 4332 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Windows\system32\cmd.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe
PID 5780 wrote to memory of 6140 N/A C:\Program Files (x86)\TwitchLink\TwitchLink.exe C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe

Processes

C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe

"C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp

"C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp" /SL5="$A0178,122591767,882176,C:\Users\Admin\AppData\Local\Temp\TwitchLinkSetup-3.1.3.exe"

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k UnistackSvcGroup

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=es --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4180 --field-trial-handle=2004,i,3518780201612530827,12523116488201166376,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

"C:\Program Files (x86)\TwitchLink\TwitchLink.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

"C:\Program Files (x86)\TwitchLink\TwitchLink.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe

"C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe" --type=renderer --webengine-schemes=qrc:sV --first-renderer-process --disable-speech-api --enable-threaded-compositing --disable-databases --disable-blink-features=EyeDropperAPI --lang=es --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=2728 --enable-features=NetworkServiceInProcess2,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,EyeDropper,InstalledApp,PictureInPicture,WebOTP,WebPayments,WebUSB /prefetch:1

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

"C:\Program Files (x86)\TwitchLink\TwitchLink.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe

"C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe" --type=renderer --webengine-schemes=qrc:sV --first-renderer-process --disable-speech-api --enable-threaded-compositing --disable-databases --disable-blink-features=EyeDropperAPI --lang=es --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=3668 --enable-features=NetworkServiceInProcess2,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,EyeDropper,InstalledApp,PictureInPicture,WebOTP,WebPayments,WebUSB /prefetch:1

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe

"C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\bin\QtWebEngineProcess.exe" --type=renderer --webengine-schemes=qrc:sV --disable-speech-api --enable-threaded-compositing --disable-databases --disable-blink-features=EyeDropperAPI --lang=es --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=3912 --enable-features=NetworkServiceInProcess2,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,EyeDropper,InstalledApp,PictureInPicture,WebOTP,WebPayments,WebUSB /prefetch:1

Network

Country Destination Domain Proto
GB 88.221.134.17:443 tcp
US 13.107.246.64:443 tcp
GB 92.123.128.137:443 www.bing.com tcp
US 8.8.8.8:53 137.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
GB 13.87.96.169:443 tcp
NL 52.142.223.178:80 tcp
GB 172.165.69.228:443 tcp
GB 142.250.200.14:443 tcp
US 13.107.6.158:443 tcp
GB 216.58.201.97:443 tcp
US 13.107.42.16:443 tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
GB 142.250.180.10:443 tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 24.66.18.2.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 twitchlink.github.io udp
US 185.199.108.153:443 twitchlink.github.io tcp
US 8.8.8.8:53 153.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 131.72.42.20.in-addr.arpa udp
US 8.8.8.8:53 81.171.91.138.in-addr.arpa udp

Files

memory/1792-0-0x0000000000400000-0x00000000004E5000-memory.dmp

memory/1792-2-0x0000000000400000-0x00000000004E5000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-8BTRE.tmp\TwitchLinkSetup-3.1.3.tmp

MD5 70c25430b6d04dcae2c5af783176e1f0
SHA1 c97e53761a3e15b5f79c2e79a07f1f2fadcb3544
SHA256 735430094d5f3ecfb9618756b0161f377dd01ee2a34022b22b84f51129a39b3a
SHA512 17d8e661b103635fb6aa66804f9ba694d8250b87fd1595686791d0c17681c0bb60791f6dba60f6e528fe7795e30e15d3fee647aeaff0a412b130606e645fecc4

memory/3700-6-0x0000000000D30000-0x0000000000D31000-memory.dmp

memory/1792-8-0x0000000000400000-0x00000000004E5000-memory.dmp

memory/3700-9-0x0000000000400000-0x0000000000720000-memory.dmp

memory/3700-212-0x0000000000400000-0x0000000000720000-memory.dmp

C:\Program Files (x86)\TwitchLink\TwitchLink.exe

MD5 5f5fda2e4e2ae2d5e9a56ea48bc20f4b
SHA1 8a441d171123bf4d3525442f257c804ad419fd2e
SHA256 eee2ca9ca6510adf07e9b54241006435bf158b0dcd281020c1975104bff24978
SHA512 573e29db6b931c6197981e9499f57fc1ff7af591e2290041a7d18f1e6082804e00fbe3a544a845e7140e568dc05126ab179003c41308a1c754f7ac8d6738935f

memory/4416-296-0x0000020E46340000-0x0000020E46350000-memory.dmp

memory/4416-362-0x0000020E46440000-0x0000020E46450000-memory.dmp

memory/4416-420-0x0000020E4E760000-0x0000020E4E761000-memory.dmp

memory/4416-434-0x0000020E4E790000-0x0000020E4E791000-memory.dmp

memory/4416-469-0x0000020E4E790000-0x0000020E4E791000-memory.dmp

memory/4416-492-0x0000020E4E8A0000-0x0000020E4E8A1000-memory.dmp

memory/4416-530-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-534-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-601-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-614-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-U1NGP.tmp

MD5 268ca4343417ef1bbec6111772662306
SHA1 5180059a57f944bdcd2d55639289ac14bcfc2ba4
SHA256 f8d2bf5bc61e2575380c2be7e6516bc0426200025ba333c744d1f212108ffe4f
SHA512 c83bbb2807a98255dc3388c4b531c25d4984c77deb71f964f963ad84651fdf52f1ac1213318bf1476da3fc575b86607692657df739ff5218d661b02cab3cc63a

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\designer\is-QOHJV.tmp

MD5 6fd2055c93332727a0f0a80fbd0a6c9a
SHA1 099d4cf01e806280f72afd8e2f2502ae256a82d2
SHA256 f09e9acf39237df1404d0bdb520ef0df2d35d9586f519e91416b9c02228252ed
SHA512 c839ae74896cb6c0edcaabfd5319bc9af22db94204ab6a025a1488aeb3b0326152e5fc96c3950dc9cda6a493089a4154b188944ca4b367b27fcaaabadcbc14ee

memory/4416-673-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-697-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-729-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-755-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-783-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-808-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-821-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-849-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-885-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-903-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-978-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-982-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-1005-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-1024-0x0000020E4E7B0000-0x0000020E4E7B1000-memory.dmp

memory/4416-1045-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-1050-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/4416-1049-0x0000020E4E7A0000-0x0000020E4E7A1000-memory.dmp

memory/3700-1233-0x0000000000D30000-0x0000000000D31000-memory.dmp

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Universal\is-F2NUT.tmp

MD5 63340c8fcb71734ce4bbac29a86821b5
SHA1 0cfd02b3e95fa482cbd4bd83b0f2d9214acc9709
SHA256 78b5fc58e6d881d16351e92d32b8cadea6b14fbf8c20c1bc7e56d02946467ae8
SHA512 fe035bb77a32d0fe9d4983d90c65d4c2600a019ac20743dbec409f29ffbfbecd8bca2d15abfffb2e71b77e3c105e248627a176942cdf9d7b98ed9113e6f73ba0

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick\Controls\Windows\is-1S4KA.tmp

MD5 2006d4b7d0da455aa4c7414653c0018a
SHA1 6685b8360b97799aa4d6b18789bf84a343e9e891
SHA256 a96c7bf5832767bdc9d91e2290a3920aec3abfbf2e3814bce38b49483f16f84a
SHA512 703804e6fab0cf44317b7292c547a1348e2e7395e4b71367c32c3b097bcfb3344d3296179bf4ba33a4c752ae58a3873af57d8cdef35a34564205356bb4e6fd84

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-0U8BV.tmp

MD5 762ab24b219270dc7ee7183da2f1ef79
SHA1 de4b6ccb4d5b6743903e91915d8ff00e52f1336a
SHA256 fbc370c541a931e22eeba5157b47f30fc60c7e29580b9b4904703b6e17910bf3
SHA512 c11bae321fe32044d8c7f05590bf30f15585283c0a95ea2a2eac63e3e493bd3386354de050df13b554b197cceebe03069b523286fd3297d16cc0a27072cdc031

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-LHS33.tmp

MD5 bbff95cfc3d26e011d4cd5b6a978625b
SHA1 6e2c4e01dcc78e1210ec39a236ccb4388a71cd5f
SHA256 20367abdb3621f0bbbe473dc2c16708318303c600356dd3a53c9465c8a694e22
SHA512 7378c69a5c23a36226c9f82aa2ef7cb693868425989a1baced24b73830917e354949af640b7b5aef82124902275debfba1d8fd46a2767c71189dfc935bcfc738

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\qml\QtQuick3D\Helpers\designer\images\is-EDJRV.tmp

MD5 73dd25fb185b415c0590f122bf05cf7b
SHA1 0d268a5bfeaacb8744a9b372409caeb6f1039653
SHA256 ac0ced9846290510f32ffb115d29e5329442fec01b6527a863ebf541ca8c8ed5
SHA512 7c3d69594d8d73414f3ea35443a7417fe75fed45a0ac6d07f29bebccc119375d6c50a7ca78fc0a349304ce21f71847098e7c83ba9a8b624729ca6bc4e986faad

C:\Program Files (x86)\TwitchLink\PyQt6\Qt6\translations\is-AUA8L.tmp

MD5 bcebcf42735c6849bdecbb77451021dd
SHA1 4884fd9af6890647b7af1aefa57f38cca49ad899
SHA256 9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85
SHA512 f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78

C:\Program Files (x86)\TwitchLink\resources\fonts\NanumGothic.ttf

MD5 77c9de73515a7120ac94e052eaa9218e
SHA1 6b61cdb4fe859e3932437d6d816c1944daeff1b2
SHA256 48a28e97b34fc8e5b157657633670cd1b7de126cfc414da65ce9c3d5bc8be733
SHA512 b599c4ff53e7cd2a39ffc45c1f8aadb699d64bd710c47345297a66627ce31dd016e3994ccb44bc5e0018b06128474be5f3f76d1fe2d642c5487e127f6e23b119

C:\Program Files (x86)\TwitchLink\resources\fonts\OpenSans-Regular.ttf

MD5 3ed9575dcc488c3e3a5bd66620bdf5a4
SHA1 babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
SHA256 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
SHA512 7ba57687079a7e1d2ac2a64d210753b6014877eeadb6cc4dd86b836f46f7a3b8d34e4350d264f4d7361b1bd4488a1169f0f3cb49a7dcfec0ade9701f4e468416

C:\Program Files (x86)\TwitchLink\python311.dll

MD5 5a5dd7cad8028097842b0afef45bfbcf
SHA1 e247a2e460687c607253949c52ae2801ff35dc4a
SHA256 a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512 e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

C:\Program Files (x86)\TwitchLink\VCRUNTIME140.dll

MD5 4585a96cc4eef6aafd5e27ea09147dc6
SHA1 489cfff1b19abbec98fda26ac8958005e88dd0cb
SHA256 a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736
SHA512 d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

C:\Program Files (x86)\TwitchLink\base_library.zip

MD5 e17ce7183e682de459eec1a5ac9cbbff
SHA1 722968ca6eb123730ebc30ff2d498f9a5dad4cc1
SHA256 ff6a37c49ee4bb07a763866d4163126165038296c1fb7b730928297c25cfbe6d
SHA512 fab76b59dcd3570695fa260f56e277f8d714048f3d89f6e9f69ea700fca7c097d0db5f5294beab4e6409570408f1d680e8220851fededb981acb129a415358d1

C:\Program Files (x86)\TwitchLink\python3.DLL

MD5 b711598fc3ed0fe4cf2c7f3e0877979e
SHA1 299c799e5d697834aa2447d8a313588ab5c5e433
SHA256 520169aa6cf49d7ee724d1178de1be0e809e4bdcf671e06f3d422a0dd5fd294a
SHA512 b3d59eff5e38cef651c9603971bde77be7231ea8b7bdb444259390a8a9e452e107a0b6cb9cc93e37fd3b40afb2ba9e67217d648bfca52f7cdc4b60c7493b6b84

C:\Program Files (x86)\TwitchLink\_ctypes.pyd

MD5 bd36f7d64660d120c6fb98c8f536d369
SHA1 6829c9ce6091cb2b085eb3d5469337ac4782f927
SHA256 ee543453ac1a2b9b52e80dc66207d3767012ca24ce2b44206804767f37443902
SHA512 bd15f6d4492ddbc89fcbadba07fc10aa6698b13030dd301340b5f1b02b74191faf9b3dcf66b72ecf96084656084b531034ea5cadc1dd333ef64afb69a1d1fd56

C:\Program Files (x86)\TwitchLink\libffi-8.dll

MD5 0f8e4992ca92baaf54cc0b43aaccce21
SHA1 c7300975df267b1d6adcbac0ac93fd7b1ab49bd2
SHA256 eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a
SHA512 6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978

C:\Program Files (x86)\TwitchLink\_socket.pyd

MD5 1eea9568d6fdef29b9963783827f5867
SHA1 a17760365094966220661ad87e57efe09cd85b84
SHA256 74181072392a3727049ea3681fe9e59516373809ced53e08f6da7c496b76e117
SHA512 d9443b70fcdc4d0ea1cb93a88325012d3f99db88c36393a7ded6d04f590e582f7f1640d8b153fe3c5342fa93802a8374f03f6cd37dd40cdbb5ade2e07fad1e09

C:\Program Files (x86)\TwitchLink\select.pyd

MD5 c97a587e19227d03a85e90a04d7937f6
SHA1 463703cf1cac4e2297b442654fc6169b70cfb9bf
SHA256 c4aa9a106381835cfb5f9badfb9d77df74338bc66e69183757a5a3774ccdaccf
SHA512 97784363f3b0b794d2f9fd6a2c862d64910c71591006a34eedff989ecca669ac245b3dfe68eaa6da621209a3ab61d36e9118ebb4be4c0e72ce80fab7b43bde12

C:\Program Files (x86)\TwitchLink\PyQt6\QtCore.pyd

MD5 889a845ddd7b2a84dee4f2ac14e2527a
SHA1 30ee614109ecf81ad84085d2d183a123a3ee15ae
SHA256 37aaa54c14de16bc9167ffd67f149bb4e92102771213208d51e2df3796688ce8
SHA512 c115128d382f449458b20e7cf9fb34b69438df430ffabfca83064873e0143783fefb7e4535d214a4a0a24e555f627d1a7806b97f98f4c174c72ba4d4724a3b71

C:\Program Files (x86)\TwitchLink\Qt6Core.dll

MD5 c2289c19ea4ee92ac1515569ebde5f87
SHA1 084ed09d3b59ae4a7e92334c164578e99b4b32f0
SHA256 5fe8b92348e617e0aca52376adb1a8d56f651c024a04c9d486f300d0ca9aa650
SHA512 8181db050b30279186953685198238e1c889d778a35801639846ae1b57e6ace5989e401e1f3b4f2b9fe226963b69d7461c2703bffa73218398b822da50b459fb

C:\Program Files (x86)\TwitchLink\MSVCP140_1.dll

MD5 0fe6d52eb94c848fe258dc0ec9ff4c11
SHA1 95cc74c64ab80785f3893d61a73b8a958d24da29
SHA256 446c48c1224c289bd3080087fe15d6759416d64f4136addf30086abd5415d83f
SHA512 c39a134210e314627b0f2072f4ffc9b2ce060d44d3365d11d8c1fe908b3b9403ebdd6f33e67d556bd052338d0ed3d5f16b54d628e8290fd3a155f55d36019a86

C:\Program Files (x86)\TwitchLink\PyQt6\QtNetwork.pyd

MD5 f2bb7753ee9424934053085dd3cc3f0c
SHA1 1fb97b03a8a108a176914c0c6f829c82ec72814f
SHA256 266d8f0e3d562094b99a83720c63abf6739fdc6aadca41e5d53d31927e0f7816
SHA512 d0a88ecb28d9d95336295df2500bebe2927f0570cca15b718230d51a1068882cc80100e54cfd9b8eb19ed5d8e65b1efa3b6e994bfc6303c4a7b5d54bb9df487e

C:\Program Files (x86)\TwitchLink\Qt6Network.dll

MD5 6c4b3d2bbfef08309c3909acc4fe3e9a
SHA1 8b6af3ec30b9167eb889c2c309a9699e5476faf0
SHA256 0141d7e62e97ed2cf75fb7ae3ee16523d1bc2faa3a9c831ce46f91d41b92767d
SHA512 7109ef348a60ddbc98eaab81dafde4fdda0ab4fc10db0c71e83c59f496754fea4b0b5de035cde69b2a2d44f248bb243966a55c456dda9cee140f5210565df400

C:\Program Files (x86)\TwitchLink\MSVCP140_2.dll

MD5 9002e0bee6455b2322e3e717fe25f9be
SHA1 bc8df83cc657f0f46a0bff20565870a435ed1563
SHA256 24b47c966b6e4a65b3e4df866d347d3427e9bd709be550c38224427eb5e143d3
SHA512 28ddd087b48d5aa96ec39ccc29a4020cf75ae3c5cb6af9a9571694d73f7aaa4fecb15336c9c7a7d12c93d8bf12efa4fe4d8d612cd93d72c72130cae52317d0d9

memory/1792-3688-0x0000000000400000-0x00000000004E5000-memory.dmp

C:\Program Files (x86)\TwitchLink\Qt6Gui.dll

MD5 5628b4d082e34ab427119f0f42aed351
SHA1 b6f7d962fdcb6eb2be7c449932b2e0e4f6229081
SHA256 c29da6a08f7e2350fac91c6f2f542773c8b59f24fc933116a8564b5ec823dff8
SHA512 8ae44105431695daa529a0301b20f025e878f607afcf18d182f37eff94e735c27a9552fd14e4118757c153458420fdbcac60f8c92a7c1ade4d437df7f86aa166

C:\Program Files (x86)\TwitchLink\PyQt6\QtGui.pyd

MD5 a6202fdff8defd6e8e27e3f989d2ebd1
SHA1 65ffb9e2902b34d7004dfe3ad21e836ee4990670
SHA256 0bf26537632de05d3b504fedeffc1b590f06b60db9d290bf0ca63fe99f71c36b
SHA512 2492b50fd0058616fdc0f383b968a7e725e2f37bb0fcd6dee3021603d6e0ed932f9de6ce39b5197838738fe1d21933cb6383e369c9ad8244644e218f598af865

C:\Program Files (x86)\TwitchLink\_lzma.pyd

MD5 e5abc3a72996f8fde0bcf709e6577d9d
SHA1 15770bdcd06e171f0b868c803b8cf33a8581edd3
SHA256 1796038480754a680f33a4e37c8b5673cc86c49281a287dc0c5cae984d0cb4bb
SHA512 b347474dc071f2857e1e16965b43db6518e35915b8168bdeff1ead4dff710a1cc9f04ca0ced23a6de40d717eea375eedb0bf3714daf35de6a77f071db33dfae6

C:\Program Files (x86)\TwitchLink\_bz2.pyd

MD5 3859239ced9a45399b967ebce5a6ba23
SHA1 6f8ff3df90ac833c1eb69208db462cda8ca3f8d6
SHA256 a4dd883257a7ace84f96bcc6cd59e22d843d0db080606defae32923fc712c75a
SHA512 030e5ce81e36bd55f69d55cbb8385820eb7c1f95342c1a32058f49abeabb485b1c4a30877c07a56c9d909228e45a4196872e14ded4f87adaa8b6ad97463e5c69

C:\Program Files (x86)\TwitchLink\PyQt6\sip.cp311-win_amd64.pyd

MD5 8bb895f19c8cd0264a25eb12f29ea8e2
SHA1 b59f55ba38581176122100ab8ffc4301fcb59e38
SHA256 8c0a0c86295fecb46b514ef73a6b71485c9f400a2d15dc8a8878b73be56eb32e
SHA512 9c072420a7f1bb7f185708d501235368fb6394b36ba88d1f230f119d85f51087d6b79c0cbe3f176b5595dee237ac1874491870253da2022a536dcad289f243fb

C:\Program Files (x86)\TwitchLink\VCRUNTIME140_1.dll

MD5 7e668ab8a78bd0118b94978d154c85bc
SHA1 dbac42a02a8d50639805174afd21d45f3c56e3a0
SHA256 e4b533a94e02c574780e4b333fcf0889f65ed00d39e32c0fbbda2116f185873f
SHA512 72bb41db17256141b06e2eaeb8fc65ad4abdb65e4b5f604c82b9e7e7f60050734137d602e0f853f1a38201515655b6982f2761ee0fa77c531aa58591c95f0032

C:\Program Files (x86)\TwitchLink\MSVCP140.dll

MD5 01b946a2edc5cc166de018dbb754b69c
SHA1 dbe09b7b9ab2d1a61ef63395111d2eb9b04f0a46
SHA256 88f55d86b50b0a7e55e71ad2d8f7552146ba26e927230daf2e26ad3a971973c5
SHA512 65dc3f32faf30e62dfdecb72775df870af4c3a32a0bf576ed1aaae4b16ac6897b62b19e01dc2bf46f46fbe3f475c061f79cbe987eda583fee1817070779860e5

C:\Program Files (x86)\TwitchLink\PyQt6\QtWebEngineCore.pyd

MD5 6166e6c63684c2e496cc65bbb4ae507f
SHA1 021ba4db148412876bdc255d65334e565f593217
SHA256 899c00876776621418ae458ec31c47486500f389ba008c9affbd76775794737a
SHA512 945c4f55d89d78aacb01a7d069b0c77ff943a75b78d10159ff9538915d8f93f9c60f76f106085a41b02119c84a2171b6bd87ed406de86eea01942ce9a1f20452

C:\Program Files (x86)\TwitchLink\Qt6WebEngineCore.dll

MD5 6809d1a6e5d36272f2a5f8ddce89fd14
SHA1 9fe8ec15ec5436259e1b4a9cf0c62046fed59985
SHA256 bcf0c2253fa76c5d91aa7c6900a32740431557ace9598216cf09b168a0957dce
SHA512 b637e2e2909cf4e037943883e19262935c9f2799e63ac308b8f6118b359174be92eb05c8aaeb59488aa890da66737c2ed3955506f4426969ca55831d02279af2

C:\Program Files (x86)\TwitchLink\Qt6Qml.dll

MD5 56d50dfd47cfff8032b7ab4ebb49675e
SHA1 9832d6b180161e82f677be79583efe0307404bdd
SHA256 ce311404a0544e25ee4d0197a2045f4d5ec9c3573adfb410a7040dca131f21bf
SHA512 c26c29d2dc6fce644942ede573470023355f0cd0e47089960123bbfbf652f9a96a0e9fa0e29fbdd1fe9cdfea0eb026affbb9bcb3dea26a15a401fa1b22b8e57f

C:\Program Files (x86)\TwitchLink\Qt6Positioning.dll

MD5 0eb730b738a5f9d5f4ce6ff8a0d52648
SHA1 510111d07e417d78d4bad5b455274ad0db7a39c6
SHA256 012a1ded2c3132a038feb8f5032f90743f43e84be58a0b4eae6f0b5c4a0c7f6c
SHA512 33c762090ca237461898a68f46151a09f19247fe39a4b3f65154d0c33a110298298445744ca9be3895f8ec1187c22654c2c6673280166bb1d23b01ee6eaa4db6

C:\Program Files (x86)\TwitchLink\Qt6WebChannel.dll

MD5 3b52e5a11ff37ece06d6353b088e4ebe
SHA1 321754a08d70fbd557b8abde0fdadd8eee27b7e0
SHA256 004cccf645aa0a9b564d8bdfdcec772f5dfe36007e22509ba769b3f648eb1a7d
SHA512 5f8bb5acce8e75a41319c1d54790d074d6a33d10642b9019d885f18e1ad07fe2f8bb5f33fceb2aff5f9af0c2b958219672b94ebdf55ddd9453007e96112910b4

C:\Program Files (x86)\TwitchLink\Qt6Quick.dll

MD5 0432e18490e6e2a4043d6db1011f5d23
SHA1 5d9a343777e82d48e102a9fe49e7bcb0cfd84589
SHA256 d542f1d5e5b089536f44b52c6e253cf0429b43b941235236e9993469f42eac18
SHA512 9a3b4a56157bf0729d814d49f37284eb7c59cf94c7bd22921eaf79e33cc49e64a3333c020c2551ef30cd2643f29c53b7d995e2e2d8928d32f7e07bc03703e427

C:\Program Files (x86)\TwitchLink\Qt6OpenGL.dll

MD5 d1cc2361885b548002b9028165718648
SHA1 8d5e0369cedfa506a0d8ec4c2af8c50efb5a5f58
SHA256 e6e6a4f153b75e0110ed0d55b4b5fd2bcdecca7682a6401d813df81102b7627a
SHA512 4049b7acb1c7bffe4713343a3e48c18108276ab52285fda1153dd9b723624d08919ce97fe6384b21f4809b96fa171c6b8b528cbcadfde1318de1d27dd14e5e0f

C:\Program Files (x86)\TwitchLink\Qt6QmlModels.dll

MD5 1dda1a3cf944ae16e760e632f83e7ca9
SHA1 47325681d9ebbd222a67449610738d8365fa8f2f
SHA256 3c1419b086520237284cdaf7db80b98b8117cc216068f8ac8d3da41c18dcf191
SHA512 4babfcbf428661d943fee23526a8e96f87c8e3c5b54789031f0bf7ba53d829f13f3b13bbb45003b3dab00ec493151d55469b411d508448d60e6bb7e4318168f3

C:\Program Files (x86)\TwitchLink\PyQt6\QtWebEngineWidgets.pyd

MD5 7c3da146668ef65999679b89bbf6194c
SHA1 154d4f24647099527c8d5429437620e4a2c82edc
SHA256 beeca278a3cce44fa09e2045318422b57a2f487079e3219759f2b2c918e186af
SHA512 46340da10f55dcd513e9560742157febb5cbd67b512a9cca2b778d3aab676ecf3459a885185dd48c72de8c6816324cb26916224a65a8085e53aa58eb96391f86

C:\Program Files (x86)\TwitchLink\PyQt6\QtWebChannel.pyd

MD5 b03b8307fa3ecfccde4777b8f28f35ca
SHA1 44a3022e552232b1150cc51bec66ab73c22829d2
SHA256 698e7891f5393c6d950840544472dd8af0d0605104000726267152bd0e7c0d4d
SHA512 3b590caf833fab646d1324dc7b84e6a5a25bdfe9b300f8f75b83874410bd096d45a53e486e9e0e962d9a6ffa2153db003f486b1542cbab808b6e8cd84ba03fb5

memory/5904-3712-0x0000000003780000-0x0000000003790000-memory.dmp

memory/5160-3722-0x0000000003590000-0x00000000035A0000-memory.dmp

memory/5428-3747-0x0000000003690000-0x00000000036A0000-memory.dmp

memory/5904-3753-0x0000000003780000-0x0000000003790000-memory.dmp

memory/5780-3760-0x0000000003880000-0x0000000003890000-memory.dmp

memory/5780-3798-0x0000000003880000-0x0000000003890000-memory.dmp