af998f7604cd0fb6f31c58cc91419c533a1bdd7a439481eabdf4de0c7ff69df0

Analysis

max time kernel
370s
max time network
745s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
16/04/2024, 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

birthday_hoops-yoyo-celebrations.swf
Size

441KB
MD5

61e68f2042440ad81b8097143d0bb1bb
SHA1

c61d235db8f97fdeb3ea6a84b031020259e0f76e
SHA256

af998f7604cd0fb6f31c58cc91419c533a1bdd7a439481eabdf4de0c7ff69df0
SHA512

3019bf765403098d7dcb4902d1fdb089b6b0f8019f423bf4850f8467051b7d6b6369dc5ab92de18b6ed3984f1cd23a3df93cb301a6dbf09a52851fc9ac4da2b7
SSDEEP

12288:Cf8yfOLiWlmczyuMRIXsgUPP6LmQaUd6eRCr9MHTL:6sZmcUoTUPXQaUd6zrQ3

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PhishingFilter	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 405a71a9ac8fda01	iexplore.exe

Modifies Internet Explorer settings 1 TTPs 29 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E6F56DC1-FB9F-11EE-9BF8-4A0EF18FE26D} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\DownloadWindowPlacement = 2c0000000000000000000000ffffffffffffffffffffffffffffffff100100003d000000900300001d020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "419399336"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe

Modifies registry class 11 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\.swf	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\.swf\ = "swf_auto_file"	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell\open	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell\open\command\DelegateExecute = "{17FE9752-0B5A-4665-84CD-569794602F5C}"	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_Classes\Local Settings	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell\open\CommandId = "IE.File"	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell\open\command	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000_CLASSES\swf_auto_file\shell\open\command\ = "\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1"	rundll32.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
2224	rundll32.exe
1124	SndVol.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2584	iexplore.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
2584	iexplore.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
1124	SndVol.exe
1124	SndVol.exe
1124	SndVol.exe
1124	SndVol.exe
2336	SndVol.exe
2336	SndVol.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe

Suspicious use of SetWindowsHookEx 8 IoCs

pid	Process
2584	iexplore.exe
2584	iexplore.exe
2500	IEXPLORE.EXE
2500	IEXPLORE.EXE
2584	iexplore.exe
2584	iexplore.exe
2500	IEXPLORE.EXE
2500	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2276 wrote to memory of 2224	2276	cmd.exe	29
PID 2276 wrote to memory of 2224	2276	cmd.exe	29
PID 2276 wrote to memory of 2224	2276	cmd.exe	29
PID 2224 wrote to memory of 2584	2224	rundll32.exe	30
PID 2224 wrote to memory of 2584	2224	rundll32.exe	30
PID 2224 wrote to memory of 2584	2224	rundll32.exe	30
PID 2584 wrote to memory of 2500	2584	iexplore.exe	32
PID 2584 wrote to memory of 2500	2584	iexplore.exe	32
PID 2584 wrote to memory of 2500	2584	iexplore.exe	32
PID 2584 wrote to memory of 2500	2584	iexplore.exe	32
PID 3008 wrote to memory of 1716	3008	chrome.exe	35
PID 3008 wrote to memory of 1716	3008	chrome.exe	35
PID 3008 wrote to memory of 1716	3008	chrome.exe	35
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 1420	3008	chrome.exe	37
PID 3008 wrote to memory of 2348	3008	chrome.exe	38
PID 3008 wrote to memory of 2348	3008	chrome.exe	38
PID 3008 wrote to memory of 2348	3008	chrome.exe	38
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39
PID 3008 wrote to memory of 2980	3008	chrome.exe	39

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\birthday_hoops-yoyo-celebrations.swf
1⤵
- Suspicious use of WriteProcessMemory
PID:2276
- C:\Windows\system32\rundll32.exe
  "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\birthday_hoops-yoyo-celebrations.swf
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of WriteProcessMemory
  PID:2224
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\birthday_hoops-yoyo-celebrations.swf
    3⤵
    - Modifies Internet Explorer Phishing Filter
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2584
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2584 CREDAT:275457 /prefetch:2
      4⤵
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:2500
  - - C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\birthday_hoops-yoyo-celebrations.swf
      4⤵
      PID:2296

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5a39758,0x7fef5a39768,0x7fef5a39778
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:2
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1560 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1476 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:1748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2184 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1988 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:2
  2⤵
  PID:972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3236 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3496 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3616 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3644 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3576 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3524 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3780 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2496 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2020 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2812 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3520 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2784 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2640 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3788 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2772 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1708 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:2732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2824 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4068 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4208 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4220 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4088 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1288 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4180 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4120 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:8
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3788 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=2028 --field-trial-handle=1284,i,1621582782902894249,1499143068665544953,131072 /prefetch:1
  2⤵
  PID:2600

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2440

C:\Users\Admin\AppData\Local\Temp\Temp1_ruffle-nightly-2024_04_16-windows-x86_32.zip\ruffle.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_ruffle-nightly-2024_04_16-windows-x86_32.zip\ruffle.exe"
1⤵
PID:600

C:\Users\Admin\AppData\Local\Temp\Temp1_ruffle-nightly-2024_04_16-windows-x86_64.zip\ruffle.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_ruffle-nightly-2024_04_16-windows-x86_64.zip\ruffle.exe"
1⤵
PID:2800

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\UseWatch.vbe"
1⤵
PID:2776

C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Windows\System32\shell32.dll,Control_RunDLL C:\Windows\System32\mmsys.cpl
1⤵
PID:2000

C:\Windows\system32\msdt.exe
"C:\Windows\system32\msdt.exe" -id AudioPlaybackDiagnostic -ep ControlPanelSearch
1⤵
PID:1444

C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
1⤵
PID:1264
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\x8gnxeto.cmdline"
  2⤵
  PID:2004
- - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES9030.tmp" "c:\Users\Admin\AppData\Local\Temp\CSC902F.tmp"
    3⤵
    PID:2412
- C:\Windows\system32\reg.exe
  "C:\Windows\system32\reg.exe" export HKLM\Software\Microsoft\Windows\CurrentVersion\MMDevices "Registry log.reg" /y
  2⤵
  PID:2832
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" AudioDiagnosticSnapIn.dll
  2⤵
  PID:2056
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:188
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:2516
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:2040
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:336
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:1640
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
  "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /u AudioDiagnosticSnapIn.dll
  2⤵
  PID:1112

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "-1052601463109858446134112693620348372016016749371110855722-1715017327-348492345"
1⤵
PID:1200

C:\Windows\system32\SndVol.exe
SndVol.exe -f 45745309 10698
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SendNotifyMessage
PID:1124
- C:\Windows\system32\SndVol.exe
  SndVol.exe -r 45745309 0 {0.0.0.00000000}.{9f5f1d05-f3ba-47d9-9be3-c7deaf25b448}
  2⤵
  - Suspicious use of SendNotifyMessage
  PID:2336

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
21b28b50923e48dc10e79ca35a0675f4

SHA1
220f3676c3954ff698e112243e45903b9aa87e6b

SHA256
60db97a3afe8ff7eaf94ea91ef65e4e2e37a37242510fead1ea240568a11bc43

SHA512
de9611ad6f7dc739a87c7235d73b7d9c8d44e90d7037022bf15796040d24556d6fc69d3df2e55f73926753eb4d8304e490105e5a14bd7c55112cfea4e33a76fd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fd6d4d2820f62c1684b17d7a4bb5137f

SHA1
b0fb0f233edc869497d4bf000d63af8537ee87bf

SHA256
781b367442b58918171693f6e38e26a74ec63910fc0e965ceafaa0b04f519b85

SHA512
442e76695a78efa1d5a6ac9db0b05fdb60377542d2047d1b702748b884958932edd7b24f43d5a5effe008ee17d218b61ba5542b59133288031a7e9e71adec632

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
900ea41bfe0e8a4b092c63a51b8b1b78

SHA1
3f86c2b8b4b3b955be27c0bcf693777781ab9724

SHA256
a8e50d38822f0a3776ed758b05a08e22dc1f666911a3de6a500c94b0ea00c663

SHA512
3a4f743d24fdcc9bf4d6892190b592cb6e8c14245e1b822f35de145149d59bb77721f97e1989a6d404bb4322501c505f0abb2117969dccd073440667893deb26

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
0e0d63421d3ea76759d13639dd7bffda

SHA1
dad24a0b4e503f1cfbf78f2b13ac80816c886698

SHA256
a2930fa83093aadc978c3301d8bbd57bdfec461cf2e225ed76fd053d8fb232cc

SHA512
6091c5896ea96205e0a5729fd88e658fc893e7bfebd7bb1e64c3de79c0575695bf7efa75256790b3c902c9871440690667a3d33b435502be22df1d884b0e40d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b85f064125bcfcc5b1b33efedb1d6811

SHA1
12bfa765dcf4b9325b1e4c4739e48a1cc6270bd2

SHA256
70ca3288826bb7c5524e192b7ca63372976e23ae17a37c5c7dadccc66cc70bbd

SHA512
6dc2e5f9080d6b354b20a8862f8fd7bb1d7c6b23bb45b86442c7dc0ecea5e9e03e65eecfbb3634810412053444df7e53d17a1a8f7e2be6f22c84bb82b0183036

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
75e18911800b7f6b4ece24e798a834bf

SHA1
d10b143b3049dd39662d36bb3360c5ae0c69dc4f

SHA256
87e70395311ac7334b0aab636c0a4532ff74cf9898a8c7d3dd74f0a5a5c1c2e6

SHA512
f3d07bd2eaf0b80f2cc025c49d0577d58be810060d14418bd15afc3941807a8a6cd9b911ae87816f585f2115a6f2d2d7b5d661d8e094d27b8adbe5a0b0b517b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
cdc26289437aa267146ce3d716ec9b4f

SHA1
46a6469d766758dca014b9dab5f12ec8b9568410

SHA256
a4aac82d381067b9696910d1ae64c94e1597c8017ce8bd3df680dee420fde548

SHA512
3ebd52f56da174780305a5ad36b3b9871f1ea80d5f724d538b32d9c0909e460d2e096a4bed70d9c7313b5f953705cf20095a96ee1b6ee68d4d28a7d15abbe14d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f30b9df26f655236006fecbb307203a5

SHA1
11dfea93f96826fd11218453ef5bae6f4c1f639a

SHA256
8a8b4679bd76c8490080af6394d94e6209d5f9115a98c1ff8ca7e7e915a5a3db

SHA512
e173d3a578e9333ba9a2ad9da4bf067150b695ac01b7651c2e4679eb87329d8e7e726bbda7ac2984400873301aef2b86b92c871623f7adecf456aba8e36fca10

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8ea2c8d465861e6b27331d12d7d13e6e

SHA1
185385943e2e3fe916bc993828e3c30b63cc8706

SHA256
4f9a2fef1da7e04b27ed9ea17d29328a7ce37cf427fc9c9f401ba427b99c5427

SHA512
93f789cafdc3704466422cf0d3e40897a6b87f1ccfad23e0e7e49faee8eb4805ae47afeeca8b72f53330703c5e731863291f4e5f2baa337e39cf7a8091c32549

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
3ea6c365eb365cebc59e775ed57120f5

SHA1
05ef0bdb3b3d2ff910274b660d50556dc54ca7f5

SHA256
d48dfd963a6034290fde5410192d9809ae50562c5e68827bcb82a1c87c8ac175

SHA512
e7fc53260ddf099ab9e054fdeab0bf00bd438a2d9de21420a8031ee8ad94c7d22cb290fa60954abb92c1959b7d3b8cd4e8f24317ee190715225c82c643a45d72

Download Submit
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\2550435360\2024041603.000\AudioDiagnostic.0.debugreport.xml

Filesize
8KB

MD5
fc2dd1344581b806fa02d3f7443575d0

SHA1
11ad9c6e4a4131c54a0fd66ee91ca4ec1a4a2495

SHA256
da4528d9aa0528427b423b7ba46738729277f5e3b569b68cb077cac80fbd0b22

SHA512
d01be86a88284d51844a685a1f55b7033606221b148bbb9ea8e1221b74ab79781378aa0558120c8171642b72258fe5d3dd55456b5c6b99fab4ab55757849f77e

Download Submit
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\2550435360\2024041603.000\DeviceDiagnostic.0.debugreport.xml

Filesize
1KB

MD5
bc5573fdba623ee623535521d45d6930

SHA1
98e4ff422dd127aef8c244dc2e38ad9d210bb6ab

SHA256
bb14a0374ea7cb5d7a90455fd76129cb42175816a0a93c5fc3d6c0c031fb52d8

SHA512
b66358682934195ed4e9418353896b4748e8de4e7261de05295d91e70a1d9f5a958123f2abcdf0d9a66084355870c18d2979111bae6a7cbabfd4ff88ecea6c98

Download Submit
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\2550435360\2024041603.000\ResultReport.xml

Filesize
11KB

MD5
d14451eeb308589fef2db46f53b7c87c

SHA1
c3d0aaddc39520c6971fa830c75e4d50211462e8

SHA256
dcedd3fdc08427800b24a022f1928da4b27907df40f7df9eddb616e2a0ca1b98

SHA512
3502213d4d14c5018c75b34cb514ced7de5b8d4e7124d4ef4b1c45bd4c2570034d6138844d24948a9e8b128698c3cbf437728007c725a830b87e2ad046222c4c

Download Submit
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\2550435360\2024041603.000\results.xml

Filesize
312B

MD5
38d0c44041777ef0ed49c7ce642ca2dd

SHA1
f6e0240383650fa857cb071684ed588d55268dcb

SHA256
af9005b1fc668e430ec985bb2fa9955cbb7d3675c5033d72038fe0a751fca951

SHA512
5f9db855059c756e5b3b802e5aba53088c1b07f0acc2a11069773c1860e3e86b44210fe03a0a6722acc5f8c3306c3885c6af84931aa4085126dfee520fee6054

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\063926a3-1112-483f-8a63-23d15b069bd1.tmp

Filesize
5KB

MD5
82dc1983a5a8557d5628e4937e62661b

SHA1
b06601c17fdcf9517bc6fb1993c3bedc425ea264

SHA256
980a97bcd8fd9ac56420faec04d73ad496e571d41f2fd891d9e71170d1d25e5b

SHA512
9e7348bd09aa01962b3ec12cdee4721722c80291fb82ff5593f9be580fc19cc9cd170094037ae30ba81714c1a2c27df3cee671774b3ce2ffd714fb7f6e42a45b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\386e5c0d-4422-4e7f-b5b1-ce997cee54da.tmp

Filesize
6KB

MD5
db28249f168ede0a146d6b12afcd2f3c

SHA1
537f224a17c6b5f230e2948862bce96c136b694a

SHA256
e5c76e736cec2eb53284852410e07232368cff39ff10eeb9aa819e8f6e153180

SHA512
44e2b7cedc71ab9b54ac2699bafb24f7dc7ba05d11bdb85cc6fe55516107a4d67114db2910b80ce0813e40732a3d067fcc4b00d356d1eeb640c3e048a025f5a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5075b519-7eb4-4f1b-906d-67b5a2c8c045.tmp

Filesize
6KB

MD5
ea870cca55ebd660d3a8cc8d586d569c

SHA1
8b9ea16e4ed1b8ba4447a95de5980395e93ebc66

SHA256
1400181edc1b1af14ead4b85bea16f0d6fcbc8723296ea57e352ca89dd712b21

SHA512
2e5cd7358596e9fb35bfcafe37eb5c3b4ce770b22dc7da3abf257f4be4d3307106b57e90d6c232a3f5787658f6a4702419ce9ecf1afa9106f74fded4f8ce4f37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
259a1fc5c08d8105a96d31bc6a2f5690

SHA1
43e7368f8afb5a58816fc8c8274cfad32a8f4b0b

SHA256
7421dd44c11ad528211e612feb80c24fd730ac1232bbc62dacc2f9b33ddaeee6

SHA512
5a7ebeaa33d283a80fa1149c27e11f5cc0babea14890bc1b97d933e2a28c2b62627872e9598ea8d87a4ba98a7587401f33684668612eeca4aa8e2168301723b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ab1e72f1d4a1d4327dce9a109117f32f

SHA1
35d69259b9d822008f83b724ca53c14306dd564f

SHA256
b34ac533cbabde7d33b227db0c5a63b9806e007197f8584d10764af7e19aaf47

SHA512
5096e24b36781cf795f339267b04856dd8857fbcd66c7721e062c4dd9ec90508fe184bf8a84242c0bef4327f0c43d996c29a2644c42041d793318b572ba6442b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7bc562.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a614c8f515d4f71d227b9e2859be4b4c

SHA1
b66cfd68e2023b03da00cf6b0db1a7ea51e85ea9

SHA256
077702bb0f82528384eca05794b27c4ff7b3f12cbe7ba4e1b2d760ad587b3e0e

SHA512
c94362a4e19f63fbae9866fafbd454da174f304894d03d38c7f07b3455b885bcc1e8f48df9a92996f4a312c3115c377be560b121d76262327c708255802d35d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
94293147122f2882e722f0ca24f8cc73

SHA1
482a7c2e0b7508b893ff408001ef5ea26a26fea6

SHA256
607bc16b9a13a2ad60327a7be0f6a80c65dc43f505f668f5db60d3b7d04f2858

SHA512
c3e9396abfe6eb7b88daa2393587ab9dd07afde6050b3ddce731124bee0f2b8a547e280dac668d9c2b1af283f6ae71acbd3216779a6b4d532afdfb16a5da08b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
623a07b9908333d1bc91c55cd6dcbeea

SHA1
c8d5f634b5914f3a7e6a16715afb3abd6a591fda

SHA256
625f4060b544e6ba1d18306a545284593f29cd114a7a54f6df555904dc881822

SHA512
098acaecd412c360c9b6e203949ecca7228147034fbbccf790a8d4ff2a650eb9757553f4addeac273a02144186c1a0f8c654d7e6eb3fe67a6fb12653e8292cde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
4762cb0290e457a647d3ece65838412b

SHA1
0091aa26018087a21a04fa25c69361d638e2f2a2

SHA256
bb860ac12a294cd0be7d5a712bc115cbd637028fcd8ec5e9c817ed290e581c1e

SHA512
bf4e58678dfe21f3ace3eea1d09aa1d8c6f60a0e514cb9a4c68f476a17c3b51ca1d0ffd9516383df0cb1dfb0f0ca9aab7a47de7a09135e67424044710db35276

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f2b5b13657efdef98bb9c4c94801f5ad

SHA1
946bb21fd98832fd48df7432d76add3d56c45052

SHA256
ad899375dfe74d26de4828eb92f6862a7c289ddd7171b9c3819acf3cee45a33d

SHA512
5958e7b881dee78543c5d9ab3f1423e61a722ebc60a31eb41cfaba2a5d7f27bb9d87d3a516ae7511b74a611f3df1d8b0d91fb0689c973db09ba37f644bad64d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a2cccda1213fc6ed192c72dd1487f8a0

SHA1
7551370e614e78671ad72f9fd9d3854d70800bae

SHA256
836b2f76e7e1dcae18ab35d7890c1a78c5d1eb618d31f023b979996a670542b5

SHA512
b10726b38b31749696a5f19c8ba2b376171f6e860cf04d1abafbdccac383a8fef8a5b9d50c4c4249d22630fa6ce4e414f6915a8dc7832f924f3cc6034ff8c528

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0bac19c6e05230ba1ef4000de1fb4997

SHA1
cad19ca4b6be2549ffa094db16543965cd42fe67

SHA256
f1822db4540a46191e84ec2d8b6bc6d3e5c88b29568d9f71ab67480083001ba2

SHA512
232e0e66ce997cbbe6814c19ba7364810f83e24673dcf898ee5a75c6dd0b3594a8dc85b2825e278fcac1d810e6304191b60ed0d77de67fc619f9fa853c65df09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3df5b8b3663abe9362c216c7305eddd5

SHA1
68aafff1c1abe6c3faaf4262db04c9e2d9cbccd5

SHA256
2da25f4c73ba30030ae3015cb1d431cbc3765e638966bf3f6638bf58f7602d56

SHA512
c365d62d13c949163f137bbc01b49cbf00e34301fb0fe3864e0ec16b1c267dc10f1c16c1156fa9b23523dfc741ccb5029c87dc6a865075d676c6b4960eff75eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
2653fea0c5e2765d2481bbac85140ea6

SHA1
b4856c4b24d2f7c1699fabaf404bc242cd16bcad

SHA256
116ae3ed6d94c9e4b8e78ca8373fe8283088690ac5f5c8b2abfcd70ef84aebdd

SHA512
03f9783bfcb3dc92d10ccb330fe740e4f8b0a091be7541f9c844bef0fd379ff29216e9ee43939a3dbf399d1dbbd226281a88294ac29bd1fc6a1d1915af473f8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
1ca4719797d5708035e0dc81005e45c1

SHA1
d7b51c9f91e727f7885bd5aa034867b5c7351fa5

SHA256
b365d6bf23bcf1016a4985b1cf09a9dcc1eef9571cc34d4619b7135b4d1851d3

SHA512
9d0296946d140ead77ca302dd9f727dc3053d515f056e969960fdb0386ced63e5106125957d3d78bf18bf08baee3875b4840bb99a7795bcf9bcfa5af4127ff0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6de1f1461ab5904756db79912a5e8223

SHA1
507018eb04f5aafddf85ea767833b7ece3227710

SHA256
ef92f1d13656607bfcbe289f794bdcd1b75359db372440429f3c7a36c5f2b258

SHA512
15f41cecb400600d246e07c692258230f1369fb197ae01257891794c108974a961d537d1c8ca11f977ebf41389a3359c67920132a5c30ace41e536d9c72e6b4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
994f1ac53a13f7ff5546d66d9ee7c0b7

SHA1
cf3e28f57fc9d107dda36c20803269e67f4b9760

SHA256
43ba8f5a417a6a5f7a7cceb3fd8a0fc4944e2c52eabb6ac1447d9abce6c689e2

SHA512
590d11a298bc2bacea88a0f2e9d653741c3464feb4f5a2dc7e81198360d3460e6be17205c17c7902f37ad576a1fd2045fd05b7c5663beda078d48d1a2981bd92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
f3fdc2b76ea6cca337c6aa7383452b90

SHA1
06c5e8ac453a6bcfc295059fdfcd520ddab55153

SHA256
cb1b972ccf07ccf4991ffebadd4b51c4bd8a86dc9011ac442af0897edf8112bf

SHA512
d5e84bd661863f9c23e42d7bd41814c5a0c173dedfa8213cb2769d34a12619a34d164bf47e33daa288af8ff4a2998a6fda5c7aa5c88446b797b22c9190807c0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61b30b9f0cba11ef44af7197a036b567

SHA1
340c781c950fa958b69e4896fbacf63197ff4b87

SHA256
017d420cea14eb6f66b90ee2365b4170539e825c5f785d2acb5eca23782e90c4

SHA512
60fd5477781d9f69fb54e7ff06810fa1e0e0619f0c0c2ce3b4f415f817302bc231d7088df3f1bf35ce56bf5374ea7a461cebf7ff873c5c6a110eec06836020fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e2d1b28a8f038bdb5feabf90cf5aa358

SHA1
5b642fc26bb5adb439ce5498f907ce57929247bb

SHA256
9d0cadaa59b78542939900f357eec7518f4d79366e9d8bf4082820780484e73a

SHA512
dacef86d3213de98fd528165d2623a0a1d48a261803c8a5ee9dc2a0f313f0379e13d7f1bc0576f88e947e691cc0248548e043832afc9708c7a6d971ead0f88e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3b5c68c3aa18b3f823479c5a11a06e92

SHA1
5875de78d2b18f838fbada73823d77214003fdc5

SHA256
400f18ee96fc3d13d6b12a2778d59af5139f5cea274705c46b6ce7102c338500

SHA512
bdd10afaa66e403fd555d1a0b6c05e616b9805f4ed619808ba90517e029e429201d2a86e0711d27a611a6937a97009476c9f04511b8ee47e0b03b19a76edcfde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4177d74f744d0cd61cd560497f518028

SHA1
f5cc89745842ee75a6caacebd0026c0397e524f0

SHA256
bb4edf2ee4d08f65d92a4d54f260f1ffba634e0f5324b31958c373a2edd0c670

SHA512
d51105e265ffda0226fdb5b778383eebf8ac439f777dcef7747cab5712789b735531ae49449bb706c9956581a53aae26107d473c1fc4c9b687de66f3cc9213e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
84f313f97a5bddb54daff56db973fad3

SHA1
38e8ea29e8d85ed804aff1394b9ff329047ad7a7

SHA256
97bb4572a889f28ea3df089ff364669649ad12184cf9b1b8dc63c374179dc921

SHA512
4a8066d2dac3ac0a86e9a857da0f8e933df70dc8bda961339aeb33191c34d5d5a5cb49c798db9d91501427e039205ff2e23ec0f0246207a05e274b64e90f86a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
861d5b3ff80792d6b4edb853c73e6968

SHA1
42c6b4d299b1357737c4b63cd8f08164d97d381f

SHA256
a5fbdc3ad637e3a2da447a60ecf8a8de8eaf61152a3e7d03486f2f5b5971db0d

SHA512
e017ffb5788c2d80816e2933c107d46c4cbc15fca08292fb7e14db03d87c68656d2480db1e565be3e0d5e68990c3725e4761f738238fbf5b93038efa46ec8ad5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e9bef699eb4a8b716717da009abdd44b

SHA1
3021a786f4568b31bd983efc20ef858accb7df91

SHA256
1e884619528fc7d560f0f9abb1091610be73f75af9c378b9bc40d3958a480b17

SHA512
991164742a731fb0ff8103a38359670a7f54bbc97d7c0027efd538b5694135c53bbe08898260bae0674cf57b24d45a8d5c9a07550bffb6cd408b041907dea5dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d0191ffb8da5ca0dea4c8f39b56780fc

SHA1
ce69d744c9e7206ac78a25c624d72198eb121e53

SHA256
2c8c312272963672cd71e106f83c1331c1ea2d42babd6d0e8998024c2672df78

SHA512
f2bfca8bb6bddb473d95be69488c45190efef0a682345c37344ec00c52d2b740d523343d10544c1c96070ad9ff8b004b234ab8af77ad304443e5e53cd6408e30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
96e8343143b06c5250b79d6e5df1aec7

SHA1
aab17b88c7afa9cadd7e2e7a081684e9995142fb

SHA256
7b5e9f253e49b0c4bff4390ddf09ffcf28b918d7210ad00cf175d83238dd80e9

SHA512
cd1cf77c825fcb0c09b5aedc467093b65b44ce215e0581a298fce4df1f14ea0b047dccf61dc8806aa7fc8b06975732b78608aeb73f92792097e7f94c9b5e1415

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
ab3ea72af3fb54f7ed72a3c0c6c41b5c

SHA1
3b95074ae127cd8226a9dc40958af8a9c21a20ea

SHA256
e4f72ec27abb751a929f117f2c0ecafb854ef08c0f5ab0839ef998fad10fc810

SHA512
388e043a1d9992f177658f26cadc2d989596b00a34e77ce8acb0fa4f9bd50222b6c082a38ccfeb9b8a592b7e812ca798b6d32cf878b8799fc576c23037c7dc01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3008_758487979\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
71ff8a98c8549a7c286cf22bf449ab7a

SHA1
9e3f042c2580c5e847bf041378664e5ef26048fb

SHA256
37d015fb0d7ca722914f814a0ca5378ce74d8f640651307481187d38313cd6fe

SHA512
d30903cf0cf690d3f9abb274dd048ddd3840c972eeb67beaa6e2b73588f3206b3c5275b053ac9fdf2101062e3dc7fde2c63cbf8f9cf45480cc44707f5a03d478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
2c593b9ed7771c62320e85380deef5d9

SHA1
619c4c5b632be96630b583a514acf1ed89fa2e20

SHA256
264483cc2cc1ccc2464f47d2c716ce0bb6e2c6f4a34886ac49d22140eb7b6547

SHA512
d59a2fae35037eae9b939452724b970cec0d0aee899413c28bf91606b18d03195a411c6a9223b23230832b924262f069975ba9da40d575bd4f2443b6553d0fae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
b64e7761769079be534aeba78b58a80e

SHA1
1d292e40a9cbc04fca73f442356f60df3389ba62

SHA256
8bb6c77182d39bcb7fdd53aa3d9a9dc98ebb0499ec61e1e6e954da57397e755c

SHA512
0ff4612d4854b182550cf6db6f8d7604f38c20387b70c4ef25b363bb77532769378a93625db2fa300514f2de024254efff544b8f771fa92dba1fa74e6a1e6534

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
83KB

MD5
4cfd2e3e46141274912ee1d04b1fa5ad

SHA1
fecdbb8dc636790451acbd4385db25e2be461878

SHA256
7dcb5f2e461d2976d213df2b656fc51b4e3b94b69be40993a97946bbc21a4976

SHA512
9de921032090a5dae066acbcce85bbca11215364a49c27a0828e30c41c2353c7925ac6ab6ecfde9611d05fc8d4b634ae4c10e6f2f3a5c342a4cc7a2d0c093cc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
75KB

MD5
2d804f25a7e321edbe4e420ff47edeab

SHA1
cc66a024981a6a05e1773c5c19347a5acc449a09

SHA256
8ac3b2d9c4a3c2e1768752a17e613bced68e3414dfa54e04b5f91c9bcf40a824

SHA512
66edcfa876ed84b6d1c1a62d75d2e56bb9723ea988f49c4fd25fbca80c9f4c774e30b232a01287c6f9d4e76407ef29b9dd532718988d9a16e96c1ffb4303aef2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab3758.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\PLA5F86.tmp

Filesize
223B

MD5
3b29e8d21b72c3266270cdd54c6e3f9f

SHA1
7d5a22837bd90c7406dfcf0a6b3e6f7c71d8e5fd

SHA256
8dd2788e8dd93a9a308e04a4634ea8417b740662d40c2fe5813d8377c5bf28a8

SHA512
7edc5d2f95f1af1c11cddd3e9510f830abdf529eddf5ec349f8a657faeb5e070cd85dcc1dd6059ede068b86c619ebf122368ad9c955335fb8bfa6ef429c30e50

Download Submit
C:\Users\Admin\AppData\Local\Temp\RES9030.tmp

Filesize
1KB

MD5
2cd9b19c62bd21dac0a51c09fc459cec

SHA1
4fa1a366e7f23338ef247d610ec765a669fd34d8

SHA256
1e27e25cc997c66737cdc9127cadbbc1bf43a5112232dc304c6ec0cb919c7086

SHA512
e9aacdc6ccba897ae79b9ff91b8d5bfc0a58d31d112dddc04382e423db07b2bb6b1ec44b5a880a8fc96d71f80395dbe2fb87687a107092a16e1b92d89a94bfa5

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar3839.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit
C:\Users\Admin\AppData\Local\Temp\x8gnxeto.dll

Filesize
3KB

MD5
a89b42bc0790dd17f88bb211b9e4ff44

SHA1
a9595e0ee80ea206d1c7e02f9e4b119d2d404ce2

SHA256
3c52a0cdcd77d8c8b86a02ae26b33ea603b5cbd1d1e0b8e0eab133b1c9c213b3

SHA512
13ec9f581a24eaa8219ef933fbdba10dc7c9d2e5bad0ac03de92968e379bf2ed422e145e4d1d78177a15565341a26d99ca84337e3ab249837fd8274426d4b2bf

Download Submit
C:\Users\Admin\AppData\Local\Temp\x8gnxeto.pdb

Filesize
11KB

MD5
23a1dfafffb8e9782d1a011b25d65c8a

SHA1
ed8c21eb4767081dfc558be8b46b109e46d1bfc2

SHA256
3665da3ebea25a1b27ed82de7588b72a06e2b2901582a3f9ad58eb36f9f127a2

SHA512
22095e522284f1a9e04cafb8dc4fc693b74367825a7af630d97fbd7a7052abd39bc436a1c7c2ad565eb40c8bb5e70471e8073df378be54b1147ddd2dcd299bdb

Download Submit
C:\Users\Admin\Downloads\ruffle-nightly-2024_04_16-windows-x86_32.zip

Filesize
9.6MB

MD5
2030ae22cc730f296846cd66c9ef5475

SHA1
ca9b350348f66b95de421c7b93c56f1374de6d3b

SHA256
b3fdca5e26c2dae77f57e83cf971a7c8dfb232f064636337b80ca9b53b12f5bb

SHA512
f61c53ef621cfafbfa7f2bafd89f6774d98bea4ce20b3a8e7f1f26b3576aa132133433b673d7705ebf7cf136eb810a79a743d31bc7fc07ddf2d5dec9310c62da

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
4KB

MD5
eb38f51f1b8a5843e7fade074b3d2a21

SHA1
bce7ce55dbefea2c5cf1f2ca051b2888260cb5f5

SHA256
72cd0d0c18e61ce7f72863b142cf52616a4982f5b7a831f1ee2664e245111486

SHA512
9d25f8293e0e0506da6ebcb17e93706dbb6c2ce1c8b25a18c95edb9443f7cf53f35139098522a186748e495a26ca54d84ca4cee6728d5253f827961f9e80218f

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallState

Filesize
1KB

MD5
9450b18a8f86faffc765bd567b89f521

SHA1
52acd08c64339977a812dee6a3d7d9abe0b296c8

SHA256
d1189d9132ede992b0e052ba41e4834e6e25b5c5bb8359742221c1334f15f477

SHA512
110dbc146b72268f8c38ad99243e12b23ea025093b24ae3e08517e97ea3a8c626d44457ff49503d5854c349d5fdb0181bb3839044142b6ea7f9b4287933e6101

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.dll

Filesize
28KB

MD5
b4da01738538e1e8de889a1d5f2db08e

SHA1
9ed6c8800a34b62be35b309c4e7e03d8ce691d71

SHA256
fe9672f115437d9c77dc09a7c6605dca63ef718e6ad082aecd6dcbe6f27f4526

SHA512
977e35615aad016336af4b40d3c7066478ad6bb17c8a67ada6bc3ae497cb4bc2e9f340e83eb107aeadb479d49626fb888055a39cd1c9fb2a8f4bc36bed4517a0

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\CL_RegSnapin.ps1

Filesize
848B

MD5
4b653c3126f5e3ae7c75bbcfccfabfe3

SHA1
e5276e48a0b73b5f3946e2cfd305811d952db690

SHA256
980ab436e3db22ab1efd665147e6b1165a892dd75dbad26fdeee6c76d1d9ea8d

SHA512
4fee81f005254640d9489626f32daec49fb6b5b892651cb318e89acaeaae3c37e59bcb61a7e691a429d1ea2fc5a2f1dd4ba9105578b7b132f8677663d5f6776f

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\CL_RunDiagnosticScript.ps1

Filesize
384B

MD5
46fe69f4ca3faf3e393a0a8426ee1bc8

SHA1
3abdb4dafdcdf6810185fbd194db5fd4036ec401

SHA256
4025becb8ca4749e812722a31ca1089fbd0895e55333c05e19756ee0b9be7deb

SHA512
16863d3bfb061ebdfac6f88a4569fed495b73d9ceb17d0dbf120676d23d2dfeef7969af2cdba2f6661bde4c727e6eca129e0701150c9d9e2009086571c996422

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\CL_Utility.ps1

Filesize
5KB

MD5
82fa137ad91e267324111dc4c4996fd4

SHA1
31b11f2d412c41d0d4c39ddf31a962be5aef266c

SHA256
2478db673cee49bcbd8fe781df0db2be3efbbee091d8577820c4c3a8f0a202f0

SHA512
8b6c43262e0824126fba85e08b162cfc5611344d4138a34288b1e4cc4be74ab5217f80fe9899d7ad3d72aa4bad7635986c5f0185fc84f59da60aec56514e2864

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
1KB

MD5
9c7fc06094b3c335af769ace2fe3dc20

SHA1
96930a18fe8d82fbd879618f4c2670d8ef1affff

SHA256
87f8fd6a7e06683bc07cde0fb7e61dd29f3e52671b78d93dd2d54a38ce61f6b4

SHA512
2e929f4828c7c2d94deb9b5160c66c46955044ff8b202997166a09fae31bac4e38904af767e7c594db5b65f2121c097697a694cbe9d11897ce6c082bcb578082

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
1KB

MD5
00cc284e73aae491f303de6841931e49

SHA1
f50a841a5adedd7c5c4a8ec7bcb7e66eb8f51dbc

SHA256
578e085bca37fd22206d6ee9d8b404ba187ae7b1b50e8939c3eeb3b82284f0fa

SHA512
6c5111c05b0f627c9656fe8597f972eb1918a30ff0361468f7a92db9b02a9816db0e6337cbc55b6284c9c5aaab417229fbbb95f48fd6238358669605a4e75b9b

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
1KB

MD5
cf57ad981a1e74b5ea3a942f593fe89b

SHA1
b5fb3bd8ee12aaf7b4ffa6be04a93b9289e5a225

SHA256
e77bff95b2011374aa78009be28a62f36c653805dbb9b3ceb000c2726558f0af

SHA512
3cc89d33705122115c992c91745238ca224221a7fc489c439b19a401843d923496e33fcb5f134af93531c56029d8d4dbf52eaf2ecfdf0d3e0e2cc83bde302468

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
2KB

MD5
c345d4d159090638f9cbbe054c4b8209

SHA1
e94f8b4b4ffe0ae1db5749e4ea640315be66d0ca

SHA256
9c5b7c3add76064d9b750fcf1c65579a2fb81edf663c6fd542be9a0c7297c9d0

SHA512
66cff9331ecbcf1162cbfe4e424236f1b44f2126c700092910d2df28fb070c99d4613d5651a75fff3fbe7439bf1a70af352fcca8eb86059324fdb01b84501c5a

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
2KB

MD5
1309ddc9c48f7e00f877ed6978f28d1d

SHA1
2d492400dfa0e736fcb17234696c5b8671f4891f

SHA256
ec8af63d14c2824b7dca512fcd4980c85a347ff9dca2f58e25ef4ea8a24ab0c3

SHA512
0e0606e3c3400ad6ccf67c133b92bdc73f511fcd5435a8c7f6e427b6f9815ab1825e8f477075fa6e84d934a1e35735f08226fd317f6cd020d182034df3824cb0

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\InstallUtil.InstallLog

Filesize
2KB

MD5
f69f0938bee40fb05695e607c237e046

SHA1
a2df52892d3671ea83b45d51f8ab98605ba6591f

SHA256
b7d7050524bc5fc87583b87ab173811b47ae2e69024214f4c693cd3d92248967

SHA512
803bd815e7905199c3a7e4d53965d304ae8a72b8daa0a50bb69dff76c504d4de1408d14d7f899b6f3e86fb1a4025975da709932e3d0e0d644f4a2fe7c02a847d

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\MF_AudioDiagnostic.ps1

Filesize
5KB

MD5
a3fe5ec679e4a822c0612d7bfe8dcff2

SHA1
ce3779d19e8ce418f6e8bfe6b7bf68476ac24b14

SHA256
f83665873b0a9c5a4491f9c837e008062bbdfacffa6bbef63087de5e19f8aea4

SHA512
00c848fd7caff7ed2c1c05cc6e7da97875f20ec7cd0931165274133ddc0c64b8158f182e3920f6fa172d7e4257630381f4bed462365851bcb4d919175139a797

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\Registry log.reg

Filesize
44KB

MD5
1b8a98a0ea90260301630e78153bbd75

SHA1
8635a0adce01bb65b697e9bf29c50f7d081ad100

SHA256
c7343c6397cfd9f3a1408c8134ea24c35793ae3a74ad2b0949b07f130aeca6c3

SHA512
fb7e341dc1d061dd89f5b8e74676c9396185cd2ade7dbd097f9db883d44733addccfac5f5c23fc18d4e80050a64bafbcab4430fe3485cdb0b0560fb0cd12c9e7

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_AudioDeviceDriver.ps1

Filesize
832B

MD5
9d0eb5764a0c378c5615ff647722c934

SHA1
a22e6333b1c78d903e50de073bd265ca035d5ff5

SHA256
4246fc13e719f0b1c72c11e06d694798a21d6b917c4327928bf5ee59fcbe150b

SHA512
72cd9624f872ea09ae3fe1033cdf4a29fe1e463833343d7b26a876e22db0ecbeb975c553c80a099124151a4d315f97b4ac53e1a736483758a6844737f5e5c70b

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_AudioService.ps1

Filesize
942B

MD5
44a575e5386d069bb4a1557a28359f51

SHA1
7550b4030c9e652d9d0cb9f548c9e326dbef21af

SHA256
3d45b4aa8b76f5ac37a91d4acf91418a9883d9347e55d22584410cdd11b596de

SHA512
3f3603b153b3bc0121e6e8dfbf403ba11a878e0d426b422af3332d839f61317bed71c149cc52d026455d6b79470f8134f2f6db7c844eb760bbbe28c3bf9f5682

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_DisabledInCPL.ps1

Filesize
1KB

MD5
cefa770be2721e7f26ae324aa298d03c

SHA1
b13bc0fc9105d2cde43628ce3b59f53ad43c62fc

SHA256
af306f0e9d715c105b258bb94f0e65211ad47f47e882a46cdcce51faf2b81492

SHA512
e6ae14cfec62094cb34e941565a4682432653810fb027a6b5d19aac1ddac7cb87410a64e1dfc0132f0dd54e8c9023e9dd9123b4409de4d0cbedabe43c4b19ae8

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_LowVolume.ps1

Filesize
1KB

MD5
8e738be9984699b0765cfe78963250bc

SHA1
defebe59d1939526d6d4cb649013d5cd5e696ae7

SHA256
99e073ce2606c2e3314bf77c7ebf8303fcbd91274c3718aeb4adbc19991d79f6

SHA512
d988f0f0ca03074d221c4219ce1ef12a7a2613ad04ba595f151965c831f1f91695a0b0ef108d82ea03f126cd60257c5913ae446fde0df09c4d2fd7d4184e4b7e

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_Mute.ps1

Filesize
825B

MD5
0c20cb89aa593c16da358f7dd0c94b2c

SHA1
88caaac51299e7dd6b4509bfce646c75c19ad4e1

SHA256
1eb63584f228590b02710187c33c313d4b53ea333afaeede538b0ceb4ac7b82d

SHA512
fabab341b01647cb3e7c75b5f110b57f647b0eaa6707937bc3932847c8aee7bab362139ecd6bc9a1e193790ba0109314fcf599bc6aab80618ae29dd91bad1eb5

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_NotDefault.ps1

Filesize
1KB

MD5
d173853e22275e88f0d4e5e3f77a760d

SHA1
56401dcd71b44cd593d9b25934d20b7f4c8f45b8

SHA256
1fee8cf2484fc37903b1132279e71d56c9857078db294754d34f25ee1cb5de1f

SHA512
de5462bffde997e33e3633b1c564251f70aedf9efca705452fba65faa1bd79cff3fb77cb9c3ded253c23e363ef514100b35555c8c238ad818a9d9bb96b23c215

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\TS_UnpluggedIn.ps1

Filesize
963B

MD5
b90053c456d136fe47f2b7f35eb50989

SHA1
0c3efad83f1d416c44b43c0e8594e7452f36f433

SHA256
aafa18b9eb77c569bd915fffa16bb92f1296a1a7b6cf22beac9c9cac1f4ad036

SHA512
4ee25823cd6d821cfe09a14abdfb2069f91ac4262772574338819abfe494f598cfa7a1599b38223a5964ef5d12c610a33becac42f581c7159bbb2ff05218c246

Download Submit
C:\Windows\TEMP\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\en-US\CL_LocalizationData.psd1

Filesize
4KB

MD5
d9457bacea98a0602e09beade7fceb41

SHA1
2dd8b4712bb7d3919f416183d5720637d7a7e56d

SHA256
817fcce0983fa0b29c57e413c5eca2e9ad34e3119b08188b2d363726512fe6dc

SHA512
45a48d43048aa32ddeeec03013819c9e07702816cc50b72cccf305274ddf15380c9d22a2690e5a187e2e7fcd1e88dc24c57b842d9ae4a3efd8afbc7f9c6706ef

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
368B

MD5
ecc34ba45fe6543e9feac2a4bce84a6c

SHA1
ac0ad0f89899ad119806231875d567fbdc8336db

SHA256
e01620cda1cd4008d14bab71792270354f4535860ba55d83f22a0a5832a91ff5

SHA512
16e11d47c911063053b4b6c9bf53d7e9edea57771a8268d1829f73b99597d25969c9a1b9349c05b026ccee987b6deb818dc934cf7fdfe0ddd59f262a88da4cef

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
733B

MD5
751902c816aa5805fc1acaaf2627faf0

SHA1
0779db29c3153fd021ac31a0133e0d37d2fecd47

SHA256
ab66f225e6feae84c555d24b1f468af012f0d63eec1ee2706450a50bc1a9b598

SHA512
a18ab3cf064f208fae47b91d4d3b8756b103e14906d4b21be60f4ab3ed05929be7765831aead0fb0179c1ac22ab8d448780a55270d9861cd189570f345c5a969

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
1KB

MD5
ea277c775909b5bd46ee32fe25dcb247

SHA1
1382325068e11ccc13470d0d8ccd7931fe423ea0

SHA256
7d526bfe746635c94fd57dee4d1af39cd5ac33770abc1b7c31040c5dd63d0b16

SHA512
9d1d24d3a3a6e6236c74fd03ff582137db1125f9ab23161beea01c993e676d3617ebceeb0b17990bb06908238ae99d4794ca10e2800c3ab3813a675a54a345bc

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
1KB

MD5
813570f4c7319220ff5112f076152a65

SHA1
6baba5232834491a4366a589059070b80cea79b2

SHA256
ecd49709594c3d9158d78947d09ea641059cf37b4172e0157a1c39122d534cb0

SHA512
d7461212183b4f220a1f6539951be1f8a386c76d6cfd40d4123c6ed5815a5b9772c0bfba5233b1d5751be878ebbdf546912bb0e8660f2229831e287677bed61e

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
2KB

MD5
dda1dc00dd1066e69adef32164fcb737

SHA1
0539c193052d96ec8c407c29888a7b0f78372c99

SHA256
78688fb4dd096d6aa8cb1e3bf56d1711e08f500a9a7d0816002fe8df8ca900a9

SHA512
aa16dcfe345e8474e62e1316e686a7138b8e94f3c66f208f9da95aea08864e33acc6e5c4d19b827369d5c85cf217d3d590554602c000f373ddba97d4ec31ff5b

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
3KB

MD5
0b1e7b0bbce2bfecad56bf887f548888

SHA1
71c6d3d20c2d0037229b014e7ce708ce06f23d25

SHA256
a27581ddeddb68aa66b4d698f027026a70cadaa58928e1e6ef9d051849f20738

SHA512
5ebeb8acb73f3f123ae84c3ddca518f3a120708f9b6a35eaa3e47f072aaf38db4e048e626e7f9511a5424c419987aa61f68ed16d069839a97cccf73c6bf35c17

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\AudioDiagnosticSnapIn.InstallLog

Filesize
4KB

MD5
daeb01d62c2fe28fae5334741b323132

SHA1
eca867993e76fddf61b7d2775f4d8154d2da60ba

SHA256
7af77171bba2fb0af0bbb813db4530505216307c3b5507007e7125e647defe6c

SHA512
fb84579a579caa6ac8d9aaf166822427234e6ae572cee4ef92c75a815a4ab3034f7ed8c47af30c48624fb319dcbb3032e160bee9d09c8d4dc61618b95bfc63de

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\DiagPackage.dll

Filesize
171KB

MD5
3dd756eb8667ac050b4db8f06e71ccb3

SHA1
9efd9b92cf4b5aff57bc77d83ea920398011f836

SHA256
dc84c8af7e4de9851a65fc7102478270cab7c3fe431b487ba75e3ffe32536a03

SHA512
ad3d38e8f985dcce550d1ae24d0df9243b700806e91e5ce23c9c9d2a557789f858b345e811a0de1ec8e45d15e9e40e60bd7e1cce13ad715c2326ca55f0f69911

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\en-US\DiagPackage.dll.mui

Filesize
7KB

MD5
7ebdadfb614e559f16e62b9e65fa6ca1

SHA1
4cab4f5bf4f225e57d94b5ce69c2597ebe1ed3ad

SHA256
be733a361801655feb229e217ca5a7917fa7cbbd47f968b419f63bf91eaea54a

SHA512
41d5eda2e54a7345297574fc27512bc5684c7a7e7ab2d0a4f3b1898e169355238617bcce62ec9e305996640b421fb032089c7ce5d78209d4a97353fa8cc382a6

Download Submit
C:\Windows\Temp\SDIAG_5cd5fbe5-74cd-4086-996a-325f6355feea\result\ResultReport.xml

Filesize
6KB

MD5
4de10134ca87e3c215b301978c5bede3

SHA1
f1dc40373d1e425368f7a1412ba1d9b09084b711

SHA256
90e5bd8035167e19156bf1707b463921c903ce561b2787048084a18a8cd67c99

SHA512
535ef1a3edd07cbe3a41b11e93c245c2a3277883faf69c9198bb162a7abb1c4d23ea22ae14ede3bc32488b1e67caa5cd9843ffabc14b24e9708964dd9dfcebc7

Download Submit
C:\Windows\Temp\SDIAG_7af0e1ad-10bd-4b17-b91c-033415f1fdbb\DiagPackage.dll

Filesize
54KB

MD5
d4aa2358bb3137549a3e18e45fdc6aae

SHA1
e142c54f3fdb37aa06f5c2df030218aace9249fc

SHA256
2cc176206b99964a1d56ec4538d0d2472fbfcc609eb608379133b98613c71646

SHA512
60e4fc8d2cd6b4ae3e8e90c64b1ddbb3dd9818d2395350b0b438d5949aad455512a82317352db8624d2cc004a9f718db1cb50780f94fdfd3347969dc913a7a89

Download Submit
C:\Windows\Temp\SDIAG_7af0e1ad-10bd-4b17-b91c-033415f1fdbb\en-US\DiagPackage.dll.mui

Filesize
6KB

MD5
eba7b04fd337bc66a14da66305540665

SHA1
b649999a27d8341b142245be7b5461ad5e4c5cfb

SHA256
072eb54f1333ac92bfab3744948e8f56815ea1ad6bb2083fe408d09fa423a950

SHA512
65a46c856ad9efd15a9c13038e4f2f00989dbee45abe526cfefb8926c77970a4f760c86c44880b2f84b84018b81291fbe45b70bef5a66bae48e9baada556c5de

Download Submit
C:\Windows\Temp\SDIAG_7af0e1ad-10bd-4b17-b91c-033415f1fdbb\result\ResultReport.xml

Filesize
4KB

MD5
7db752d53fe56cbd73526c742408dd96

SHA1
c5f1a51822937aefc93ea5d7bae14912dcc3e57f

SHA256
25ac31e289f337b60ee3feb6a5abbe932f592c4fa3055c06a35e3744f587e312

SHA512
19abdbad7b9a2eb713cf925d24d938f50eeae3a05c353e3bb7d019f906364a76e2168809a8c2f366b035727e0d875732f42b41aaf3134a3e099b0c89bcdb9280

Download Submit
C:\Windows\Temp\SDIAG_7af0e1ad-10bd-4b17-b91c-033415f1fdbb\result\results.xsl

Filesize
47KB

MD5
310e1da2344ba6ca96666fb639840ea9

SHA1
e8694edf9ee68782aa1de05470b884cc1a0e1ded

SHA256
67401342192babc27e62d4c1e0940409cc3f2bd28f77399e71d245eae8d3f63c

SHA512
62ab361ffea1f0b6ff1cc76c74b8e20c2499d72f3eb0c010d47dba7e6d723f9948dba3397ea26241a1a995cffce2a68cd0aaa1bb8d917dd8f4c8f3729fa6d244

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\CSC902F.tmp

Filesize
652B

MD5
161c32b65c89a0981a5db6f6b94eed45

SHA1
b4fbc6a49330e84395a17304df05faa1df4c6935

SHA256
a94c0f080d583973164f166e60acbb81d75f003dba53199990bc5e239808a8d7

SHA512
90d1e90360b9299b1252642a375db405bb17c26afa5c36a48912a13ef85dc13890d4a8588ce22a23761c4dca0521f3072eeffdd9fbe57ce5b83975a1fd6fe2bf

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\x8gnxeto.0.cs

Filesize
446B

MD5
ec5c8c8f2004593e7919d93f25cf8715

SHA1
f8d1931138d4513354946a62ff835514c3322b8e

SHA256
bc27d56ccd20de336c1dde38d689b88bfd7f5b95309be5ed3800a4d8ecba63ee

SHA512
e0b908d385303f6e5f796f0610615f1a72c72be8228c0e9d0a996b3a99622184e7eabf1e7c37bcbccee56816ba58ba84390ad431c612da27dbef93828f5d6415

Download Submit
\??\c:\Users\Admin\AppData\Local\Temp\x8gnxeto.cmdline

Filesize
309B

MD5
f863b413609349fcff54cc63c68b9970

SHA1
d41511e7ec25a59ab0d8b46e15fef28b5a019c9b

SHA256
2fefccabe9e489aecb511cd8fe0ea199118f93e36952943ac18c3173c2947db6

SHA512
ebe678cd0d245a9806ff9cabe9b99ecbf9514fb240857c97f6d3345a1382210a8717c66c0d18e7eb0c9b0f829a64ba8ca04d95289ad8d6d678559a8b28b5bb16

Download Submit
memory/188-1201-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/188-1202-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/336-1260-0x00000000023B0000-0x0000000002430000-memory.dmp

Filesize
512KB

Download
memory/336-1261-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/336-1485-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1112-1294-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1112-1487-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1124-1482-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/1264-1147-0x000000001B230000-0x000000001B23A000-memory.dmp

Filesize
40KB

Download
memory/1264-1149-0x000000001B240000-0x000000001B250000-memory.dmp

Filesize
64KB

Download
memory/1264-1187-0x000000001B4B0000-0x000000001B4BC000-memory.dmp

Filesize
48KB

Download
memory/1264-1186-0x000000001B4A0000-0x000000001B4AE000-memory.dmp

Filesize
56KB

Download
memory/1264-1185-0x000000001B490000-0x000000001B4A0000-memory.dmp

Filesize
64KB

Download
memory/1264-1184-0x000000001C5D0000-0x000000001C612000-memory.dmp

Filesize
264KB

Download
memory/1264-1112-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1264-1113-0x00000000029B0000-0x0000000002A30000-memory.dmp

Filesize
512KB

Download
memory/1264-1182-0x0000000002B40000-0x0000000002B48000-memory.dmp

Filesize
32KB

Download
memory/1264-1115-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1264-1183-0x000000001B480000-0x000000001B48A000-memory.dmp

Filesize
40KB

Download
memory/1264-1204-0x000000001B4A0000-0x000000001B4AA000-memory.dmp

Filesize
40KB

Download
memory/1264-1152-0x000000001B4D0000-0x000000001B4D8000-memory.dmp

Filesize
32KB

Download
memory/1264-1151-0x000000001B4B0000-0x000000001B4BC000-memory.dmp

Filesize
48KB

Download
memory/1264-1205-0x000000001C5D0000-0x000000001C612000-memory.dmp

Filesize
264KB

Download
memory/1264-1481-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1264-1206-0x000000001B4B0000-0x000000001B4C0000-memory.dmp

Filesize
64KB

Download
memory/1264-1134-0x00000000021B0000-0x00000000021B8000-memory.dmp

Filesize
32KB

Download
memory/1264-1207-0x000000001B4D0000-0x000000001B4DE000-memory.dmp

Filesize
56KB

Download
memory/1264-1208-0x000000001B4E0000-0x000000001B4EC000-memory.dmp

Filesize
48KB

Download
memory/1264-1209-0x000000001B570000-0x000000001B578000-memory.dmp

Filesize
32KB

Download
memory/1264-1181-0x00000000028D0000-0x00000000028DA000-memory.dmp

Filesize
40KB

Download
memory/1264-1150-0x000000001B4A0000-0x000000001B4AE000-memory.dmp

Filesize
56KB

Download
memory/1264-1146-0x0000000001D00000-0x0000000001D08000-memory.dmp

Filesize
32KB

Download
memory/1264-1148-0x000000001B450000-0x000000001B492000-memory.dmp

Filesize
264KB

Download
memory/1264-1188-0x000000001B4D0000-0x000000001B4D8000-memory.dmp

Filesize
32KB

Download
memory/1444-917-0x0000000001D50000-0x0000000001D51000-memory.dmp

Filesize
4KB

Download
memory/1444-1245-0x0000000001D50000-0x0000000001D51000-memory.dmp

Filesize
4KB

Download
memory/1640-1278-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/1640-1277-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2000-916-0x0000000002040000-0x0000000002041000-memory.dmp

Filesize
4KB

Download
memory/2004-1125-0x0000000002000000-0x0000000002080000-memory.dmp

Filesize
512KB

Download
memory/2040-1243-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2040-1484-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2040-1242-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2056-1155-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2056-1154-0x0000000000A00000-0x0000000000A0A000-memory.dmp

Filesize
40KB

Download
memory/2056-1158-0x0000000000980000-0x0000000000A00000-memory.dmp

Filesize
512KB

Download
memory/2056-1159-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2056-1180-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2056-1167-0x000000001B7F0000-0x000000001BAD2000-memory.dmp

Filesize
2.9MB

Download
memory/2336-1486-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/2516-1225-0x0000000002380000-0x0000000002400000-memory.dmp

Filesize
512KB

Download
memory/2516-1226-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2516-1483-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download
memory/2516-1223-0x000007FEF2120000-0x000007FEF2ABD000-memory.dmp

Filesize
9.6MB

Download