1698a68ab1fd53d6f90cff7325b122f17df9ca1966dd42baac218e4c73ea3a58

Analysis

max time kernel
675s
max time network
661s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
19/04/2024, 20:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4aa59a70739640d99b72d544a2649bae.jpg
Size

476KB
MD5

40b28d9989156fa83030a001ae47b1e3
SHA1

c559dec0f7b6b57ae0f78cdca70a0c07a38fa962
SHA256

1698a68ab1fd53d6f90cff7325b122f17df9ca1966dd42baac218e4c73ea3a58
SHA512

2e9e53e37cf4e21775783e9c0fbeb722abcda941eea0485e9fb2415a5b6d1acac1717c7e807050f856339df253de85ff4a1043d2106a6a62b9ca79fb321f76ce
SSDEEP

12288:m2jCmixRlG7rQYt2FYVtFohcOtVz5tdpeq4mWxUBf8Z2Li:mC37rQYQFYQhdpCHk8

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
3184	java.exe
3472	java.exe

Loads dropped DLL 27 IoCs

pid	Process
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3184	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe
3472	java.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe

Checks processor information in registry 2 TTPs 18 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	java.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	DeadCodeLauncher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	java.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DeadCodeLauncher.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	DeadCodeLauncher.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	java.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	java.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DeadCodeLauncher.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-801765966-3955847401-2235691403-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-801765966-3955847401-2235691403-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\Downloads\DeadCodeLauncher.zip:Zone.Identifier	firefox.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3536	DeadCodeLauncher.exe
3536	DeadCodeLauncher.exe
3536	DeadCodeLauncher.exe
3536	DeadCodeLauncher.exe
3184	java.exe
3184	java.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
2620	DeadCodeLauncher.exe
2620	DeadCodeLauncher.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
2620	DeadCodeLauncher.exe
2620	DeadCodeLauncher.exe
5000	taskmgr.exe
3472	java.exe
3472	java.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
3472	java.exe
3472	java.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
3536	DeadCodeLauncher.exe
2620	DeadCodeLauncher.exe

Suspicious use of AdjustPrivilegeToken 15 IoCs

description	pid	Process
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: 33	5056	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5056	AUDIODG.EXE
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	1808	firefox.exe
Token: SeDebugPrivilege	5000	taskmgr.exe
Token: SeSystemProfilePrivilege	5000	taskmgr.exe
Token: SeCreateGlobalPrivilege	5000	taskmgr.exe
Token: 33	5000	taskmgr.exe
Token: SeIncBasePriorityPrivilege	5000	taskmgr.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe
5000	taskmgr.exe

Suspicious use of SetWindowsHookEx 47 IoCs

pid	Process
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1808	firefox.exe
1396	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 3400 wrote to memory of 1808	3400	firefox.exe	84
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 460	1808	firefox.exe	85
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86
PID 1808 wrote to memory of 3668	1808	firefox.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\4aa59a70739640d99b72d544a2649bae.jpg
1⤵
PID:404

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3400
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - NTFS ADS
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1808
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.0.281944336\1026366834" -parentBuildID 20230214051806 -prefsHandle 1752 -prefMapHandle 1744 -prefsLen 22074 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c055571a-7a97-4a99-be92-81bbc473aae7} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 1832 21eed125b58 gpu
    3⤵
    PID:460
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.1.1457996046\450211918" -parentBuildID 20230214051806 -prefsHandle 2344 -prefMapHandle 2340 -prefsLen 22110 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2965129-354f-4705-8375-c54de5613f85} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 2356 21ed8d84758 socket
    3⤵
    - Checks processor information in registry
    PID:3668
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.2.886610248\1306753310" -childID 1 -isForBrowser -prefsHandle 2584 -prefMapHandle 2756 -prefsLen 22148 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e876321-a9b9-412c-9052-5b9658835d4c} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 3024 21eef7f8b58 tab
    3⤵
    PID:1640
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.3.10625314\644887079" -childID 2 -isForBrowser -prefsHandle 3544 -prefMapHandle 3540 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49d12f4b-9c0f-46d8-9645-0b8f9c3a3218} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 3556 21ef2827558 tab
    3⤵
    PID:4328
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.4.1098339191\1208813500" -childID 3 -isForBrowser -prefsHandle 5140 -prefMapHandle 5152 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce59a50c-ace0-4038-8dc2-fc5898eedfb2} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5164 21ed8d7d958 tab
    3⤵
    PID:3180
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.5.1067918285\198260576" -childID 4 -isForBrowser -prefsHandle 5292 -prefMapHandle 5296 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {76f3cbce-e41e-448c-a9e0-b035da2d066a} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5376 21ef5431c58 tab
    3⤵
    PID:1416
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.6.319761618\953577354" -childID 5 -isForBrowser -prefsHandle 5512 -prefMapHandle 5516 -prefsLen 27614 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d5bbeaf-1a25-4db3-93c9-b0157aa03479} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5504 21ef5431f58 tab
    3⤵
    PID:1544
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.7.699441047\1197151796" -childID 6 -isForBrowser -prefsHandle 5888 -prefMapHandle 5880 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af12f2fe-37f3-4373-88e1-303c68a896bf} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5988 21efc58fc58 tab
    3⤵
    PID:1352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.8.1965369657\571739236" -parentBuildID 20230214051806 -prefsHandle 6484 -prefMapHandle 6396 -prefsLen 31220 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {244804f6-fe17-4942-a957-21e2c2e25811} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 6112 21ef4ed4a58 rdd
    3⤵
    PID:4972
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.9.1754281611\1929515755" -parentBuildID 20230214051806 -sandboxingKind 1 -prefsHandle 4480 -prefMapHandle 6252 -prefsLen 31220 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7798bd22-cfb4-4c6b-aa19-a4ae825eabf3} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 6280 21ef52b1d58 utility
    3⤵
    PID:1520
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.10.456519405\1218647677" -childID 7 -isForBrowser -prefsHandle 6652 -prefMapHandle 6648 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc7770ae-a776-47ce-b1e3-8d07ab7a0a32} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 6660 21ef53ce558 tab
    3⤵
    PID:2220
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.11.49611023\1012115676" -childID 8 -isForBrowser -prefsHandle 5484 -prefMapHandle 5400 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4514dfa4-1c57-4653-9874-f639ac02ddd9} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5180 21ef3e8a458 tab
    3⤵
    PID:3620
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.12.1992341133\1032329141" -childID 9 -isForBrowser -prefsHandle 6332 -prefMapHandle 6324 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2020c95-45bb-4407-b6c4-fa526eff9670} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10808 21efdab7b58 tab
    3⤵
    PID:3840
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.13.448992189\357811769" -childID 10 -isForBrowser -prefsHandle 6020 -prefMapHandle 6112 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8560a37-c509-4a19-978f-0f5b2f85f091} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 6268 21ef52b3258 tab
    3⤵
    PID:3968
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.14.1844574001\1768201014" -childID 11 -isForBrowser -prefsHandle 5376 -prefMapHandle 5588 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b00b3653-dad9-4274-925c-e9bdd6f1b2be} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10376 21efa152958 tab
    3⤵
    PID:2616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.15.753583812\324215006" -childID 12 -isForBrowser -prefsHandle 10432 -prefMapHandle 5468 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {76accc2b-fe0e-458d-9e20-89d553f90b64} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10272 21eef7dd858 tab
    3⤵
    PID:4840
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.16.1209391027\982890968" -childID 13 -isForBrowser -prefsHandle 6860 -prefMapHandle 5464 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddce11f9-c20a-4916-a3ed-eababaace05a} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 6808 21efdab9c58 tab
    3⤵
    PID:828
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.17.816024343\1026673454" -childID 14 -isForBrowser -prefsHandle 5396 -prefMapHandle 10752 -prefsLen 31220 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2fcaaf23-122f-4ef9-9310-6b6ae8cb663a} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5632 21ef24e6558 tab
    3⤵
    PID:5016
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.18.1951013434\1745136148" -childID 15 -isForBrowser -prefsHandle 10436 -prefMapHandle 6268 -prefsLen 31229 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {94a12451-e778-4bb3-9912-7ddc0dae6f4b} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10464 21ef1581958 tab
    3⤵
    PID:3744
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.19.1919108174\302845616" -childID 16 -isForBrowser -prefsHandle 6816 -prefMapHandle 5776 -prefsLen 31229 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0584b52e-7f02-4ef7-a596-689f8a05edbf} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5272 21ed8d3e858 tab
    3⤵
    PID:2664
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.20.1230459073\1949391089" -childID 17 -isForBrowser -prefsHandle 10408 -prefMapHandle 10364 -prefsLen 31278 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe34600f-22af-433a-b6e5-145fbbb231a8} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10704 21eec02e958 tab
    3⤵
    PID:4556
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.21.787769745\1037513166" -childID 18 -isForBrowser -prefsHandle 10560 -prefMapHandle 10480 -prefsLen 31278 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d451a3c-e0ae-45b0-b81a-00f5c7ae6e7a} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 5620 21ef0067258 tab
    3⤵
    PID:1720
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1808.22.1343851299\1274922957" -childID 19 -isForBrowser -prefsHandle 6148 -prefMapHandle 6152 -prefsLen 31278 -prefMapSize 235121 -jsInitHandle 1396 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20efc1f3-c819-4689-8f2d-f04792f1046c} 1808 "\\.\pipe\gecko-crash-server-pipe.1808" 10544 21ef157f558 tab
    3⤵
    PID:1496

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000002D4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5056

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4524

C:\Users\Admin\AppData\Local\Temp\Temp1_DeadCodeLauncher.zip\DeadCodeLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_DeadCodeLauncher.zip\DeadCodeLauncher.exe"
1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
PID:3536
- C:\DeadCode\jvm\bin\java.exe
  C:/DeadCode/jvm/bin/java.exe -noverify -XX:+UnlockExperimentalVMOptions -XX:-UseParallelGC -XX:+UseG1GC -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M -XX:+DisableExplicitGC -XX:+AlwaysPreTouch -XX:+ParallelRefProcEnabled -Xms1024M -Xmx2048M -Dfile.encoding=UTF-8 -Dlog4j.configurationFile=//C:/DeadCode/assets/log_configs/patched-variant-2.7.xml -Djava.library.path=C:/DeadCode/client/natives -Dminecraft.client.jar=C:/DeadCode/client/client.jar -cp C:/DeadCode/libraries/annotations-23.0.0.jar;C:/DeadCode/libraries/asm-9.2.jar;C:/DeadCode/libraries/asm-analysis-9.2.jar;C:/DeadCode/libraries/asm-commons-9.2.jar;C:/DeadCode/libraries/asm-tree-9.2.jar;C:/DeadCode/libraries/authlib-3.18.38.jar;C:/DeadCode/libraries/blocklist-1.0.10.jar;C:/DeadCode/libraries/brigadier-1.0.18.jar;C:/DeadCode/libraries/checker-qual-3.12.0.jar;C:/DeadCode/libraries/client-resources.jar;C:/DeadCode/libraries/commons-codec-1.15.jar;C:/DeadCode/libraries/commons-compress-1.21.jar;C:/DeadCode/libraries/commons-io-2.11.0.jar;C:/DeadCode/libraries/commons-lang3-3.12.0.jar;C:/DeadCode/libraries/commons-logging-1.2.jar;C:/DeadCode/libraries/datafixerupper-6.0.6.jar;C:/DeadCode/libraries/discord-rpc.jar;C:/DeadCode/libraries/error_prone_annotations-2.11.0.jar;C:/DeadCode/libraries/exp4j-0.4.8.jar;C:/DeadCode/libraries/failureaccess-1.0.1.jar;C:/DeadCode/libraries/fastutil-8.5.9.jar;C:/DeadCode/libraries/forgespi-6.0.0.jar;C:/DeadCode/libraries/gson-2.10.jar;C:/DeadCode/libraries/guava-31.1-jre.jar;C:/DeadCode/libraries/httpclient-4.5.13.jar;C:/DeadCode/libraries/httpcore-4.4.15.jar;C:/DeadCode/libraries/icu4j-71.1.jar;C:/DeadCode/libraries/j2objc-annotations-1.3.jar;C:/DeadCode/libraries/java-objc-bridge-1.1.jar;C:/DeadCode/libraries/jna-5.12.1.jar;C:/DeadCode/libraries/jna-platform-5.12.1.jar;C:/DeadCode/libraries/joml-1.10.5.jar;C:/DeadCode/libraries/jopt-simple-5.0.4.jar;C:/DeadCode/libraries/jsr305-3.0.2.jar;C:/DeadCode/libraries/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:/DeadCode/libraries/log4j-api-2.19.0.jar;C:/DeadCode/libraries/log4j-core-2.19.0.jar;C:/DeadCode/libraries/log4j-slf4j2-impl-2.19.0.jar;C:/DeadCode/libraries/logging-1.1.1.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-3.3.1.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1.jar;C:/DeadCode/libraries/lwjgl_util-2.9.0.jar;C:/DeadCode/libraries/maven-artifact-3.8.1.jar;C:/DeadCode/libraries/modlauncher-9.0.7.jar;C:/DeadCode/libraries/netty-buffer-4.1.82.Final.jar;C:/DeadCode/libraries/netty-codec-4.1.82.Final.jar;C:/DeadCode/libraries/netty-common-4.1.82.Final.jar;C:/DeadCode/libraries/netty-handler-4.1.82.Final.jar;C:/DeadCode/libraries/netty-resolver-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-classes-epoll-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-native-unix-common-4.1.82.Final.jar;C:/DeadCode/libraries/oshi-core-6.2.2.jar;C:/DeadCode/libraries/patchy-2.2.10.jar;C:/DeadCode/libraries/plexus-utils-3.2.1.jar;C:/DeadCode/libraries/securejarhandler-0.9.61.jar;C:/DeadCode/libraries/slf4j-api-2.0.1.jar;C:/DeadCode/libraries/snakeyaml-2.0.jar;C:/DeadCode/libraries/text2speech-1.16.7.jar;C:/DeadCode/libraries/thumbnailator-0.4.17.jar;C:/DeadCode/libraries/ViaBackwards-4.7.0-1.20-pre1-SNAPSHOT.jar;C:/DeadCode/libraries/ViaRewind-2.0.4-SNAPSHOT.jar;C:/DeadCode/libraries/ViaVersion-4.7.0-1.20-pre2-SNAPSHOT.jar;C:/DeadCode/client/client.jar net.minecraft.client.main.Main
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks processor information in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:3184

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1396

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5000

C:\Users\Admin\AppData\Local\Temp\Temp2_DeadCodeLauncher.zip\DeadCodeLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\Temp2_DeadCodeLauncher.zip\DeadCodeLauncher.exe"
1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
PID:2620
- C:\DeadCode\jvm\bin\java.exe
  C:/DeadCode/jvm/bin/java.exe -noverify -XX:+UnlockExperimentalVMOptions -XX:-UseParallelGC -XX:+UseG1GC -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M -XX:+DisableExplicitGC -XX:+AlwaysPreTouch -XX:+ParallelRefProcEnabled -Xms1024M -Xmx2048M -Dfile.encoding=UTF-8 -Dlog4j.configurationFile=//C:/DeadCode/assets/log_configs/patched-variant-2.7.xml -Djava.library.path=C:/DeadCode/client/natives -Dminecraft.client.jar=C:/DeadCode/client/client.jar -cp C:/DeadCode/libraries/annotations-23.0.0.jar;C:/DeadCode/libraries/asm-9.2.jar;C:/DeadCode/libraries/asm-analysis-9.2.jar;C:/DeadCode/libraries/asm-commons-9.2.jar;C:/DeadCode/libraries/asm-tree-9.2.jar;C:/DeadCode/libraries/authlib-3.18.38.jar;C:/DeadCode/libraries/blocklist-1.0.10.jar;C:/DeadCode/libraries/brigadier-1.0.18.jar;C:/DeadCode/libraries/checker-qual-3.12.0.jar;C:/DeadCode/libraries/client-resources.jar;C:/DeadCode/libraries/commons-codec-1.15.jar;C:/DeadCode/libraries/commons-compress-1.21.jar;C:/DeadCode/libraries/commons-io-2.11.0.jar;C:/DeadCode/libraries/commons-lang3-3.12.0.jar;C:/DeadCode/libraries/commons-logging-1.2.jar;C:/DeadCode/libraries/datafixerupper-6.0.6.jar;C:/DeadCode/libraries/discord-rpc.jar;C:/DeadCode/libraries/error_prone_annotations-2.11.0.jar;C:/DeadCode/libraries/exp4j-0.4.8.jar;C:/DeadCode/libraries/failureaccess-1.0.1.jar;C:/DeadCode/libraries/fastutil-8.5.9.jar;C:/DeadCode/libraries/forgespi-6.0.0.jar;C:/DeadCode/libraries/gson-2.10.jar;C:/DeadCode/libraries/guava-31.1-jre.jar;C:/DeadCode/libraries/httpclient-4.5.13.jar;C:/DeadCode/libraries/httpcore-4.4.15.jar;C:/DeadCode/libraries/icu4j-71.1.jar;C:/DeadCode/libraries/j2objc-annotations-1.3.jar;C:/DeadCode/libraries/java-objc-bridge-1.1.jar;C:/DeadCode/libraries/jna-5.12.1.jar;C:/DeadCode/libraries/jna-platform-5.12.1.jar;C:/DeadCode/libraries/joml-1.10.5.jar;C:/DeadCode/libraries/jopt-simple-5.0.4.jar;C:/DeadCode/libraries/jsr305-3.0.2.jar;C:/DeadCode/libraries/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:/DeadCode/libraries/log4j-api-2.19.0.jar;C:/DeadCode/libraries/log4j-core-2.19.0.jar;C:/DeadCode/libraries/log4j-slf4j2-impl-2.19.0.jar;C:/DeadCode/libraries/logging-1.1.1.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-3.3.1.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-glfw-3.3.1.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-jemalloc-3.3.1.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-openal-3.3.1.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-opengl-3.3.1.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-stb-3.3.1.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows-arm64.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows-x86.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1-natives-windows.jar;C:/DeadCode/libraries/lwjgl-tinyfd-3.3.1.jar;C:/DeadCode/libraries/lwjgl_util-2.9.0.jar;C:/DeadCode/libraries/maven-artifact-3.8.1.jar;C:/DeadCode/libraries/modlauncher-9.0.7.jar;C:/DeadCode/libraries/netty-buffer-4.1.82.Final.jar;C:/DeadCode/libraries/netty-codec-4.1.82.Final.jar;C:/DeadCode/libraries/netty-common-4.1.82.Final.jar;C:/DeadCode/libraries/netty-handler-4.1.82.Final.jar;C:/DeadCode/libraries/netty-resolver-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-classes-epoll-4.1.82.Final.jar;C:/DeadCode/libraries/netty-transport-native-unix-common-4.1.82.Final.jar;C:/DeadCode/libraries/oshi-core-6.2.2.jar;C:/DeadCode/libraries/patchy-2.2.10.jar;C:/DeadCode/libraries/plexus-utils-3.2.1.jar;C:/DeadCode/libraries/securejarhandler-0.9.61.jar;C:/DeadCode/libraries/slf4j-api-2.0.1.jar;C:/DeadCode/libraries/snakeyaml-2.0.jar;C:/DeadCode/libraries/text2speech-1.16.7.jar;C:/DeadCode/libraries/thumbnailator-0.4.17.jar;C:/DeadCode/libraries/ViaBackwards-4.7.0-1.20-pre1-SNAPSHOT.jar;C:/DeadCode/libraries/ViaRewind-2.0.4-SNAPSHOT.jar;C:/DeadCode/libraries/ViaVersion-4.7.0-1.20-pre2-SNAPSHOT.jar;C:/DeadCode/client/client.jar net.minecraft.client.main.Main
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks processor information in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:3472

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\DeadCode\jvm\bin\VCRUNTIME140.dll

Filesize
95KB

MD5
f34eb034aa4a9735218686590cba2e8b

SHA1
2bc20acdcb201676b77a66fa7ec6b53fa2644713

SHA256
9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1

SHA512
d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af

Download Submit
C:\DeadCode\jvm\bin\java.dll

Filesize
135KB

MD5
ec8a03927748af020dd71eaa5893e5bd

SHA1
2fb393840ffe9ae734a73116d4e1083c1558541b

SHA256
5af45fcf4931fe3e62441d3807af0ac4bd82f0cbbd1d2c019702530746315806

SHA512
20a743c3e8f1134c7cdf55ed96c8dbf279cc969037f16aebf60c437e1391ff1c04942bf7abd75553c353d5f5785e5fa44ef21a52451b09ffd37269e5af764030

Download Submit
C:\DeadCode\jvm\bin\java.exe

Filesize
38KB

MD5
a478871070ed5db4919faaab82e51bf4

SHA1
2b96f5f199e9f7f874622ee26644f42b53343797

SHA256
0136a5ab979467e83d1a995c39b6ac6ab80fffb41c28532d7fe7d76eedc4c2ed

SHA512
721d0d14e10eff5ce0467e0020cca31166bf5e0818e2b16f18dae309fca1341837239f678dc752ed4e9e3241dee741254cbe4ccd9a9bd095a9377e5d03b9b893

Download Submit
C:\DeadCode\jvm\bin\javadoc.pdb

Filesize
412KB

MD5
860e9199849254666bee34b2466af05a

SHA1
4473d22d744cc5e643157c510687582c72ea7c2f

SHA256
b83f577589cbfe440606245551086777db50a6e1862ead449e9104f6ec75a78f

SHA512
1955818e643061178e858f43cca83d5c6174980d3d99f1b5d971b34d72f8c9bec105ed2d5a7b2619e55fc3222a0676f6ac487181a4bff80131d4208ed38f09f6

Download Submit
C:\DeadCode\jvm\bin\jimage.dll

Filesize
22KB

MD5
8d9082f51f7be19753abab34a05f0123

SHA1
af8c1d5dbcb4ec04e922ea9095bde47a2a694cda

SHA256
9649ffbf9de2d6959af759f6448d341fee6878a9098cd10d53d8814d4933561d

SHA512
17aa4e0c61e4c859b113cebc0082b8c90ca236e31de48edccb8f44678dd072668c232d097ed15b46c374df276ab70aea75a482a7a4b2d433657103039d10885d

Download Submit
C:\DeadCode\jvm\bin\jli.dll

Filesize
75KB

MD5
43cd573fffa3a37ddbc700694c1c3e72

SHA1
e634f86ee8270383fc954fda2f2e2a887df02cfa

SHA256
5ca3358e45e33b77fbd194fc3bfd331b955e2e52fc6f95847b4f362af80efda3

SHA512
c66c0e438d19be1689b6a137c763df5546cc0e1932f03323aab9cdcad58a38d1156724a905c4792cea992d7b4c5dd37b673a2bfc5f0e99c0c55eda805a00c8a1

Download Submit
C:\DeadCode\jvm\bin\msvcp140.dll

Filesize
553KB

MD5
6da7f4530edb350cf9d967d969ccecf8

SHA1
3e2681ea91f60a7a9ef2407399d13c1ca6aa71e9

SHA256
9fee6f36547d6f6ea7ca0338655555dba6bb0f798bc60334d29b94d1547da4da

SHA512
1f77f900215a4966f7f4e5d23b4aaad203136cb8561f4e36f03f13659fe1ff4b81caa75fef557c890e108f28f0484ad2baa825559114c0daa588cf1de6c1afab

Download Submit
C:\DeadCode\jvm\bin\server\jvm.dll

Filesize
4.9MB

MD5
051f9966680ac3440d948de2f980da71

SHA1
443843d65530c87f8b71b3f7586655078afac7cd

SHA256
fe8657d6341ea53e5be9249fa6bfe9ef298816c8329fc8fc0d7723463d661621

SHA512
f59811b965f19582d7dac598daffa19a01c3e4da2c919758b19ccd7d34348b888b2716097ddd8411f36435742b84de1c971d4ab574a176de161edc7e2657190f

Download Submit
C:\DeadCode\jvm\bin\vcruntime140_1.dll

Filesize
36KB

MD5
135359d350f72ad4bf716b764d39e749

SHA1
2e59d9bbcce356f0fece56c9c4917a5cacec63d7

SHA256
34048abaa070ecc13b318cea31425f4ca3edd133d350318ac65259e6058c8b32

SHA512
cf23513d63ab2192c78cae98bd3fea67d933212b630be111fa7e03be3e92af38e247eb2d3804437fd0fda70fdc87916cd24cf1d3911e9f3bfb2cc4ab72b459ba

Download Submit
C:\DeadCode\jvm\lib\jvm.cfg

Filesize
29B

MD5
7ce21bdcfa333c231d74a77394206302

SHA1
c5a940d2dee8e7bfc01a87d585ddca420d37e226

SHA256
aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0

SHA512
8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b

Download Submit
C:\DeadCode\jvm\modules\java.base\java\io\Serializable.class

Filesize
113B

MD5
51223179548374fbc3f6143ab7a237cf

SHA1
257c4660908b67974f58e2d52f4a9ef38d88519e

SHA256
dec1567a802888a9386ca12d2fe47c6cd500456dafb2796738febbc4f4dab3e2

SHA512
919c37fc6c5b4ee325fabb2d5250035b2dfb00c96bea71aadff58673442a7704ed9f327eeec8dca9ebffe0445cd56c56c190775565936b3c8873d29fd5b7a74c

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ArrayStoreException.class

Filesize
515B

MD5
84254b2008cf329cccb0f6d34e41cb91

SHA1
0ad1a16af71aba74396e37119773d1783d2a00d4

SHA256
fdd549e5ab5cbd0bfd54e1a0ee57c1e04aafb3d85848c0f1de475ee0ab1f22fe

SHA512
8180855db21107fb30b2b16fa1634f8ce23f249e73f556a0a144c34ab8c5302d0fdf100e693adacfb8746897d19205062a69e0371520cfb690ab72c82d7ea890

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\CharSequence.class

Filesize
2KB

MD5
82ad63f3582d1b4bbd810b7ca2a08f4f

SHA1
97a1317c52fae5780ddf903ebee47a3d008ac55f

SHA256
b137e74aecf03c0909d0630842e75012f85d4c45d2e407f5c44a0ebb302955b4

SHA512
b4fff3a925aa8470d854352816aee1a176aba051ae3cfc596629acabb0048942d6afc35de016296f9a270a3c508f90aead4c2aaeaa1b67f571b753c32175f5b0

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Class.class

Filesize
55KB

MD5
25d27eb10d351532696b959f7ea00ed5

SHA1
6f98f475edd49dab6a64aa85c447c7e4ea796bcf

SHA256
084d60b688933127e1d996a3db37fc60268b05d813d2342372affbaf15dcb391

SHA512
73a23c9645eab307268f79608a1cc0bcd8d352205625fed78a72b7f87de7c2dc107a79b0465c384ca4c4fcb0ec349c16b3205dcd10147238785c19402048444f

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ClassCastException.class

Filesize
512B

MD5
6220274ea862983803e35535df2ebd87

SHA1
a183dc506e3308aff6d4947d3d60dd3170041a7e

SHA256
e0d462dc6f9cffacac9eda726dedf0c88f6593bf1415e08c8bd9e56624657e10

SHA512
3d8d0e82084b9630629064ce776c8be26150438bb158c85e8f1490430bc1d7ebcc1ab258d9c9536aeaff852b2b875297eeb372fcc644f9a540e046dfaa954051

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ClassLoader.class

Filesize
31KB

MD5
c38ed965bf428807b5b698ea3ef96b42

SHA1
95c857e8950663d1937d5f920333d5a2e623e90c

SHA256
c2bfb811c39a70cdbdfca6cb22aede516e3273d50d8d9b3044f2402bac515c41

SHA512
efb9a47fa191299d06676244b574a631ea19b940241bbdbcdbececc0da5e87682abce20d86213f709609aa5066eb26c450ee38f75b79ea9bb4b1b842624589e2

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ClassNotFoundException.class

Filesize
2KB

MD5
90a25ed35effef2efb5b64a45b50dd8f

SHA1
bfb18143d94856fb0a0aaafec4e88c1e4f535abc

SHA256
e908406f3edebc31bfde097e755a912066b55f4681f482dc1e8d748b9bd3a9f6

SHA512
0a568a2225399fe3fe604f0b654522715042f7aefd4a4056e6bf8411d514186335a1ab1149309e62555648e6df2e58197d9626736628b8ae9477241ba79b5585

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Cloneable.class

Filesize
109B

MD5
3e7d9a07c5fc5b5abaf18aaa25b17b94

SHA1
b80ea0122adc7ebdcc5c05f7bb1aee965325c0c9

SHA256
74500380ebbb70d4a484158a6f091fb86848aec21dd848433094c99d56456a0c

SHA512
a8d98694e9868da7dcd7ecce5474119549ed48958c3ea774e4244b58b663011ba8ba6efe9d47aecc5288e39402b2e877b272e820fa910afd3b158e4665cc3372

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Comparable.class

Filesize
235B

MD5
77f1160a1104b6854d0a4083550e154b

SHA1
c390319ea4bb396f86217b86cd31a46cfd04f79d

SHA256
fd17e03c8cf70cf2e07329fb4b90cb7775a491b9581b9983201b73fa09a8b1ae

SHA512
1cd5b1a35926558dcd6c52833e51964a2850ee69bf6d6365725d260205f4e4fe0fec80de3cec2bf281bc729f5e8e9f6111f5a7084270a6f922e74a98ffa72121

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Error.class

Filesize
971B

MD5
aad350cce60f032e981a09ba47c3779d

SHA1
c3907b252b1455d578f49e432fe6695add8bc86e

SHA256
395640dec8a307527959c6dffc3db9967185cd43ece4ad3dca3654c83c9ff0ac

SHA512
813216496b3ec94289f1ed5acdbfdeda74f8aed3ca6f74ffaf32650fb98dbc33ebbd24db0e93b8d9b7eb6b4ac03e973242f27854be37f8c59f19170cb8d441da

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Exception.class

Filesize
983B

MD5
90aadc42a36c9edb802b18f23a162243

SHA1
c8639581045fd431c927eeb50ee7b5f94becdac0

SHA256
57b38238e69b1d029a824e2bc656270cb1565c4bc1013ab99985b924c159ab1d

SHA512
1f6dab394886bc8a3f7ba10131a1ca241c616eb9e98132f0d1323f2498fe8484cfb555173c356a74782c37822b533d59080f963cffb460f7e61ad8afcf1c9ff0

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\IllegalMonitorStateException.class

Filesize
542B

MD5
2a022546032cce16ca0327230ed92511

SHA1
03a2fd5460cf1dc1b33ab1759ef4a9e1b16097a6

SHA256
52ae36e8908d8eeacd52362dc931aa68dce4dec83a8f61a2961776e95ba399d0

SHA512
7fb613715ce3371f1abb06bc601a5848aaf4900065279f50f38fc52b08c4f28b5902203211ff0ff351b225101a53c739d0e903cc350db57e40f1243de40d6743

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\InternalError.class

Filesize
793B

MD5
f7b30a8b956a9e70216eb992cb3d9201

SHA1
5f72cb2a5e876359619cb8808a22814808be404f

SHA256
4e94042a6bee1288f26e49e6e45a8f34307b9d31cd271303c9566b8d6eca8c5c

SHA512
006edbae1317e7d6306f0127065578aa7e9a9d54419e76a53887123bbc27d21ddbe8ce9a1cb0e30484a422b5d8cd394672ce6d0239f33a80915980388e9a039c

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\LinkageError.class

Filesize
657B

MD5
cc8b31b589def0970d2870f765be8bdd

SHA1
7391a48a4e5471390b566d7cc326b861339b7b07

SHA256
b43984ef9c67cf35706dc8884d5244d18c5e996efed080df365c4c384af3cd30

SHA512
2fdf37d73facfe2f69174935be54ad3f7451de39270aa5e69bb930bc2a4a936f9f4f1af68636911c8d3fb1d29aafe59ceeb8e407a88cd1fd1ee92babf9fd860a

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\NoClassDefFoundError.class

Filesize
514B

MD5
c3625003aead6cee746899fbf5e27a6a

SHA1
4c27319c0aea4d5dd4e0db5afd676397e40709d7

SHA256
f14ab2091a51b1da2baca90ac49a715954539bb919bdfb0b67fa2076b085bd93

SHA512
606290670d5f161bd07776eded79884f4be0ad33ca20b416d3792c906fc87bb26000f751c3477b9bb649f4f76287b7670280e428379eadcbe819589e123765c0

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Object.class

Filesize
2KB

MD5
56d52b1f225c9f9a1c1e63fb2904e896

SHA1
b60bf3c76aa788e64229a444b4e4aab7c87b1aa1

SHA256
bdee69ddc135cbc9acbbd40df086b149facf069bf5eec8f1881d3a1308c3e869

SHA512
e63cb82e7952234c4380fc1be71ae75892992112271197f03ed8d40942cb4a7e27b1ede9e74573a1f8a9b9edc02187975f6b46a36816427ec4377e75ba825581

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\OutOfMemoryError.class

Filesize
509B

MD5
f51ec1ca9f2c628c00566d136199cc47

SHA1
3a6e7871f013bb0a7fd94ae46886d2040fc473fd

SHA256
405e7557a3548a4205d39f4bf08edc498f5448f49250e10fa79b5aacbb93379b

SHA512
7469ec4a091a97b0e1609506b452ecf5ae3a4968468dbfa840ed7ccdd3ce5bcccf979c759c9d9b8c00d4c7faf5887cd02e20d5de10f0300d7b03d26119d66235

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Record.class

Filesize
371B

MD5
6e81870e237da3235698d372e14e9cb3

SHA1
73b79379546e2735ef94bc8d49bad1736ab1b89d

SHA256
4821959f419f4cfd0081eaa85eccffca68c1ab37650566e3440202eac071af2e

SHA512
674eb97e332aaf8baf49d3f6cc295b6add9c30e8f0c799c7d61a7e98942919a72f6d4567d5bbbc827e0e769bf8b7ea461968dc808ff840b27ad6c52c66862782

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ReflectiveOperationException.class

Filesize
828B

MD5
bbb5e007b630b9e74a24bc5810791612

SHA1
9f82e4a8546387912757fe523788ccf8fb1d06df

SHA256
a3209f67975f991174b9d9d54862b0ee66b11295b91dd77ac0c12f5b8f5eeebf

SHA512
263f1ade3d382e645cadc0ff5afa364b02323b70c922df294260dd933c677dee3c270fc002e8093508e827aa64bda6ade2f600d423deaff13731e076db50b971

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Runnable.class

Filesize
201B

MD5
7904c4bd934d099aa01cee2d7fe2bc7f

SHA1
109b9e3fb9698ee3f90c69156656005082670884

SHA256
ba2fbce23feaa7b56a82cc80df03714605076e46f598dcb622c12208e120761d

SHA512
86cbbb72fb28444d0558127e3989372ec20046adf2d4b3441a8a77d7deb89801741cfa86affd9414947a20725bd50e0bb59bcf7fdc12c31e264f59b20653b361

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\RuntimeException.class

Filesize
1004B

MD5
b28cb19c8f3754e7055191c225779d5f

SHA1
51818e44265089cd61b66726690cd97f24e635f1

SHA256
d6e8eb7179cc99f4338bf69925eadabeb2f2bd296d4910c49722d1974e4b6ad9

SHA512
c209f877630ae2568223be8ac42a21ae4392f7c179b367e08333e9ceb9751b5252e89cd1ec65243ae273390706e417d9e2a8b00a11b4f4eb309c13ac85b9b65e

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\SecurityManager.class

Filesize
13KB

MD5
6f4221b8a00c3ad8793cd720a233bc22

SHA1
575f71ac81c2d8c3323f53c08b12d45d83e3ed23

SHA256
9e213c74d396b5139ff4e682f24232a741efccb57c6f4baf71c21bf841320e24

SHA512
e765d0fb0dc84e53e7e619635b11f8ae36f8ee711e5b6eb264ffa12c5d3d281bbf478ca004f07b4eaedd859083c66887e44dc05f06e360ff01d7f7c4d7274f78

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\StackOverflowError.class

Filesize
515B

MD5
16654015a7029a449e6eaee9fe4c2c14

SHA1
4ef89fe2a1ba8db8afda80ccd5fea36deb057719

SHA256
11bfe94cb50936b757c2a3d42f68f723b8b360f0b38dac560a8b9db273452eba

SHA512
5743d7b348b30207ae1e07e06fe261f856d1e4eafab82ff37f1553386777f1d34f578f8d4ddc1ef0d862da8888680073a568c0444bcacc96d606c814289ec8e2

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\String.class

Filesize
46KB

MD5
09e5510580cd2108426a50b85f5f8c43

SHA1
20247096151b8a28f2f8746a0ec4aa44a82defc1

SHA256
f464740db7934394bb11f132fe0e7ab41664cb8f407ba4fa7f250ac299d54192

SHA512
61b418c2878b1a978b57a6be568928d76e0af6965caf9865ebc1ab5fca6d464122194330bfd1dc5933bbc804a4d0024c21eaef666e81570fa2fce2aad99afe77

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\System.class

Filesize
18KB

MD5
bc181592619aa1df55cb90754e1da9b9

SHA1
fb368dc60460f655097c597418dadb422b1b790e

SHA256
0be850c2a8b5e274feee5ea680b7f97e8c380e0bb7f0ad105dcc1ac066483ed4

SHA512
f8845484d33ae313be40daa15ce7977c4a7a013e70883046dfe24241107c0abede0de5c799c2f89b6c151f27faf04bb8eafca307b3a2cdd6c7a96abcef0dffd9

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Thread$Constants.class

Filesize
1KB

MD5
93f11ad1a0be76e26876e1fb299e6405

SHA1
a6217f34265d3f6089482f13eb3d64e76ec479fb

SHA256
747e7aa72e17546625eff3ecd08fcc3d3a0109af40f1d3afb053fa82e060bf4a

SHA512
251be5d1ce869f7aea6ae3eb23111994d1d844b6a9739ec8220fb0d1f15487a551470fe31e7ede08251b5aca6a5d0bf9af38c4b09d2975e466b7871dee864a60

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Thread$FieldHolder.class

Filesize
849B

MD5
4f46a9163c57c871383581a6c9ad4649

SHA1
7b37aee51023a129ba28762c7521838eb7875a2d

SHA256
1c043b40d16cb23211b614736557ee94d2827e78b4687fb89d8c646a1cbf13dd

SHA512
eba7da615eee388d55a4aa5034bfbcb4971ea3410dd00d55ace2a1478bbc13bb8c033276d7f8b9a7b674885404d40b311bc4977389c69df0297a6442fcc67aa4

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Thread.class

Filesize
25KB

MD5
b16171801aeb2936fe2cbab94e1585b3

SHA1
0dbcfa54def690fa541530dead1570f505b72fc7

SHA256
b8cbb925ea51573518cd3d5d7186e880bfdbebc56eba6eef0ab161e0468ea2bc

SHA512
d844bc345c91879ac3fc7f13842509b6f57a69cfc4852793fb69642f974e6e3c33e049974fe19df8b053c400717f6aa70a5dd085e9d14aabd0b928b47a912406

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\Throwable.class

Filesize
10KB

MD5
27c00667649f67d433ee1835e9768b23

SHA1
1b7d34f4a41fda0630a1a11fe8cecb849599db3e

SHA256
59d5b349e9c291b66939d995f87ff45de7458dcd88b155b5ac6c8da985436982

SHA512
e0d11fb3bc3cb9c14b7e66f68ed1c098dc297602f9e1d135d3cba7b59e0d7c39b7b1cf354c4b987eb2cd17b0a11ad8a192cb3d738d5ba29b1b561cb3b3cf826e

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\VirtualMachineError.class

Filesize
797B

MD5
bd8af4b93bf40bf814b5f6e6f604cbf6

SHA1
42849dfcb47463fd822bbfd7f8512f09033a7c4b

SHA256
727cb4ee644d60d4720878ffa8b67b8aaea9d517976d1cde8fb2643ff06d9ad0

SHA512
d0a316fe12fa4b5419a0e0add2d93961472a5842c484554c34f6df41728da434f155b544e689ac1839dfc018adb9b68b3aa4ea07c1eca3f8576f9fc2d7851959

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\constant\Constable.class

Filesize
252B

MD5
7f9de303c1cd87d759431a59aad113ab

SHA1
e368d37a2b3fd8ad227890d8a9cd5407f13b51a1

SHA256
287c2a86dc33539b418dfe04efe84327889af49372ad62e3ed89d5d03149e30d

SHA512
60f9782a9647283bb0619010d2745946b43dab73d0c04573fdf78d218c4351ee37b9dc8ba6e88b1aa461b11dc148c3eeae85d9768b40d2b75c6ca7cdde55700f

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\constant\ConstantDesc.class

Filesize
716B

MD5
4103c156eb405caa87b7c315ccfd2d23

SHA1
0ec9be43c6b4f374713fd461bed98c456d2bcf2e

SHA256
e4282bb3734c07f82569772e73122006b6effb37c9d7e5db787ea2a155525612

SHA512
4abccc93b7ed4a5ad6aba40060483cff29f018bc9631d55f54c1922d417ea46b4ae7420b7f98284e185e8f0d4c8970852f0f7efccaa9249a1220af163306f257

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\invoke\TypeDescriptor$OfField.class

Filesize
518B

MD5
8fe65641cc33e0f2b60a10dbe8806cf6

SHA1
ce5c041652448c32c7ff78e07f8f39f71cbe22a9

SHA256
63f7466d5fa3b2185fda4798c2d67cfbf097f76ecf197dfabede50300b66ac22

SHA512
8279ba5a53211d4c49f7d6ed496e44fb2dd95ecbe542657f7edc5efeaa2b66e0ef609a9946e7d4f4cac5ed550e60cc80ee31e101bbf4cabaa1e8988abae29c11

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\invoke\TypeDescriptor.class

Filesize
353B

MD5
ed312f3b138bbe4f8352fe386411de73

SHA1
f0d9a77c194fc26f38127a1230827b51c97d330d

SHA256
b05699b261a7aceec07242d925c1dc99b234cc40e6441bce8032ac1884ec5559

SHA512
4f68441b3817f54178544a1b790aad4fb93bcde02c61e1147facb8d5213af75d5ba47b546949275634c756911cda0914ea0167733d16475c7fc365b8b3a5134a

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\FinalReference.class

Filesize
1KB

MD5
b4cd46cc8bd4525cdf0917ffd5bf625c

SHA1
deda9b83a0fa4d1fef988a14a28a7a130d376fc1

SHA256
f44692dbea1a757e7e6b97050cb04cd800cbdf7b1c58965cb647b370697a165a

SHA512
937efc04af15636ce809641a2daa60420d19a0302b10de8c2383e13719658df81489c1119a2f0d8cc63de522ca5f89159eefc0daf7119dc38748895e14bf9255

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\Finalizer.class

Filesize
3KB

MD5
bba59f765b5da23708e3efcff5c0aea0

SHA1
d94be6cbca7d888a9e8aeda9e5e35a013b013b6f

SHA256
36af03845db7378438f8b3a63be8e79365c6bea8171ba6e7cecec2795fff8e4a

SHA512
34f40e491275df79e58206c0052949f5bc4efb9d7d6b33a618114ca062f5a663d71ef5c475c286ae95b54cdceca3c3a3e33add07332afc18c358b61af42ff944

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\PhantomReference.class

Filesize
1KB

MD5
998d6ef5ddbfea52dd82871720981c5a

SHA1
96e9fb796beae952dcd97ed7426e0ff7bf43bc8f

SHA256
f0d8d321eed9ec7ad32e55886caaf70e0f0464ccfbb3c5b4ef671b92cb623634

SHA512
34adcd42c37c850f191df984c4460be7c510142128198f6d511323517eed57c11114752c2dea97f2f2f901c03f8ee901e05dc60112aeb10e6670f7c1a4db7bab

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\Reference.class

Filesize
5KB

MD5
30eae65e075a17629fac1981d1a4cbc5

SHA1
d61e233faf6db8b89841822ce62fc543c21e60a8

SHA256
30053e248e41330a1327d3554bac3812f13ed89bc4e71bb75c78f9bc9d5caf3d

SHA512
8b773117d93d1009fb7c13bf8025e4341dbd080a15f14f3a02f93e69d499ce8a01353d632aaf757185ed3eee9b7c5a5c36f900f71dd1564514fab37ac600b5aa

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\SoftReference.class

Filesize
1KB

MD5
3b4696e9cc0ba747d92bdfddf687f900

SHA1
a343edc6ced63d967ba5cd4aff9d6a9dbe8fa6e6

SHA256
54e66e3cfcef2212d0aafa274a68eff4be6e226bd133e044f5ee48e974590915

SHA512
3e9180c50bb2d78888ae23a7fb4b5be2cf53dbc72f368df076333e758df85322a4afe16f3f87d7273eac231b07791648598c7fb8c61c74a27b76334701b7286a

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\ref\WeakReference.class

Filesize
870B

MD5
f3d90960c8e8e60d5b9933c392b8f76f

SHA1
670fd125e7cbb3cb0ce4dedfc4358af76ef83dcf

SHA256
62c5b882c5083d83142187205db341a0cebe2606329442b240288576369cb3a4

SHA512
41d67ca70baab48ca72e11b97abcd86cc3fa4c3237e3623dc9d49c54bbbc2ed60e007626cea7bc05acb686fbc262ae54135e536eddd9e5a20de7135f887a4992

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\reflect\AnnotatedElement.class

Filesize
3KB

MD5
0733eb716a97b21215700bf9e24c791d

SHA1
a68ffb6bb61cf4f0d6be0f63105f9f1d6d00e659

SHA256
f5da108b4f163bee73931ce5da2f1ef8632d03e8d6512e2d4a8fff5f1f64e15b

SHA512
66c7152d3880791a06fb38f6caedaf0bfa109e28b23bf6522820845dd314efe7941ff4102ca8bb901d64ecf5e07dd050c28622095727227bd187750a08b56e85

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\reflect\GenericDeclaration.class

Filesize
304B

MD5
617ab6128968b87b8f2a24d13941cd06

SHA1
caef2cd06c722f6c6060446fc1617a94b3413809

SHA256
2abe465c1bb081a21090f977134385870afa7027e5e4a943d8240d420fba8175

SHA512
9232ba0dded48a458c509ae28bb86e5fff2f96368ddce9b29f8d2cf09cc1e77758eadb0ea7ef45233bbc272eee31f5198814d0b08fed7daeaba643b291a9f03c

Download Submit
C:\DeadCode\jvm\modules\java.base\java\lang\reflect\Type.class

Filesize
308B

MD5
085ab3a3cdbcb48be8f50db0d486d1ba

SHA1
52e8fb5f63371902dd93b12088dec8347d53c874

SHA256
52fb48861bdccfc8e17c1592e97ddcc1037177a8e7f9258a336d1a5acd4c8851

SHA512
2d0767a25d5b73a608198c9b58de2086c16313aa6c62297341c7767ab0c8bd1e6fdbd03afc9776cd7b058d74ddd310ce2c7ee9e083cc1c2a75c74cb522945864

Download Submit
C:\DeadCode\jvm\modules\java.base\java\security\AccessControlContext.class

Filesize
12KB

MD5
01a4fd548e35afd1ea90e6da5a399008

SHA1
4e8964d712b35ffae641d776291bc0c3f3c5dcd3

SHA256
bdd8acb7796b1d47916c7767a164c1cd39bc6cebca16280889a27eeed8291f04

SHA512
ba405a241a744a8bd9d006ae83506c34bef96285c6b9db4e9f7d5b627ad52dfee5207f5e38288eaed4a72ceff3e92378722b98ee1d0143bbbfe47276a3d6bbd4

Download Submit
C:\DeadCode\jvm\modules\java.base\java\security\AccessController.class

Filesize
10KB

MD5
a47a57e89b9fc59642ac3f3d12bcdfe0

SHA1
7d3af8fc54dedf5f9e5282902158ae749bb09317

SHA256
01301e515e8ad20b3113a82f694b06b48f097d892ac02a0e8da6a16fe37d4cbe

SHA512
795de84fe5797ccc8263dcf220aa2fbbf95304c7f6eca29f663fd6a18af61c7f0f8584cd4f06bbdc38d20db53f05944d58f85ca8fa29971d0fadb8eb7d88c922

Download Submit
C:\DeadCode\jvm\modules\java.base\java\security\ProtectionDomain.class

Filesize
8KB

MD5
b0b61862a38a4ef0eb7750d155a5e4a6

SHA1
7da5de984c5c4f27fac8b657cbde89bd1cdfc54e

SHA256
b18114d36d70728756a90f336f4b8dfde70ebf33e16d3d72e28f460b64361c83

SHA512
00b12f26963b6047f04f5202d01b125003e55a0fe1697a4c205dc7510b0b7cbba0b8a3b1a38aea492afb24aa4210506c988c5f11a0ed0ae6f3e5c26e7f89b88f

Download Submit
C:\DeadCode\jvm\modules\java.base\java\security\SecureClassLoader.class

Filesize
2KB

MD5
173e17846b9bda5955f3a76a512bef77

SHA1
65fe4e9ead6a014f64c6672d531ea91f3616a62c

SHA256
6280e3e9250dee4451d6e4fc0cdfa9ff4067f49341b64488e3e06ac224e0c849

SHA512
eeb4783e7d4e915d7516e7a3984147dcaeddd1ff927e88611a968ce9c7c01e1ca8b2750cc342e700eeb6ddc714f469389b9932d45a727df19dc5259dcff25bbd

Download Submit
C:\DeadCode\jvm\modules\java.instrument\_the.java.instrument-server.conf

Filesize
1KB

MD5
ddbd4a5eb31b71472b4f845556169620

SHA1
0ae969211d96c5e52ae29e489f1a5e0e739e8f4a

SHA256
f631fe8fc715a5f42099f7a263ba1eba7e3a8ec96e3b76dd5fcd2cd4ef796950

SHA512
d96ebb574acc1ae0e7b96880a0392089f88301de0b81c2f806b7b0766ac2411ed99c51381b417e1c7ecdff2f51b8a11855010325a0e847748a5cba00c12a9fe2

Download Submit
C:\DeadCode\jvm\modules\jdk.localedata\sun\util\resources\cldr\ext\LocaleNames_mas.class

Filesize
12KB

MD5
5f2ed9e33bb49363ee0a3695a021746a

SHA1
ed87cdf36c675135dbf57ac009b14b12d3dc1cba

SHA256
0eb52790b7b14de8be8eec6236838b9961f3f93f57bf153b0958e7e278ee4992

SHA512
2e3a88e6b52dfd91821658c54906a7f82bc361b12b2fd8eb490c72b15a804f1fc3e37e7b042d50336f86bcc1f55cdc557d8cce2b4b639066570ad75bfb7481e3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\activity-stream.discovery_stream.json.tmp

Filesize
22KB

MD5
215c3ed321dc8f575dd3a577f8e62f26

SHA1
ef92a15de63b91af3097bdec3ea70e57afe22c5e

SHA256
9cf7d981b52b4072decc0db620d11876dcd7ec8a8ff1e57c54593da16c7b2b8c

SHA512
43654c00bf6242aa637cad01608d25d822c0b6f6453c5f5d36dd5d7c0c6af72f3c9c7f44cd9531a45b9a5e20a78290ec8f31c96283f3d43615f0abd3728b5e1f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\doomed\12461

Filesize
9KB

MD5
5a86260372f3a07950ff93f2acc32705

SHA1
8e83bfae8b07bb0e98e5db252450ba04e891c354

SHA256
f016f9f079202895e970339c2b7695a6687916140af2a812fd3939f9f64be99a

SHA512
ac4d93abd59e9a59d6294ac56fb0646ca422e1d08fbd70ea2a842be55e833988b71f4004adba8cc412a04e74e76f0649567f6b22e8483b8fcdaf001a64bc2e2d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\doomed\13178

Filesize
15KB

MD5
49b997d557f7f426af692cf6368857c9

SHA1
9feccf06c65c0fd2d5b9506c6b34fcaae6e25286

SHA256
1bbfac478cdf3aaeb77d817a8602610976a8a14074438edc8561ae96cf6819ea

SHA512
d0799419d7c5fe7292adf438581bb2365de8a5a41fde75711f1cfde7df48d0bc66a2f15c111604f2aa2b040d99c560cf63cd574e9a9ed71f4fe4691cae5a53b6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\doomed\16955

Filesize
15KB

MD5
0b01ce4d6c4659ffea80383521504f6f

SHA1
40b6768a33acfecb3fed0c5c2fc34cd57561d833

SHA256
06a92a0d04301c117fd32f8b0a7e29b61bbdc3e8f974ca318de9af1a479d7d69

SHA512
c57b67530838036a036da5e194c1988190d1c038b1a28dfe2408134cb9647603bdae1391b949a9eed898459af66daae800c17b54e6089b0a0e2b0fc9701b35fa

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\281F08F28DA1746C618AC0F8D0A519F7E9B4285B

Filesize
110KB

MD5
d204efdc206b0de9ad44870e326ec4f0

SHA1
fca374afcc35b85608c89edb074307ebafa23d4d

SHA256
d75c2234701980758c6fcfa659cc79e55c0142a6f3a7f74c8dd501c011e573e8

SHA512
86d79550aa044af76f36f68f842bce74419ed1b8ff5befe415ba6d82e8883ff820e0a846b65e6692818212837ea90d0baa4610de783f6fe1515640b1aaf54ec4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\8AAA6AEEB9D571A294D400327BC82950155CEF94

Filesize
270KB

MD5
42392bf907d06ff5446be0cb7358084a

SHA1
69991910d4621629184c1cbf416fcbb4168a7662

SHA256
6f0e9a735429473cb03a71049618c0aa5609739e93a0269f19c1fdd85cf8efd4

SHA512
833a120dc72b4f9a5d140e7f4f673826238077c08ca275f10b840e530f45538c230369096e460f76f47cad8d1d3d3c17270a281fa2022c90648f478a9b4d81f3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\91A4C2D97A9E15FD11F5D0897B414E34D5A30A2D

Filesize
1.4MB

MD5
acd849ebf17954232b4dd30290c5cb62

SHA1
9d68a2cc709cfac142db8c0446f22d7ec2875411

SHA256
dccd79b192c47b087ada9a3d70183eccaaf312dcdede09edf9d936bd4f55fb4d

SHA512
959a966d67b83a8c4d7ee508945fa8e81a9adfa6aefbc218645e62ef9654c5a096ddf4b50bd3bf9da6103b16099b3a0d9eac5cf90be00ad6a7139c1dbb9d784a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\C4F82E01C0B298205850A19FC17EC450FDAAA85F

Filesize
16KB

MD5
2244555a9658c4ff996e3070fe65a949

SHA1
36bdd69e4e5201ff07320b0b3be6c1535646085f

SHA256
9fcb843d29b6b42fe8aead9ef40a133d60791b3716c262ac58bbfcb5ff69dc8a

SHA512
a5956eb9903d1e9121a50ca8dc29694733447129402ddfdbe94635ac16d3155f0bee156fa326be13c8d4b24605a21aa5c8d38edaa3ed2260edc75c4b1fc7a869

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\C72D4296C2EBC6FD41A9F780CD0C8F30F0FF937C

Filesize
13KB

MD5
7e647dc658b7dfce62f09bd2724a6347

SHA1
359ae350cd4ea3e4e5a98ba4586413917a93e9d8

SHA256
605af03caa038893e598cc4face624bd97c9e5fa4538d1426415ef0988b99598

SHA512
2de84b33ef09bb20e267c370ca20494b762d7a75242d922df79f1a2bf290dfb5e5a0af207ce3edef1f776582feb7dcdefeb254146c6b9d75204b67ee425f38ff

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3wdd08zs.default-release\cache2\entries\E22C4EBDD7D8C5B1D10879AF102433D5FB496C9C

Filesize
418KB

MD5
cc84e8d00c669fb6a7b4db2721b43dfd

SHA1
1377926e445009e9608fb17e846d470b22ee9a05

SHA256
9ddd05295a59dd6b1e9701f8daeb9491bc92d6d13ab94d0c6f9eeb7c64df41d8

SHA512
4a91cfd993fa37b7aef117801f6b9179f73c1a5c11c304a2fc06243ee19386776946468ac12a32e425e821309adc08334280c0522e6c9d250b0e0e1f54aadd15

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
e23e7738a77157383b36aac373c94c3d

SHA1
3267e2189c3c333359cfa01fa683c1660020f8e3

SHA256
7792fd4bed6991f5096eefe2c6931e987a660a4739cd88fdcee38b2d4874d034

SHA512
c3eeb483ab01b2bb3614c0294dc8a0324ed82ffd46edd8da4f6e5e522b974c2b0b4da30326e9b614cc32c039a137ea90501278ba8186a96f98e569bc6e4e5b67

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
19KB

MD5
a62e3bc19c7c0db37b2d9433b84b36fc

SHA1
acd209ee61d27e84d0c7d352bcd07c093df34a1a

SHA256
a78c6a72990731f2b6b5bace9020e611902fb2278658b0d51cc492bb72ed8202

SHA512
962977880c9b50e3bdf6e821994033a97c183f0d5a34f8fc4dac13708e72889d21829808cb4cfa3cd81aa83236984bd051db4f301dec06d57260d684e99fcc1c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
20KB

MD5
bc871095adb473b49e9e975c7a3f1240

SHA1
1635951af0acd199554a9f371a383dea3feb79b1

SHA256
89a12023ab7bf0271918ce6bec1298cb651cc89dec59c106298c8bf96367b574

SHA512
e4541dbfc8afda56f28f59cfe5049b58f74245ba08d04e6d092afed667a925eb891efba84ca73f25cdf8acbab3f8923c30cee21311a199e613b1dae5afd27955

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
20KB

MD5
00346d721e85c2b0ef27b04ec4034d70

SHA1
6779e9e2bf2d17a0e4efc5c19735c631a25ef193

SHA256
648fbcc678de36e56e3fbff5204ec654cb732f43c43872a01567016bc97a47c0

SHA512
d215133e07a811d855ffa9a1db1124016052dbd8fb829e15130753be01cdd491d801a3fdfab05357903f0ff33ab0a360b5dd889d47f07b7ee9205b2cd887916a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\logins-backup.json

Filesize
627B

MD5
541e52e116fa49d7b71d3689b26ea28f

SHA1
2999c70de964fbc011836e112ef5171a1c4dcb92

SHA256
90d2f672279dd3c4cc2c633defe48e5413434a4d6f55e8148db70a17f89796af

SHA512
b93e274868c7eaf0867c783aff205e219ee8e9cd17d35266bfd8580d118e87bc45f4cdbf0d5bc4f83d9c5afec161a8b724f9d344435d641cdee522021ed9c0b1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\logins-backup.json

Filesize
619B

MD5
8309ecd1db288382ad5903da4106f97d

SHA1
e65da426d091d11fb145c926a09d9e45aa079fe3

SHA256
224611b65bdcec60d7befca327ed0846e8a6c205f3728921a2248c30ae0fe3a5

SHA512
4aa6d5b2d7b8ed552445f7ed7acd2fde8c6514e2a3ab8c744b9638855a8a9dec66b29381a86d46b490944a67fb91c69257557be3dbd8d39dfb360728ab69a784

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\prefs-1.js

Filesize
10KB

MD5
334de8bb51954cb47ec55d4f309301bc

SHA1
833d80b82218d2b1d5ac37fc499d7d5fcaf61102

SHA256
c7c7979c1728c0997b90538e22a45771dddfacf8c9816ab4309fdb481ec8009a

SHA512
b51968d4056681b6e9211aa9c6bc60aaf7f46cc291ae9867ea44a03a25162d03000162add2c1ffd3949a99392389a6ce05c78e25dfeed89d0e7db8a41ce9f106

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\prefs-1.js

Filesize
10KB

MD5
209afafdd8365c4e6c4ee7eaedee1810

SHA1
ec5c2a24d1faffbe29693fc6782da20dbc890ab6

SHA256
bced960bd814e5acf90bd262cbb724a5e316c598069b31da387e921bcba991c5

SHA512
f087b94e14064434db64075ddfea6e4c225d031024bbf6d6d719147a9236419a51aa4201fc4c1ebf85841fa3a45be2a90014fbdb7b82d12a957333e2ab084cc5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\prefs-1.js

Filesize
10KB

MD5
bfdaa77fdb1732f6a36a60563dc49f8e

SHA1
ef947c47eeefc5e5b16911d043f94f3b6fe3c6b8

SHA256
2f015649c6c8b45dde1b79516a396149101b8254152c1203777a9220600d85ae

SHA512
912fcbe99ae690ed7f7ebcd59752cdb07583a3f520e492ae9211497460898cc3fad990944097472b0cce8643960177e4617593f61876b1be2c49bdd9412e0027

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\prefs-1.js

Filesize
7KB

MD5
a61dc18b26d73c25dfe2f7bb61fb4d9f

SHA1
9aa91628329a647a68e3dfa47696d7f3969aea9f

SHA256
325f9186c21fc8963d1d668954a21444d93fc5f1f673e3c0bc1be938c430af66

SHA512
5820fee14a4117c8d020a07ec700f9a4c5e8ad5a049dd254734cda9b9e663d6b15bb30e548f7162072f027220bcdcb288213339efb18f7666bfb2f8a92db2244

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionCheckpoints.json

Filesize
228B

MD5
a0821bc1a142e3b5bca852e1090c9f2c

SHA1
e51beb8731e990129d965ddb60530d198c73825f

SHA256
db037b650f36ff45da5df59bc07b0c5948f9e9b7b148ead4454ab84cb04fd0e2

SHA512
997528e2ecd24a7e697d95cd1a2a7de46a3d80b37fd67fac4fb0da0db756b60a24648b7074255dc38f7651302f70894a53c3d789f3d7cd9f80fb91bd0cade4be

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
8f32e365b1678502c4f583c1c78d6df5

SHA1
93382df2411782ed44d6284842349655468f9f04

SHA256
1ae4804175e70b77bf23280f84707bfa35154ae240bd04c3191d13ca871ebbc9

SHA512
7fcdedd9296a5640523e56bb96b3c0c54cd13cfc702a196960a14aaadc5a1e60429195273e9bde6c37a8f4385d2a789bcbe4d07a070e0b074e7e67e097b8d80b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
21KB

MD5
346204dbc66ddf6a95715664d8c0ea5f

SHA1
0fb6aaad67763e9c135f4ec68a0afdaac15e567b

SHA256
c1654a0be9f07a956924b2f20163ae375dcfe1f015a98324273feb2e06fb832f

SHA512
39ccaf54d1a4d075a8f3ed1dd85b5ae5db65bfc8453745e97ee4333f70e3bec33e800d2a7865618119ea83e459d0df386189b7937257efc4764f63e38e76d69a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
4KB

MD5
a44890c119fa6fcdb4f61748cdd07005

SHA1
4118d173cfcd2f8e5bc010a2de304f6100b80d7e

SHA256
7dea88c8be283dbe46482cb621b65a1d6c4ec1c8db87176564fecc705f8bac99

SHA512
90eb5d7df86c001f3aa071a89e43feecd8d4aeaf93b9376c153d448c0a9147777c6ae28201d23fe3a855e05e8c77b7fbcb3aa3f518a2e3a40549ea9f8993bb63

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
6ffd5659f59c7bc1a0f4bee4f346d2d0

SHA1
e436242dfbe6470411d05481a804bfb4816af2e8

SHA256
78193cb3aaf4acdefa1e1c8ca488afc380780d3e2b0a32ad6aaa2904809e07e5

SHA512
82944b41cf877d07fd0355eff2bf6783bcadf78d33cdc4ae6fc489a4919d76861861abf07f0d0525cf16a2f551e5f583a2232fac1edf812799d6df50b8c6bfe2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
21KB

MD5
93c0bba38d15e924b0a3626b3679e115

SHA1
11d88f222b2dc1604068867c88d288f704809780

SHA256
1b04ce9eaa4a648cb6af113d76649bb7311f1c15721f0e02b9e1d2c75d9a3cbe

SHA512
68ecaad5201d0029abd853a9a8c856b3d99bb72e7f4a648d60a00c738dcdf5c0bef93eb791497310993f72a8d7226a5d7c4524984e05c13684f0115ce49d8fde

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
08f4d6dcb870cf9dcfddd760af7c8985

SHA1
bec80fb4bb6dba8ddaa680dd039d54515ceeac38

SHA256
bf71669c0d1f436f6cf51a7ab38618dc502800ac1ca6631ff1b60ce5f7f9a03c

SHA512
d030d4a18f356420f81755866c746457d5e82e2ec2b1b57b59752ec03a04967944a9528bbb132da519fcdf99786069ae78aaafceff601f7f8c1a44e0fdd0ef8c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
cea4fb4b99d1a4fa89bc8d43e81ac040

SHA1
398412c5c2dde013f53b08110ea02fa3bfea58ac

SHA256
dfc9440a382a2b2b9e5d5f5b3c55324fdc433226938b1c958781b0a127d4d4f6

SHA512
6e187ce736a5064ffa40e5aad72ebf3d8b407e8394c76102c5170f6ce8c7767105be96237575c2bed1ab164e8dc12a9c94955db81a00d95a80123c528abfb9b3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
0595a5d1b9f3c42de34b5884c64b955e

SHA1
2093e83f06af0750dfec0b6ed2069431dfa94a59

SHA256
c9b4adc744df181e8e5ebe6ec02ba17c1f72d863ec06ba83f1e0a2e5bb7c9ad8

SHA512
e196081e4628fbcfb4edecd09660db2edef6fa8da7b1c29b20fdf4996cf0286ccb4de042b0ce5559538a99cf89ce62b31b5b4f9f0ecbdc966a89a479cc4e4dd5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
9ffe9b72982256f6aca67e7a0caf9815

SHA1
8b08813bde763fbf26cf65e1014ee1bcb187bf85

SHA256
94fd985fd2fd4780191165122f26b06b0d98e6dc13d48448926d21ad637709c1

SHA512
1fa4d0a099e6b9f8c82c8f991c799f89aa665fe509bbc4d712948f228ee3778662d163a618ec01a6c9977b49bd9eddc20dd6141978c823e62c3f7bef06b27d1d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
7KB

MD5
05f1b9bc3877632ac3b39e6127cc8dd3

SHA1
62a021e9f2f28558c00c8564cf600214913749f2

SHA256
e7ed5f30dd3fb571ccb45f37c8a855bc19060868ae0f351b775ae4dfde8fe516

SHA512
5fb4d590d9a996156dab1791b78684998b571e738e6152bf8123b29995adf9f8a0565f311cbf3fb5b08e92cbf292d81d77d37f842e1a82f46aacc3716503e0da

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
cbf3c2ed721894ccea6e97d613910814

SHA1
3248a605c8bd0cf7d39a055358c9ae523caf0314

SHA256
3345a87caabc40309281262d7c9206911b25165b41cd17c89919915655032174

SHA512
b777e79c942b4b0b9865464e1b4a8dc0b42445937bfced9daff3301ef15e38bea410513993f0aa37f29899f3983f4149c7197c92d6234bd492338dfaa81b13cb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
7KB

MD5
1456f658eed900a46f985ab0c1e5de5c

SHA1
77fcd1c4da5fbcd6e20accfff716b8aefef24231

SHA256
62f038f1e98b8a77e5a87a5a94a69d9c7bb20cde207a6c84e4bc33baba194127

SHA512
1e1e6eaae41de0195eca00129515603177bd21d54824c58f4435922b6533e59827c9cf942d38e0c2fa1a4c06807b42af455dbb3d55e34072153b5ff80d0154a6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
21KB

MD5
3be4d8c9c5393cd967173c33d51cffba

SHA1
db4aafb2b318f10d85e87500e0e45b3e9c606010

SHA256
1ceb007064f42d07e0fdc40db68558f2613291b89e9041e8ffe6f029621d9df2

SHA512
3ec034e6dbedc0fb1c468178c6ad55de5e78f9d1ab293b1747165565eb23c7f69949b3f9345e87652554751e53f520df7383d88700b2909c3d893432f468f4be

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
6224505c9618b85c496e0d2ab9dcc365

SHA1
796007b21740c4cab712bbdef3b7024b4c9e25b8

SHA256
512ed6d97c573af4119cb3d4ea1e01a5a7d0f4d29ade910aba234e5045005cd0

SHA512
4932175bff97e15acaf2a139614725476f5138544bff7402aade3a5c1754e603b738f023f1ea3f9c3f1a7c2d18bf316daf3435dec058405769e60ee4b204ce1c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
34d0d2a860bd591b2cbe496c6d95e912

SHA1
8427a01a7443879e9b3d30e606db51f4154b82ba

SHA256
67e59bfa8e0ab8cd07011262b5ca2d2f66ae37bb3f5570096ce98183dca1a335

SHA512
87da05f70c2b3506e10319e0f72064933c84e988d9bd0800e05500e6eaa07067b5666cdee83e43515c1060dc3e36c75c4175f3413f7866ab95471821f9844677

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
05c8a13b5da53e61af73d1129f9e4e14

SHA1
9f64b4cb19f9c8028d8d5e3bb03611de92956d7a

SHA256
30d197ab1fa9991d0c5889546564231ff307d0222d2461f0d25d7a0163a7a44e

SHA512
91aa9eed5ab6ac57be6bfbb375a4fb3cbc503a8eae7d47739b263636179d18dca1f443d4f39e76fb4d17ddceebe28b8459a6e51df57581205b8573d7fdf99295

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
71efa5a8eaef9bde187cc201be80e744

SHA1
793c003df81a1409425898dc5fbff3e07c4dd97f

SHA256
5f151ed7fa42543270f5b94ec609d10a3e7bd0563cb5b2c52719c9c517c0788c

SHA512
b8ee3867fa4d828728196a4e213e96144b6e462866be4029eb62ab66a7d0b4e3ef6e2b1a4f9295ee0bbbbbad7b6265d2ff3b42b2cde17a2713b5077595a88bbf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
22KB

MD5
dd1c4c676fcfd089b3ea07dcb16ecec4

SHA1
63091d258be6a15fb7abf5af876ec06839537f3c

SHA256
0a939b4c82bc1b4f6ba51e92f2165eb087b3692211b9a311d5952111ea77416d

SHA512
9875fc9574704d469c4b23ae381e0ea371fd4a45c8718aafa81f7b3e5aca05e49a889f53936178991726fb34d30392d59bb0535f841b2c52899c9182518a94ff

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\sessionstore.jsonlz4

Filesize
22KB

MD5
19739ac2e7d962f3e79015f44c27f780

SHA1
dd4a96bcd76f7d2db2d96863547e1f01800bcb7b

SHA256
284cc01fc871560b88fe96e8b1bd01add58a5ccb9995571ecf7e3dda90635bdd

SHA512
89c229208f2efbb4166f97dfcd9504e1683a6ce057eadbeac71722371edc18f20e2725c78539bfd930a0660b3278b24c274ea1f3fab3cfae7c2cbcb7097df360

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\storage\default\https+++vk.com\cache\morgue\146\{904998af-01b5-48ec-9712-b0b89cddf492}.final

Filesize
61B

MD5
56a821aa9eb8ab7b3e86d491360ebb21

SHA1
b9acd79dfcb86b90be94d578295202028bb571a9

SHA256
8bc7fdb2c47c25fe83b495e9c2202fabfca022ea0020739382c41d4502c629c9

SHA512
73f0e988dc49e8be46f683041c930ba5d932531332dcfef1ee451d5451b4a3f9c5c16a25903f7b92ad3e2e14f91ba3878e8048d03fb82e2c834ef6c2bb3aaace

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\storage\default\https+++vk.com\cache\morgue\158\{7e06933d-9989-4455-80f9-e77923b1939e}.final

Filesize
26KB

MD5
eb809479db236f5e3497e23be71e87a1

SHA1
29f3d6f40e0da743fce752439440430660f7f4fa

SHA256
0d0d0875fd9519ac76680b32153337cc18e2dccea82a96afd664ed7aad443a62

SHA512
28243908024284f0a93e4a057726b6ec562940ebe8f568f66ebde162956c9e17135dd9cf3619fa37277cd042a3ceef7507ff2be529c19bf54df6a2d0705b4342

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\storage\default\https+++vk.com\idb\1332809601s1tvi-ctkseirls-.sqlite

Filesize
48KB

MD5
43ef1f436c78580dd79deeb700527173

SHA1
79c18e65cfdd3e1607d158cd83a9812253eacd22

SHA256
e38277a337807f50a2d81772780da96c0c9d0ca61dd19470aab75d0e7c09eed3

SHA512
dc5ae084673fad370bfeb9d0cd20c0e0466c1562532b3233f37719d205a150970bbcb03b50ce21e21e771a78fbfc8fcf03d8fa86c07691a3e53c9354663d3397

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3wdd08zs.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
9.9MB

MD5
3a485dce77b342d41d7d19bc86c3a2eb

SHA1
945e252bd8ffacac80c4fe1403c9a97a15141690

SHA256
3e9b1c21aeccf02684c81ffc2469c8f7cbd55cb1d37be925c60f9cebbc765ca2

SHA512
8aaa709ff5820395de5674977b9bff59e455e731e6ff6b194d6784fd2d464c33f534218abf81cbd1223700b63b8ff0530b41d84d9eaf9d450b75ef1a9eac1866

Download Submit
C:\Users\Admin\Downloads\DeadCodeLauncher.ya0szqji.zip.part

Filesize
16KB

MD5
94d5fe90e739a51791bf23a57c85dc6e

SHA1
8f51799de5089af19a60fc8375e66377a7bdf929

SHA256
9d5b8527f6193d2543b7ca35cf7dcb532c12de65db82dd9f93b89640a5e115d7

SHA512
7af35e5c65d89e6307044baa75de19607d9a0afe9bc78d6a2d40175360c9dd6d1de9807f52298f8a8bbb65ddabc15db1d41cd3815dfbeefdb82255fbec166a85

Download Submit
memory/2620-35737-0x00007FF72AF90000-0x00007FF72DBC7000-memory.dmp

Filesize
44.2MB

Download
memory/2620-35788-0x00007FF72AF90000-0x00007FF72DBC7000-memory.dmp

Filesize
44.2MB

Download
memory/2620-35655-0x00007FF72AF90000-0x00007FF72DBC7000-memory.dmp

Filesize
44.2MB

Download
memory/2620-35660-0x00007FF72AF90000-0x00007FF72DBC7000-memory.dmp

Filesize
44.2MB

Download
memory/2620-35663-0x00007FF8CFB90000-0x00007FF8CFB92000-memory.dmp

Filesize
8KB

Download
memory/3184-35633-0x00000188D6220000-0x00000188D7220000-memory.dmp

Filesize
16.0MB

Download
memory/3184-35557-0x00000188D57D0000-0x00000188D5915000-memory.dmp

Filesize
1.3MB

Download
memory/3184-35570-0x00000188D6220000-0x00000188D7220000-memory.dmp

Filesize
16.0MB

Download
memory/3184-35556-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3184-35558-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3184-35559-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3184-35560-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3184-35629-0x00000188D6220000-0x00000188D7220000-memory.dmp

Filesize
16.0MB

Download
memory/3184-35627-0x00000188D6220000-0x00000188D7220000-memory.dmp

Filesize
16.0MB

Download
memory/3184-35636-0x00000188D6220000-0x00000188D7220000-memory.dmp

Filesize
16.0MB

Download
memory/3184-35635-0x00000188D57D0000-0x00000188D5915000-memory.dmp

Filesize
1.3MB

Download
memory/3184-35634-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3184-35561-0x00007FF8ADCE0000-0x00007FF8AEDD1000-memory.dmp

Filesize
16.9MB

Download
memory/3472-35758-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35757-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35753-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35764-0x00007FF8CFB90000-0x00007FF8CFB92000-memory.dmp

Filesize
8KB

Download
memory/3472-35767-0x00007FF8AC450000-0x00007FF8AD541000-memory.dmp

Filesize
16.9MB

Download
memory/3472-35770-0x000002D911760000-0x000002D9118A5000-memory.dmp

Filesize
1.3MB

Download
memory/3472-35771-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35772-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35773-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35748-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35715-0x00007FF8AC450000-0x00007FF8AD541000-memory.dmp

Filesize
16.9MB

Download
memory/3472-35717-0x000002D911760000-0x000002D9118A5000-memory.dmp

Filesize
1.3MB

Download
memory/3472-35742-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35725-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35776-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35735-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35777-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35778-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35779-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35780-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35781-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35786-0x000002D9118B0000-0x000002D9128B0000-memory.dmp

Filesize
16.0MB

Download
memory/3472-35787-0x00007FF8AC450000-0x00007FF8AD541000-memory.dmp

Filesize
16.9MB

Download
memory/3536-3185-0x00007FF8CFBA0000-0x00007FF8CFBA2000-memory.dmp

Filesize
8KB

Download
memory/3536-3199-0x00007FF8CFC60000-0x00007FF8CFC62000-memory.dmp

Filesize
8KB

Download
memory/3536-3237-0x000001EC454F0000-0x000001EC4557F000-memory.dmp

Filesize
572KB

Download
memory/3536-3186-0x00007FF8CFBB0000-0x00007FF8CFBB2000-memory.dmp

Filesize
8KB

Download
memory/3536-3188-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/3536-3187-0x00007FF8CFBC0000-0x00007FF8CFBC2000-memory.dmp

Filesize
8KB

Download
memory/3536-35637-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/3536-3238-0x000001EC45610000-0x000001EC4562A000-memory.dmp

Filesize
104KB

Download
memory/3536-3239-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/3536-3189-0x00007FF8CFBD0000-0x00007FF8CFBD2000-memory.dmp

Filesize
8KB

Download
memory/3536-3190-0x00007FF8CFBE0000-0x00007FF8CFBE2000-memory.dmp

Filesize
8KB

Download
memory/3536-3191-0x00007FF8CFBF0000-0x00007FF8CFBF2000-memory.dmp

Filesize
8KB

Download
memory/3536-3192-0x00007FF8CFC00000-0x00007FF8CFC02000-memory.dmp

Filesize
8KB

Download
memory/3536-3193-0x00007FF8CFC10000-0x00007FF8CFC12000-memory.dmp

Filesize
8KB

Download
memory/3536-3195-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/3536-3196-0x00007FF8CFC30000-0x00007FF8CFC32000-memory.dmp

Filesize
8KB

Download
memory/3536-3197-0x00007FF8CFC40000-0x00007FF8CFC42000-memory.dmp

Filesize
8KB

Download
memory/3536-3194-0x00007FF8CFC20000-0x00007FF8CFC22000-memory.dmp

Filesize
8KB

Download
memory/3536-3198-0x00007FF8CFC50000-0x00007FF8CFC52000-memory.dmp

Filesize
8KB

Download
memory/3536-3184-0x00007FF8CFB90000-0x00007FF8CFB92000-memory.dmp

Filesize
8KB

Download
memory/3536-3200-0x00007FF8CFC70000-0x00007FF8CFC72000-memory.dmp

Filesize
8KB

Download
memory/3536-3201-0x00007FF8CFC80000-0x00007FF8CFC82000-memory.dmp

Filesize
8KB

Download
memory/3536-3203-0x00007FF8CFCA0000-0x00007FF8CFCA2000-memory.dmp

Filesize
8KB

Download
memory/3536-3204-0x000001EC44E30000-0x000001EC45093000-memory.dmp

Filesize
2.4MB

Download
memory/3536-3209-0x000001EC44E30000-0x000001EC45093000-memory.dmp

Filesize
2.4MB

Download
memory/3536-3210-0x000001EC450A0000-0x000001EC454EE000-memory.dmp

Filesize
4.3MB

Download
memory/3536-3216-0x000001EC450A0000-0x000001EC454EE000-memory.dmp

Filesize
4.3MB

Download
memory/3536-3202-0x00007FF8CFC90000-0x00007FF8CFC92000-memory.dmp

Filesize
8KB

Download
memory/3536-3217-0x000001EC450A0000-0x000001EC454EE000-memory.dmp

Filesize
4.3MB

Download
memory/3536-3218-0x000001EC454F0000-0x000001EC4557F000-memory.dmp

Filesize
572KB

Download
memory/3536-3224-0x000001EC45580000-0x000001EC4560A000-memory.dmp

Filesize
552KB

Download
memory/3536-3230-0x000001EC45610000-0x000001EC4562A000-memory.dmp

Filesize
104KB

Download
memory/3536-3236-0x000001EC45580000-0x000001EC4560A000-memory.dmp

Filesize
552KB

Download
memory/3536-3257-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/3536-3256-0x00007FF63F0A0000-0x00007FF641CD7000-memory.dmp

Filesize
44.2MB

Download
memory/5000-35639-0x00000243C5270000-0x00000243C5271000-memory.dmp

Filesize
4KB

Download
memory/5000-35638-0x00000243C5270000-0x00000243C5271000-memory.dmp

Filesize
4KB

Download