4a9d815f284adda187982e2b24da2beaad860739bc4b4cb1cf26408e7c221dd6

Analysis

max time kernel
996s
max time network
987s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
21-04-2024 15:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CapCut_7267140873131950085_installer.exe
Size

2.2MB
MD5

c91e097550ea6ccedf592d8b83414e0d
SHA1

021f3f26d86f98af28dc987baad8714f64867207
SHA256

4a9d815f284adda187982e2b24da2beaad860739bc4b4cb1cf26408e7c221dd6
SHA512

916898c9850ddfcd2c11da7421eeffc4d48406d9ad4787a4dc572ec17a81a39edd30733aa8cccde8b31450ff8031e3da68be019a8a0eff50c0a17ed4fa0aa3c9
SSDEEP

49152:uGVKq6wrr98ArcTTuVMZCC8GYCNbFLg3dlXI5x8oaigMv3Dh:uGVLprJ8ArnVMZCUPFcNlXID8en1

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

396 camo.githubusercontent.com
411 camo.githubusercontent.com

flow	ioc
396	camo.githubusercontent.com
411	camo.githubusercontent.com

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

SetupHost.Exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation	SetupHost.Exe

Suspicious use of NtCreateThreadExHideFromDebugger 4 IoCs

Processes:

CapCut.exeCapCut.exeCapCut.exeCapCut.exe

pid process

3988 CapCut.exe
3220 CapCut.exe
3596 CapCut.exe
1360 CapCut.exe
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

pid	process
3988	CapCut.exe
3220	CapCut.exe
3596	CapCut.exe
1360	CapCut.exe

Checks system information in the registry 2 TTPs 2 IoCs

System information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

SetupHost.Exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	SetupHost.Exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	SetupHost.Exe

Drops file in Windows directory 2 IoCs

Processes:

MediaCreationTool_22H2.exeSetupHost.Exe

description	ioc	process
File opened for modification	C:\Windows\Logs\MoSetup\BlueBox.log	MediaCreationTool_22H2.exe
File opened for modification	C:\Windows\Panther\DlTel.etl	SetupHost.Exe

Executes dropped EXE 29 IoCs

Processes:

app_package_61624597dc.exeCapCut.exeCapCut.exeCapCut.exeparfait_crash_handler.exeVEDetector.exeCapCut.exeCapCut.exeparfait_crash_handler.exeVEDetector.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exettdaemon.exeVECrashHandler.exeMediaCreationTool_22H2.exeSetupHost.ExeDiagTrackRunner.exe

pid	process
968	app_package_61624597dc.exe
3248	CapCut.exe
3988	CapCut.exe
3220	CapCut.exe
3576	parfait_crash_handler.exe
1824	VEDetector.exe
3596	CapCut.exe
1360	CapCut.exe
1704	parfait_crash_handler.exe
3696	VEDetector.exe
3060	ttdaemon.exe
3808	ttdaemon.exe
2948	ttdaemon.exe
3376	ttdaemon.exe
3372	ttdaemon.exe
2540	ttdaemon.exe
3588	ttdaemon.exe
1980	ttdaemon.exe
3500	ttdaemon.exe
2656	ttdaemon.exe
3912	ttdaemon.exe
3972	ttdaemon.exe
3312	ttdaemon.exe
2928	ttdaemon.exe
4092	ttdaemon.exe
1136	VECrashHandler.exe
2568	MediaCreationTool_22H2.exe
1580	SetupHost.Exe
2284	DiagTrackRunner.exe

Loads dropped DLL 64 IoCs

Processes:

CapCut_7267140873131950085_installer.exeapp_package_61624597dc.exeCapCut.exeCapCut.exe

pid	process
1244	CapCut_7267140873131950085_installer.exe
1244	CapCut_7267140873131950085_installer.exe
1244	CapCut_7267140873131950085_installer.exe
1244	CapCut_7267140873131950085_installer.exe
1244	CapCut_7267140873131950085_installer.exe
968	app_package_61624597dc.exe
968	app_package_61624597dc.exe
968	app_package_61624597dc.exe
1244	CapCut_7267140873131950085_installer.exe
3248	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe
3988	CapCut.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 16 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

CapCut.exeCapCut.exeVEDetector.exeSetupHost.ExeVEDetector.exeDiagTrackRunner.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	CapCut.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	CapCut.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	CapCut.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	VEDetector.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	CapCut.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	VEDetector.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	SetupHost.Exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	VEDetector.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	DiagTrackRunner.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	DiagTrackRunner.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	VEDetector.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	VEDetector.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	CapCut.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	VEDetector.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	SetupHost.Exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	CapCut.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exechrome.exechrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies Internet Explorer settings 1 TTPs 51 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeiexplore.exeIEXPLORE.EXEIEXPLORE.EXE

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B63C07A1-FFF2-11EE-B7A6-525094B41941} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{79BD6001-FFF0-11EE-B7A6-525094B41941} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe

Modifies registry class 36 IoCs

Processes:

app_package_61624597dc.exeNOTEPAD.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\shell\open	app_package_61624597dc.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_Classes\Local Settings	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\Shell	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupByDirection = "1"	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202020202	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\Shell\SniffedFolderType = "Videos"	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\Mode = "1"	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\IconSize = "96"	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\CapCut\\Apps\\CapCut.exe\"\" %1\""	app_package_61624597dc.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 = 200000001a00eebbfe23000010001d9b9818b5995b45841cab7c74e4ddfc00000000	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000050000001800000030f125b7ef471a10a5f102608c9eebac0a000000a0000000b474dbf787420341afbaf1b13dcd75cf64000000a000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000900444648b4cd1118b70080036b11a030300000078000000	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupByKey:PID = "0"	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = ffffffff	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\URL Protocol	app_package_61624597dc.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\shell\open\command	app_package_61624597dc.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 020000000100000000000000ffffffff	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\NodeSlot = "13"	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\GroupView = "0"	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\ = "URL:capcut"	app_package_61624597dc.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut\shell	app_package_61624597dc.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000000000002000000ffffffff	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\LogicalViewMode = "3"	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\FFlags = "1092616257"	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\13\ComDlg\{5FA96407-7E77-483C-AC93-691D05850DE8}\FFlags = "1"	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\capcut	app_package_61624597dc.exe
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202020202020202	NOTEPAD.EXE

Modifies system certificate store 2 TTPs 8 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

Processes:

CapCut.exe

description	ioc	process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	CapCut.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436	CapCut.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde	CapCut.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25	CapCut.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703085300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc252000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	CapCut.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc35300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a82000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	CapCut.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703085300000001000000230000003021301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	CapCut.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43	CapCut.exe

NTFS ADS 1 IoCs

Processes:

SetupHost.Exe

description ioc process

File created C:\ProgramData\Microsoft\Diagnosis\ETLLogs\DlTel-Merge.etl:$ETLUNIQUECVDATA SetupHost.Exe
Opens file in notepad (likely ransom note) 2 IoCs
ransomware

Processes:

NOTEPAD.EXENOTEPAD.EXE

pid process

3624 NOTEPAD.EXE
1272 NOTEPAD.EXE
Suspicious behavior: AddClipboardFormatListener 4 IoCs

Processes:

CapCut.exeVEDetector.exeCapCut.exeVEDetector.exe

pid process

3988 CapCut.exe
1824 VEDetector.exe
3596 CapCut.exe
3696 VEDetector.exe

description	ioc	process
File created	C:\ProgramData\Microsoft\Diagnosis\ETLLogs\DlTel-Merge.etl:$ETLUNIQUECVDATA	SetupHost.Exe

pid	process
3624	NOTEPAD.EXE
1272	NOTEPAD.EXE

pid	process
3988	CapCut.exe
1824	VEDetector.exe
3596	CapCut.exe
3696	VEDetector.exe

Suspicious behavior: EnumeratesProcesses 23 IoCs

Processes:

CapCut_7267140873131950085_installer.exechrome.exeapp_package_61624597dc.exeCapCut.exeVEDetector.exeCapCut.exeCapCut.exeCapCut.exeparfait_crash_handler.exeVEDetector.exeSetupHost.Exechrome.exechrome.exe

pid	process
1244	CapCut_7267140873131950085_installer.exe
2832	chrome.exe
2832	chrome.exe
968	app_package_61624597dc.exe
968	app_package_61624597dc.exe
2832	chrome.exe
2832	chrome.exe
3988	CapCut.exe
1824	VEDetector.exe
3220	CapCut.exe
3596	CapCut.exe
1360	CapCut.exe
1704	parfait_crash_handler.exe
1704	parfait_crash_handler.exe
3696	VEDetector.exe
1580	SetupHost.Exe
1580	SetupHost.Exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
1636	chrome.exe
1636	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe
Token: SeShutdownPrivilege	2832	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

iexplore.exechrome.exechrome.exe

pid	process
2500	iexplore.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

Processes:

chrome.exechrome.exe

pid	process
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2832	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe
2764	chrome.exe

Suspicious use of SetWindowsHookEx 11 IoCs

Processes:

iexplore.exeIEXPLORE.EXEMediaCreationTool_22H2.exeSetupHost.ExeNOTEPAD.EXEiexplore.exeIEXPLORE.EXE

pid	process
2500	iexplore.exe
2500	iexplore.exe
3016	IEXPLORE.EXE
3016	IEXPLORE.EXE
2568	MediaCreationTool_22H2.exe
1580	SetupHost.Exe
3624	NOTEPAD.EXE
2340	iexplore.exe
2340	iexplore.exe
1056	IEXPLORE.EXE
1056	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

iexplore.exechrome.exe

description	pid	process	target process
PID 2500 wrote to memory of 3016	2500	iexplore.exe	IEXPLORE.EXE
PID 2500 wrote to memory of 3016	2500	iexplore.exe	IEXPLORE.EXE
PID 2500 wrote to memory of 3016	2500	iexplore.exe	IEXPLORE.EXE
PID 2500 wrote to memory of 3016	2500	iexplore.exe	IEXPLORE.EXE
PID 2832 wrote to memory of 2848	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2848	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2848	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2248	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2036	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2036	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2036	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe
PID 2832 wrote to memory of 2548	2832	chrome.exe	chrome.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Users\Admin\AppData\Local\Temp\CapCut_7267140873131950085_installer.exe
"C:\Users\Admin\AppData\Local\Temp\CapCut_7267140873131950085_installer.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:1244

C:\Users\Admin\AppData\Local\app_shell_cache_562354\app_package_61624597dc.exe
"C:\Users\Admin\AppData\Local\app_shell_cache_562354\app_package_61624597dc.exe" /s /create_desktop=1 /install_path="C:\Users\Admin\AppData\Local\CapCut\Apps"
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:968

C:\Users\Admin\AppData\Local\CapCut\Apps\CapCut.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\\CapCut.exe"
2⤵
- Executes dropped EXE
- Loads dropped DLL
PID:3248

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe"
3⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
- Executes dropped EXE
- Loads dropped DLL
- Checks processor information in registry
- Modifies system certificate store
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
PID:3988

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe" --type=gpu-process --no-sandbox --log-severity=error --user-agent-product=CAPCUT_PC/3.7.0 --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CapCut\User Data\CEF\User Data" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:/Users/Admin/AppData/Local/CapCut/User Data/CEF\cef_log.log" --mojo-platform-channel-handle=1828 --field-trial-handle=1840,i,7569448071013705588,7946860593744239690,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
4⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:3220

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c wmic csproduct get Name,UUID /value
4⤵
PID:3676

C:\Windows\System32\Wbem\WMIC.exe
wmic csproduct get Name,UUID /value
5⤵
PID:2728

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\parfait_crash_handler.exe
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\parfait_crash_handler.exe "--database=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\\" "--metrics-dir=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\\" --annotation=crop_type=6 --annotation=enable_crash_event=true --annotation=execute-if-childprocess-crash=true --annotation=is_debug=false --annotation=main_pid=3988 "--annotation=os_version=Windows NT 6.1.7601" --annotation=parfait_version=1.5.0.1 "--annotation=posthandler-copy-dir=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash/crash_post_reports" --annotation=posthandler-process-path=C:/Users/Admin/AppData/Local/CapCut/Apps/3.7.0.1358/VECrashHandler.exe --annotation=posthandler-wait-result=true --annotation=posthandler-wait-timeout=120 --initial-client-data=0xcd0,0xcd4,0xcd8,0xc38,0xce4,0x7fef1f41ca0,0x7fef1f41cb8,0x7fef1f41cd0
4⤵
- Executes dropped EXE
PID:3576

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VEDetector.exe
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VEDetector.exe
4⤵
- Executes dropped EXE
- Checks processor information in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
PID:1824

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c wmic csproduct get Name,UUID /value
5⤵
PID:1120

C:\Windows\System32\Wbem\WMIC.exe
wmic csproduct get Name,UUID /value
6⤵
PID:796

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe /launch=detector
5⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
- Executes dropped EXE
- Checks processor information in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
PID:3596

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe" --type=gpu-process --no-sandbox --log-severity=error --user-agent-product=CAPCUT_PC/3.7.0 --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CapCut\User Data\CEF\User Data" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:/Users/Admin/AppData/Local/CapCut/User Data/CEF\cef_log.log" --mojo-platform-channel-handle=1760 --field-trial-handle=1820,i,14836238032977597654,9306960040091710720,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
6⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:1360

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c wmic csproduct get Name,UUID /value
6⤵
PID:3748

C:\Windows\System32\Wbem\WMIC.exe
wmic csproduct get Name,UUID /value
7⤵
PID:2560

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\parfait_crash_handler.exe
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\parfait_crash_handler.exe "--database=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\\" "--metrics-dir=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\\" --annotation=crop_type=6 --annotation=enable_crash_event=true --annotation=execute-if-childprocess-crash=true --annotation=is_debug=false --annotation=main_pid=3596 "--annotation=os_version=Windows NT 6.1.7601" --annotation=parfait_version=1.5.0.1 "--annotation=posthandler-copy-dir=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash/crash_post_reports" --annotation=posthandler-process-path=C:/Users/Admin/AppData/Local/CapCut/Apps/3.7.0.1358/VECrashHandler.exe --annotation=posthandler-wait-result=true --annotation=posthandler-wait-timeout=120 --initial-client-data=0xd64,0xd68,0xd6c,0xd60,0xd74,0x7fef1f61ca0,0x7fef1f61cb8,0x7fef1f61cd0
6⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:1704

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VECrashHandler.exe
C:/Users/Admin/AppData/Local/CapCut/Apps/3.7.0.1358/VECrashHandler.exe "--dump_path=C:\Users\Admin\AppData\Local\CapCut\User Data\Crash/crash_post_reports\80799c2f-5ff9-4b13-b616-e8b677ec2024.dmp"
7⤵
- Executes dropped EXE
PID:1136

C:\Windows\system32\wbem\wmic.exe
C:\Windows\system32\wbem\wmic.exe diskdrive where index=0 get serialnumber
6⤵
PID:2284

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VEDetector.exe
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VEDetector.exe -detect_simulate_check
6⤵
- Executes dropped EXE
- Checks processor information in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
PID:3696

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c wmic csproduct get Name,UUID /value
7⤵
PID:2868

C:\Windows\System32\Wbem\WMIC.exe
wmic csproduct get Name,UUID /value
8⤵
PID:2364

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" driverinfo
7⤵
- Executes dropped EXE
PID:3060

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" cuda
7⤵
- Executes dropped EXE
PID:3500

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" cuvid
7⤵
- Executes dropped EXE
PID:3808

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" nv_enc
7⤵
- Executes dropped EXE
PID:2656

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" qsv
7⤵
- Executes dropped EXE
PID:2948

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" qsv_enc
7⤵
- Executes dropped EXE
PID:3912

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" qsv_enc_hw
7⤵
- Executes dropped EXE
PID:3376

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" amf_enc
7⤵
- Executes dropped EXE
PID:3972

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" getCreateLensSuc
7⤵
- Executes dropped EXE
PID:3372

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" new_nvenc
7⤵
- Executes dropped EXE
PID:3312

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" new_nvenc_av1
7⤵
- Executes dropped EXE
PID:2540

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" new_qsvenc
7⤵
- Executes dropped EXE
PID:2928

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" new_qsvenc_av1
7⤵
- Executes dropped EXE
PID:3588

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" oneVPL
7⤵
- Executes dropped EXE
PID:4092

C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe
"C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ttdaemon.exe" mt_enc
7⤵
- Executes dropped EXE
PID:1980

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c wmic csproduct get Name,UUID /value
7⤵
PID:2976

C:\Windows\System32\Wbem\WMIC.exe
wmic csproduct get Name,UUID /value
8⤵
PID:924

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2500

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:3016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6539758,0x7fef6539768,0x7fef6539778
2⤵
PID:2848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:2
2⤵
PID:2248

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:2036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1588 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:2548

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2328 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:1496

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2360 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:1388

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2852 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:2
2⤵
PID:2380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1300 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3568 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:1820

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3252 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:2460

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1984 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:592

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2404 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2488 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2648

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2816 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2380 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2224

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1604 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2156

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2512 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2908

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3800 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:1172

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2768 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:988

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1856 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1300 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2744

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=812 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3052 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:3308

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:3396

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2452 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:3268

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2512 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2908

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3780 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2376

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3968 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:1352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=1304 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:1672

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=1864 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:772

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=2328 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:548

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2800 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:1
2⤵
PID:2492

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1972 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:2528

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2576 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3892 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:4028

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3916 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:1548

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3840 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:3360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3208 --field-trial-handle=1020,i,15845200795161926109,15910152374264356290,131072 /prefetch:8
2⤵
PID:2764

C:\Users\Admin\Downloads\MediaCreationTool_22H2.exe
"C:\Users\Admin\Downloads\MediaCreationTool_22H2.exe"
2⤵
- Drops file in Windows directory
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:2568

C:\$Windows.~WS\Sources\SetupHost.Exe
"C:\$Windows.~WS\Sources\SetupHost.Exe" /Download /Web
3⤵
- Checks computer location settings
- Checks system information in the registry
- Drops file in Windows directory
- Executes dropped EXE
- Checks processor information in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:1580

C:\$Windows.~WS\Sources\DiagTrackRunner.exe
C:\$Windows.~WS\Sources\DiagTrackRunner.exe /UploadEtlFilesOnly
4⤵
- Executes dropped EXE
- Checks processor information in registry
PID:2284

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2492

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x500
1⤵
PID:3776

C:\Windows\system32\conhost.exe
\??\C:\Windows\system32\conhost.exe "13823730321446763598784267076339205768-69364480613637049062063871598-179548469"
1⤵
PID:2908

C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
1⤵
PID:3244

C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
1⤵
PID:2596

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:3716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6539758,0x7fef6539768,0x7fef6539778
2⤵
PID:3444

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:2
2⤵
PID:2368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1596 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:2232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1648 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:2212

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2212 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:3880

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2220 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1440 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:2
2⤵
PID:696

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2940 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:2940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:3620

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3612 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2592 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:4008

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2748 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:3464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2092 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:3624

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3956 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:1980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3852 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:4048

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3852 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:1
2⤵
PID:3192

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
2⤵
PID:2248

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fe27688,0x13fe27698,0x13fe276a8
3⤵
PID:2392

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1356,i,17587085887378690619,6989272850944471478,131072 /prefetch:8
2⤵
PID:3544

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1364

C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
1⤵
PID:1640

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Videos\sdsq.txt
1⤵
- Modifies registry class
- Opens file in notepad (likely ransom note)
- Suspicious use of SetWindowsHookEx
PID:3624

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Videos\sdsq.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:1272

C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Videos\sdsq.bat" "
1⤵
PID:2936

C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Videos\sdsq.bat" "
1⤵
PID:3940

C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Videos\sdsq.bat" "
1⤵
PID:3140

C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Videos\sdsq.bat" "
1⤵
PID:3860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
PID:1636

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6539758,0x7fef6539768,0x7fef6539778
2⤵
PID:1000

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:2
2⤵
PID:2216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:8
2⤵
PID:3920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:8
2⤵
PID:2228

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:1
2⤵
PID:3368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:1
2⤵
PID:1752

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1404 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:2
2⤵
PID:3164

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2504 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:1
2⤵
PID:1100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3476 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:8
2⤵
PID:3956

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3492 --field-trial-handle=1196,i,2901005150591214793,9199413177138001733,131072 /prefetch:8
2⤵
PID:2084

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4032

C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
1⤵
PID:1164

C:\Program Files (x86)\Windows Media Player\setup_wm.exe
"C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
2⤵
PID:2112

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2340

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1056

C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Videos\sdsq.bat" "
1⤵
PID:2180

C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\Videos\sdsq.bat"
1⤵
PID:3068

C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\Videos\sdsq.bat"
1⤵
PID:2200

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Windows.~WS\Sources\SetupPlatform.ini
Filesize
95B

MD5
2749de5eae084d50536c21ac8b6e0ed6

SHA1
a7b074fdebe4776a5b149f907276127ea63dbb75

SHA256
8a02a53bc4632174a787ffe8d54ba7f181b8f224d8f4ded92ed7a1d67748dad5

SHA512
4ecf15ac3f4e270fbb7fd1d62de8db5b958eb080997a92fe36f8fd05b6931ad98e76242e862643843ca865e1faa253588b5e3d5a1ff4a4618670878a2850380a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize
252B

MD5
60b528b7e082ae5470ef687c73f5d697

SHA1
c137d660cbd4c9f59e4d32052eb8ab19a1e20d88

SHA256
1e108f6e4539f1bf6f368dcd947bd662ce66b6f0f8092708ddba5d8ab6dbd9e5

SHA512
a16d6af3071e0a9f9606926d019f5ca11abafd18096d9917ca9919df45059808eb3aba4ea85c8c4c2091b9971c05fec3e374a1b78254c0a20301f83e0b1aa609

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
cce1090472cd8a1f8010f79b6b1242f8

SHA1
feae2acfc5faa97be0201985b2da26ed0151d505

SHA256
0bd151de20514bdfdda0a7e8781f6e7fe1967030efb5b88175594ed6f3de953e

SHA512
cb322ecd2e6fae5f89107d9ea6f25c0633e66d87c1bb4629d2a26ee706d8c6c493a88e801397fd3ea227205362907b7693f4db33be40fbadc9362d3ba677c7db

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
8d03769053f66098a2a4d345933d5076

SHA1
b22695a93a72a3b6327a63abfa23d39b5d679303

SHA256
f10fd90840bdac3baadb5a1bc5ae2131cc43b752b164d69eecb0506300d598e5

SHA512
3f5328a5e2ba1b8e55b93cc4b09744e801e6c1c17ad94d88adac406d9acfa145e9afa92237ace876f95cb2f53aae02033b9e0c95bf0efd086af2cd2f472b0410

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ace4ea520bcc7f4a47a4b78f64f15fb2

SHA1
36addf31de94becfd904b8272d30db5a8f7c6320

SHA256
78319b054dc03ca8bcf2fc88818d84b818494be59749be90571c30b5512b0d75

SHA512
e0326ea283a7dda04aab9ccd90104658b82bb17f3fac65bbd8e8c65b389823d5a94860ffc1522dc08d2215333e2188409b5e770c7aa065a60d330754e3fc3bf3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
32e2c1e30fc28519091dfabf965bd3d9

SHA1
0c282e58a12451c04461fc9f1f2c93dc6185127f

SHA256
ad2d23a5abd019901ff63674343f56b0ea76649d251539aa5cf873d3d6c71d0e

SHA512
e5e0704b6b64b979fb14c76b87bff6bbc569eb726c60587cd36656ff06cc0f8c252036f21d13c72874e0ad84e29e32b8942b45d9286b85a8a6641c491ca87cda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
9e1d6a3c9c5bacc4887268331290dbee

SHA1
ea2a94e9eeb2c28321844ecc2ac57a52fc6d610e

SHA256
2a80bcfc2a1b8662d86c423cb9776fde3e724adf398af362e365168b6d4436cf

SHA512
0663550bb2c2323f4760b39f9997ca91a363703b5efa7ebd1646d9bd0ee2a4a1c96d92ae78a0e02704fe25b716cb8017d76f2cb18a85ebaa60491d442081690d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
a1ea441a0bda827e72c3b54aca3b66b7

SHA1
c74f848d1c9eeb0bb847577f171b9095ca5e7250

SHA256
c08b13453d1f3833f7580a2856c8b62d14245a2e036367c1832f702172a86667

SHA512
7c8f5d46d41903ce477ec23f5cf50e87b210ccaf5598283a18e5cee60f401b7a492b4217f8df9110e783a1d1c59d92f8d61b9c5b50cb82a5bebc640f3d7a3550

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
b355a20eebabaf6239cc4b4d6a2898b5

SHA1
bfa0beae087adfd8e51adfb0b418cc9883813b23

SHA256
a2a1cb3359fda8d65a016b7ec6d4c71b86cdcbd33988f6670fe9b8b0281cba30

SHA512
89d673f9d6cf1be1b78d5e25816d1e2bb0274cadf2df794dfbcb5bb367113bef73a73ae915da3b9c0ebda85aa533554966c6013f53b24ae5bacc56523d9eb42c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
acd414dfdf3c69af9cf762634c0c4a0b

SHA1
a3961ab9000ed2a9f9b8b6b1905e42e0e59a2713

SHA256
743e4ebe71e02376532cc6df14a8b37cd709dbad27c55546db3de84023576279

SHA512
90d00c877d079a668ac5dffe0b58ee71987897a37071c09c7698b016cc205e79086c00644b95fccd5170dae2bc779703620ff5d0716aec91822f3bb8472bc247

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c654316714c2a416d1d0faef216487a5

SHA1
10b22f426d1e5b0c974bdaa492579a8d436ae076

SHA256
925e9f98471a851ed19f36bbc994baa28085966b8c30afed87c5572ec596e9f5

SHA512
e61298daebe55d0ddb942bf83ffe82a8cf81b7e81d7064e915412f028425e999a35b5e21300ee6d715447037f5c384b9338137b80d1417f947f3cad83ab5efc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
ae5545120eaf8c93a5db6b448d8da023

SHA1
1892f7cd149c3afd9f6432a9ad0a3fbcd1617937

SHA256
70888b531d3388ff8e11cd66b131093608984def6bd98601ed4f1e587bce30dc

SHA512
5720b350f3d39fcac5a450f7a2561988e04c5529b658b0e0f9407ccb623692cac867b1c8f164a53d40e006ccd3b90058080aef8c2d62b7649d533b71c3cbb65d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\QtQuick\Window\quickwindow.qmltypes
Filesize
215B

MD5
2006d4b7d0da455aa4c7414653c0018a

SHA1
6685b8360b97799aa4d6b18789bf84a343e9e891

SHA256
a96c7bf5832767bdc9d91e2290a3920aec3abfbf2e3814bce38b49483f16f84a

SHA512
703804e6fab0cf44317b7292c547a1348e2e7395e4b71367c32c3b097bcfb3344d3296179bf4ba33a4c752ae58a3873af57d8cdef35a34564205356bb4e6fd84

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\highlight\amazingfeature\scene.config
Filesize
284B

MD5
77e51012d23d27cd7dfb762fb2f22366

SHA1
faa1a6848a92f2eba5c6094659efee0eaf289e49

SHA256
5b405fa29439f5853937c9714c794f10a01ed033f81866ba52f7f8ea5312b41e

SHA512
efa87d35d3b2360809f5de98b7d681c3cdbee6144c1065e7144d098b56126f794b83a7aa692325d532271e7016556d1c9ac2f9eaf2fb480314bbedb951bda2d3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\saturation\amazingfeature\Transform.lua
Filesize
743B

MD5
55f8219de11fd1bab55e136d97f34add

SHA1
d728bdc21b7c73165f7c767300c004afd02958e3

SHA256
f5ae7d270c41dc064723acb52c96339337d142f327ed98591ebb52c9518a2a78

SHA512
5ec44128343bc3cf4b0dffb318ec46e906e247ed4cb9a6839bb514f753b14fcda61070271b81538a9a67605641719119bdc2ad0d33eca614ee732eccdeccbf6c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\saturation\amazingfeature\main.scene
Filesize
1KB

MD5
3717cb9f906065bafdf220f9db92858d

SHA1
b16293702cb36fec8f20befa221ae22e00196911

SHA256
b97663892b4a96ac2b5888965086c8e6e037e962a76f38529f8471d8b4e7dbad

SHA512
e576fdd14c25fe5a32c688e39885fb177b79f4fd7e25d466fee33a0f5879e4727d033080d340c26850248f8549d34d39db190070f44ff017be2d2f5ed8278044

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\saturation\amazingfeature\sticker.config
Filesize
243B

MD5
a6370133cd32ad029749c4c30bdb80c6

SHA1
4ae8d816fb891657589f35f1bddd617e721ac379

SHA256
6f8d212c18569ba0e1c3b1bc89c8c4b2a16377d94cc26d1d78df1bb920efe379

SHA512
b410873382913c3a16a64390b1bd12978c639568c4cac1efbbcecbdd0852926991a9fd00aac60bdc94a489531c656f59b64559976a88c67bf35ddaffa0a9861d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\saturation\amazingfeature\xshader\gles2_filter.vert
Filesize
215B

MD5
a1e49a5f219476c5377ad0cd33c5c326

SHA1
13029ff75a9d8796bb52a40f8126fed9d6e57dce

SHA256
ff67b00d9d13e6ab219c94e61e36ad43f1e025d4e3f540f14a6ff26b1b7e8dbf

SHA512
7d48ddb5b56b80204be4103d4ac3014cd2f9ed7212f8055a3d3792fd8b06715f8a489401d936c829e1ae53780af4abe0b4e838ee85d052c5019b6e6e29789a1e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles2\AmazingFeature\xshader\guideFilter.vert
Filesize
245B

MD5
8b24bd873c1a8b3ad502e3f4a2ec2e96

SHA1
c8b663f74c81aa71edb346b15dea3563ea370026

SHA256
fb3e9e7a966147cc5cb48b1a087931bfbdea744a0d0e0def0f07070ba48a73cc

SHA512
58b485ac1a1e72951ddfea8cfe794ee2db5e55c128f9b398989ac15d9610adfea879c3bb3ea1eb3ac0b29ed1b4892cec70d68761a1711d30124ca7a391f29b44

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\sharpen_v1\AmazingFeature\prefabs\sharp\fshader.vert
Filesize
171B

MD5
c90a03b7ece36748ed019572f6a5a1ec

SHA1
4d10c9cad45707369777d69d94aa05546990ff34

SHA256
eaf495d1de3a920ca4f87e5bfe868a822d1ac05ae9f8d10651d60a382ecdd1b7

SHA512
8d68782086ee3839855c725e206c5f845179a06026df5acf10b77f9ea06bb9b11cb2768c6ccc3c06c030de5122a9f9bb9025952b24ecc9c03c03c52b110d360e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v3\AmazingFeature\sticker.config
Filesize
276B

MD5
02b91a98d687f65158c5d30123166da6

SHA1
a9e91db1e43f923942cb58cd242af527a5d9b158

SHA256
c3de42b569951c70e76d4adb756b424c0ddaeaea6c1a0b61bf1935b7b7b1ee66

SHA512
fe9f10abf7275af089e4cfa8e7a9c83b8b0a2f2763d481f25cb746f5122dedb4250f4a3fe3c0aa4b361e6194233cf31c2e8045baff108489daf4c2e3def04d10

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\tone_v1\amazingfeature\sticker.config
Filesize
258B

MD5
6238b4cd638d16c1136c78c3d84b61ea

SHA1
03683ded62e4e602b25bdb6ee445dfe760e22b6c

SHA256
9c9ba3ebe0c06582ce05df7831d4754061d2ed7c7e3ad6acaaaa563f7bbf7d2f

SHA512
6339227384501243997f6f93d8da38ea673c86e6b39de2e2f8c8f46e1e388fc3d4ab4d916246bebb4238524af6d8323a86cb139467849148291551cd63514d1c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\tone_v1\amazingfeature\xshader\gles2_filter.vert
Filesize
204B

MD5
95b57e27cb10a24e4acf91f3f00f0cc8

SHA1
62c259c7c1050e9de45ee3105983814dcd11f95d

SHA256
add8f8c4c8e970dcdbe6ca1ab7180f7124cafc4e5dd909d8b0d7cf1734b3409e

SHA512
a7ed5a37e5216b44f1a4451ffc2dafef2463ccbd8153a9d393d2b09da3dcd812e3cdec4975782c9484388698057c1994ef48b9371d26b83f56288a87acbe4b1c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\vignetting\amazingfeature\Transform.lua
Filesize
716B

MD5
99b4753a045f720a4c6a1bcb875bd72c

SHA1
4afc8b19876ead7a7ad903f13521c2b443de1496

SHA256
4e4b7c19259ebab2fbe29d179122a20584b783f12632bfc2d214d82e522c303b

SHA512
15a857fa869f37dd777f261821947bbc27214d5993a6a7431fdecd88468cdd81c59a876534c0459c46f33cd7a6b03aa827160014ae729f16fbde19dfce3afb73

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\vignetting_v1\AmazingFeature\LuaRTTI.MarkGen.lua
Filesize
222B

MD5
5dac156aac6bffd08cb0f8c1637f5e5c

SHA1
40e6585e5de8648725243517781e4d3330caffcb

SHA256
cf4f8b5ff1a50eff88236aba7f9bb48e696d337b779d98e911d00f6876800503

SHA512
0999fd224c54882d28aa8067e20ee7877b509591901f801d400b613a4fd95af5948d6c512b01d1f7b3aad2203a80f8a3adfec1dd03b6dd3329de87e8583145a3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\DefaultAdjustBundle\vignetting_v1\AmazingFeature\js-meta.json
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\LogWheel\log_wheel_v1\Wheel\scene.config
Filesize
363B

MD5
8d61b3b6f3944a129228b01ab04a3a86

SHA1
dd2a509da1175dd99095748b029c3b868d6f67c7

SHA256
468a132a03b8569130faf2c5d8e0f05f3f7602a336b0510534026c11a73ab460

SHA512
abd1ac6afff2b3ea5e8e454d4aa86dab711d8686ebaacfe66b141ec25755abc512b6252f8c786eff44ffc49f8483942a6c66c703bb2602f6f9b1a576b66f121f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\anim.prefab
Filesize
477B

MD5
9eaa91c4a6c3d873483059d0a1a76ab5

SHA1
b100bd90dc01b7409963a0b4e9ea3c19ce475140

SHA256
e9d87f8022efa9374e74d61c310d8bc11a98925b8d2e771ab75e1b865164c02e

SHA512
a656a600c2aede10ed708f7fcfcde22b59b06aef2034b5715dc6c60c12fee3e1fea2a964c21e91fe1c0956c160472b62e4ef67bcf992b750b8ba3e651721ed83

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\blend.material
Filesize
552B

MD5
7cdae2b4822bcd006e9d2ffce3e84453

SHA1
720111dacf341b7ce908bd282058169a62239154

SHA256
e8986f58f72446435468272d8d4e7c95a4fce58b3ad4838ed634b999196d3736

SHA512
0ae64df166e18d7770a28c317565d5238b578202cb6c7bd2c9db55e185a61f79ae03f0530955f748dc387889c73f01479e23f7d21cb3dcbe44f2107905131a91

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\config.json
Filesize
64B

MD5
c1b0a3e521b261389e09efaf5f6fa2d9

SHA1
976b181838ba45780eb4b2f9b629a1f7d1cf763d

SHA256
07232ba6befad39df9079b18e7c66235a11b2b375626c80cabd0b46f9b7d948f

SHA512
57d70636ebcbb3c0521da860d4cbbe9516a91e1b7b529e7e12781aa534c8c3a7c2d8f31c8c5fabb0acfbd6c81eedc292b3cbb8d0f01d306f12c249417a205a94

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\content.json
Filesize
65B

MD5
77af16e6914627f13e1ffb90509cace4

SHA1
329bafa669c548a0b9cc2ed266de24b0ec8608df

SHA256
424c068d0f0e848d3b8f25ec1a55f1086df3c87ad95eca13fe6b265c46400fc0

SHA512
4e96216696d5f8e43fbb5ba951dfeb5e32ad1d48fe0737c3725c5c4d4f2531bba18afa1b82d694f2a0029a1a0f37dd24236eaac8ba0d296b6e0fddd70ec60790

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\xshader\blend.vert
Filesize
283B

MD5
e3f125658d61f243d3b7b2ac1ed189c8

SHA1
cff0ff4f418c4bb98d0349f0872ca55e8b3ef384

SHA256
2719896bc6ff9ed2ff5532a937ac685668479e4bcd19ef11ed708cdbf52c2fd5

SHA512
f224b7828c9bd272114a9a75d73858bd36ecfefd042c2d8adcd07216a781f7eb57d5ea019e0107c974cad483b8930814cc8e9c23966491a468ab207612e4bfe3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\MixMode\840ca85a1a33e6fc3ea78bbdb2db8f60\xshader\blend.xshader
Filesize
726B

MD5
5e0a7ae043616ffe49e0ca2dce2d6827

SHA1
c95e3ef200a811775c4b0c7517a1603f41a9605f

SHA256
a1a1915919f200668689f83694e4fb7b6bba2e3ff6cc2bacc7b84d36b7c48fc0

SHA512
547ed7454ac05a68de5458ab998daf2fe167bbe18c3aea00499b9209aa3adea489688359a3ac688e39250b4abe99cee79657a98eaa1ef4eed7d201619020584e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\PrimaryWheel\primary_wheel_v0\algorithmConfig.json
Filesize
382B

MD5
2742644266425cbe36e1517602961e99

SHA1
9ac55196393e328a65f4cf6e5872822060f9ce5e

SHA256
28251cedc501cb7285fe4c06af3714af3ec068834cc15c1ddcd913f91572ace0

SHA512
e308c625a22b625631f81cfa4c9fc20e92efd082c5a6a0dc0aaf58b3b4924c21e40fe1da2faa0506e06f8c3e1bd4411b972dae5470b5424f77554ea48003f56c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\PrimaryWheel\primary_wheel_v1\Wheel\sticker.config
Filesize
276B

MD5
ceeafc08b27c8bf1264a372e6572b243

SHA1
a2b1c88dab2b2fa57adc0ce4863edf269654dc70

SHA256
8695d8d1cd532f86c340a46ff20f6c96f25f842d6c6f2d3c67b29e3c8d706fb0

SHA512
e14ded5b310ffcf969f94f3248e7f95f1a078616a05b90f47918581bbc983951c54e8d6d61538817a2d9e5ed868bf53e9623c0a19586ea8cebfbfdb6f81d29c9

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\2024421150639378_1\JYPacket\3.7.0.1358\Resources\image_h5_sticker_publish\static\css\sticker-publish-collection.bbaa332b.css
Filesize
15KB

MD5
78a39c78f36f0305b75b659171e894f6

SHA1
99cbb2d17670acc33e0b7030369b46ff16ddf62e

SHA256
bc4db337419452015714560742969469ce9b78150d2d481c45eaa71b47c7a8f1

SHA512
39b8748a47680f157394ac16fdae233a8b0d154d9c4f722988f484dceb22832d751e62b739eacc99e2a4a15fb31252b85dbc5d3df58717957b587e1851fdffd5

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\QtQuick\Controls\Material\ScrollView.qml
Filesize
2KB

MD5
e105a3d3ddd7584dfc8576fe567d6596

SHA1
ccab6913ec5247b62962a1f6b4c40d3026684902

SHA256
228069c59b7d348321d4ad8e1260d20ef8cfaae5be0c08676de49d8562fe6fda

SHA512
56f01b1a59b885bfaee6588debf370beb613c6b96285a41e9a8f09412c44a2642e34905be6150cb20b301fc7d1d18ecfa75490665029974e089803c4b718a8d2

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\CloudMaterial\default_photo_ico.jpg
Filesize
29KB

MD5
86aed0160a96998665bc68ec6c30a8b3

SHA1
d28f6a081b0bdf98f103b7e983652b5f876e6792

SHA256
c18e010061abbf3ec5ec5b93393565704275cb158942a9dec2391c4d7dd1830b

SHA512
c4375a91e7043dd7b016f4058bf6ef59b8003507a80363b51ee683ff319bbb388a563c645520f47067f2a291f9b27efbe1371bba8d39e460523bf5ce13036a20

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\brightness\amazingfeature\rt\outputTex.rt
Filesize
324B

MD5
215e7fdc33227f22b2f698e55ea254f5

SHA1
5c46be6a64114cd4a18dbad0f7389048389b2e25

SHA256
f28df7e33339f8d20f304cc3589fa95bc527cc81e092d6ecbe43aef068985cab

SHA512
54249725a863357567a4cf1ed5252bd90421bddd6e7a5cf527e4e2594741eb89930c2d67184720ad2161d49fe1128317bcbc0ecdec635a0f365f39008b517aee

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\brightness\config.json
Filesize
262B

MD5
25a7fd7f28b6d28797d40debbd128499

SHA1
37bad9cf2feefec26062854f3f05b4657c488e40

SHA256
baf22b41272ffea6d0bbebfc834d27693a0fc1c122237109879534435fa86918

SHA512
90b347c667276940f033e8ff47500fbe0df57e56d3dd2a3c8795abb83d87f769dceeae16017573ece6ffe12d836c04f3612b6c4fcbe94e4fcde884602426df83

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\brightness_v1\amazingfeature\main.scene
Filesize
2KB

MD5
78ca2e977af699593b8ac1a1ce249cec

SHA1
de830e8b7576f9b133e1ab294c324af0c6c0db1a

SHA256
fd8e508ca5ec3c8d3e2d48c9c3150934fab181c6570da7153c7ceefe62cea802

SHA512
7c8515a84be000d0d5aeb5b839e58d24334b4f47646390281c918105bdfcb0956200e9b47b8b3a06b7f22f64bb3aa898b304800e2d37f5088c65465fc4d56e81

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\brightness_v1\amazingfeature\rt\outputTex.rt
Filesize
762B

MD5
7e26f5c5d5b40a4804efc6eee0b9a367

SHA1
446df28993b2cb8648991a4630cf0f0a44a04d1e

SHA256
e70ec860fae4f68cc7cb1627717e725af493abecb59b4f3ed1236569adc28df4

SHA512
c7d4a3a9a5b191b2a187c0fbb184624c1555518b495ab0b7d9d3f6aef28f3fc7ea125100fa6dbee2dfd4fea4965e818c3483c62f4e8638bd740d377136f3ad61

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\brightness_v1\amazingfeature\xshader\filter.xshader
Filesize
1KB

MD5
7cc663c677f46412741c9e8c88297012

SHA1
6fe1817875c1cdf5cc7981209686f04701c3fed5

SHA256
45390a5b6d9c3a4d71993c867d689023dcdfecc8a604cee36a457aac2c29ef57

SHA512
d7b2ab9b2d8a8b994c0f626f6640137c8d6836dddeac6d9a1d4b758b79d47e3a3d6aa79b3b8d1d9613368790c704c49275f0b5aabf89a81b23de792c2069f875

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\clear\AmazingFeature\ImageBusinessSlider.json
Filesize
35B

MD5
09a23ef82f7ebc670c949c5020d4f56b

SHA1
97711f4ed2871221aa0e62ddad8587a19ca41781

SHA256
b408c5a3949a0a77bacbc934e82ced44e25db3491c54a891be064158592810cf

SHA512
8578603582698fbf5070d1f6414e4c457dbb9f25a5278e7be28649d55f59bc8ead2c1e9c69d61262cfd6ced94d62daa7e9c7b9e88a95164234f8fe85de071851

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast\amazingfeature\rt\outputTex.rt
Filesize
324B

MD5
43a6b5809ddb7e39ba84faff960fc1e0

SHA1
5a00a60a25f5616ab1703b5949ebc282def80552

SHA256
f7f3d8032bc39cf117e9854daea791c8ca453e7e3aca59e39228b847174e5ab8

SHA512
8c49fa2e92e6df7d13ea8cd7de6665ba809532999fc084b0be14a3feb7e148aeac99e2ca7f06b913826d1f4feeaa2edd7f911697e7c8e6b53260e6dbaf94b10c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v1\AmazingFeature\LuaRTTI.MarkGen.lua
Filesize
190B

MD5
e57c9e9a07fef7806d0145454fbf6736

SHA1
7d9898ca191bd1771acef6741d089c803e0e8fcf

SHA256
2aa4ba3afc94d9d96a4c0f850dd5073c0b58560e9609cf758e3ae92f89d77220

SHA512
d476422ae6467c446b4ca026c594bd9cc6e428900c3f0e3bb44156e2a10a943f637a0fa8e86683e56b25eefa3ba417f59dac9087fc0a5272473a3ed8f3bf1621

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v1\AmazingFeature\algorithmConfig.json
Filesize
317B

MD5
d505020a09f0c5e2d9acccbc637c4a09

SHA1
d2e12d25ffc42f6e5af8f75e53525f7c94e2c16e

SHA256
835c6031fb0e72d2f2b6ee80c45b95010a7e7cac7fa221d9b820d6708a8869a8

SHA512
6678e7c8cfe8ce02c8e5d79afa0d2376252e0a12254bd9c733d70ab9553d93a61a9899037f2fdc464c650d592ab04b33f34568ef7430e8c8ae9bba787b23506b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v1\AmazingFeature\lua\Utils.lua
Filesize
9KB

MD5
b27efebcc2d400a46b2ddb3c9aa22616

SHA1
1487918752fa6210d9316bbf0379a5ea1ea0b4a3

SHA256
df672b08916560cf1a04a0cecd1c3e8160557409a0c1c5da2483ffe16fc77d4c

SHA512
b066f61a39fa7b33768ef470f6b9790c6801f9bb2a5c85d6a2402a4350f904275d7d563261e6af17d1b909e544895f24096c524f19494b18ec3849b3cec77fdc

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v1\AmazingFeature\prefabs\FliterEntity-2FFE6ABD\fshader.frag
Filesize
7KB

MD5
18611a5a92096918e81b25153f466398

SHA1
f80c5d26df0902942e6a1819b2bb42561e803632

SHA256
c9a66d612106da8aed4e7eca785067c9411113d09f58a5e9cd2d535adbc1945c

SHA512
2f76ee4c5115599be3a60ff4d6cdb5f55782bd21c3ccac635b8586f39fa71171bb8fd7dda719cb926f5e0820b45c28e561fc2ecc1277bf94bebece0b64b16ee4

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v1\AmazingFeature\sticker.config
Filesize
305B

MD5
865e605702feb5991ba23d909d087b4e

SHA1
2970db21416e0bfa34df4d2b61d60aa0c2411eef

SHA256
4f218871d126b92e0a895646e01b0658c0b70934f85885b121d1b2c9267d0cfb

SHA512
380ffbe6410b9ae43e8a626716470b587040cd7dd3a1d7418cef8d9f15c2b13288d010df9491afb827606f540d81142b7e35c0cbb324cf72cfa7aa5bca076f3f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\lua-meta.json
Filesize
1KB

MD5
fd85ebc8c155a056ab2bf26384f3916b

SHA1
074bc0805a5c1bbfb65471ed8a349131329f2376

SHA256
85c6be8c7a92ba01c3bdfecd4b5ef1f7b4b536d8112ea8a1ff9b3e890d7c5738

SHA512
b1b570c12c6b833677abfd2949b5e3d29ce285ae27d2fabfa8dfac77dec3c4d4edcb78d2e0dbe38439bd34e0c7f7ec1fdd1543e23e72ec2263b2be3090f1c7a8

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\lua\graphBuild.lua
Filesize
5KB

MD5
043d50241292c8a995047ec9ddf23c4f

SHA1
c015155fa03afaefadc4b94dc180458306ee168d

SHA256
e99cfcfe93e9ea0fd243129a4da604c186b7fac0c5aec7788dc9bae6ee26fcc8

SHA512
68d0b90fc3c099f2f28850cc7ab079e2bf65245159e30f94876df75a2f5256627d4b7988016b4a668cfa2ec654e3936ab387a40afcd650566473201e80736b4b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\lua\renderChain.json
Filesize
259B

MD5
b339d6aa0c0fec817a87862af3246de0

SHA1
851bf609b6cee3aa01ee18df8b32f927bc6989a4

SHA256
244f156847921a6c4b34ccbffd09bc5effcc1cf69cf68ffb7e83cd9dadca00fa

SHA512
8daf0dcccf56acd84687bb006295278e9c092876d504af386ce7f98e5993d29366f1c2eec0ff12c4e54982585339d15a8891951df33ed403b75c791d7ce7161b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\main.scene
Filesize
2KB

MD5
cded5abbec2e2ac1b67c2f09d008f49f

SHA1
609c52e2568277dbc4f69e4c727fae9e38f5c586

SHA256
1b4606f333dce90d2cbd1bef8859b03a86048dfbacc98bc5b9fd0132c5995eca

SHA512
9d983645bf28c606028be209d054761be9229d76438e9693c4265ac3d7aba0bac3a383a2d59f10eeddb5dc217dbd56d15acf4aa24bffb0afa00f308eb0d4e1f4

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\mesh\Quad.mesh
Filesize
1KB

MD5
14eefa05fe078ddd89b8a73e4b156e4e

SHA1
eb217bdc65c573f98368844e9597af2db335243b

SHA256
e8bb66f1490fe4a0bcad6ebaa19d031de238ecd0a1a36e26a4ebd1f11801ec81

SHA512
4e97b6a3a31c65c1e8c7a5b1823da7c54aaf2e15d87e6ef93fa4f77b8d6b845b582c842bd931b2dd53596f0e109309ba5aed1a00ed1944d8c099ee86c8250652

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\prefabs\FliterEntity-2FFE6ABD.prefab
Filesize
857B

MD5
a10b4a36c76dfe73ed5aa4558ece5eb8

SHA1
722c073f76ec8f5154f22afb1d9aeddfdce0eb02

SHA256
bacbd7119e309a4d675d8a8b33cd1090948c936c3ebf3ce311fe3d0626450dba

SHA512
c58e4e54efcc605ae7b49ad7f3f57ac2443f5e36d9406dcd07173367ab8622a2ca02fcd9df7304ce597cada549f39d644769202cc5fdb6a6442e4095599607df

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\prefabs\FliterEntity-2FFE6ABD\material.material
Filesize
887B

MD5
ad0945e4ca61b32b142e067d43d637bf

SHA1
770479a458e406905dfa29a8f8bb8871d6c862ef

SHA256
885be6a1b70625f2d642539e8a1e9c5ec7ab685aa194b725a86f8df351f46bcd

SHA512
7ea487be13e660f7c84f356149a1c37cc835c49482f27c311652b2d3e48a7885fc6c296be84321782574c77d0452e55bd4212119f8a9bd7a9e0b9b257d1e003e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\prefabs\FliterEntity-2FFE6ABD\xshader.xshader
Filesize
1KB

MD5
47fb0da14b33b07ea6cbb5e88270b1dc

SHA1
c79c71472d86fa6b19311f3c260cce179e8fa5c6

SHA256
6000493c6055709125d37005c8fa6b693f6c35ec76c967661ec073f1b34f7401

SHA512
453552e71eb2843a8ec59a6abc2e0858d2c89f10cf28d6efbf86990dc5c482b8a2218e1535bc41e75c520e0c6cef7f692f02f7d8351e8e3d9cf6e3099a03dab3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\AmazingFeature\rt\outputTex.rt
Filesize
567B

MD5
8325f8e99ca4a3bf7be4f4a1b6c28ca9

SHA1
c80905c1f1e4f13838bd3fad1a20adf2089e926d

SHA256
ca77feb4432805141de582bee6b6cae76865a68c278906f9da0512f6f73d6550

SHA512
e8ae45bbf5fa4491d08fd443669935ce512c362c21f41fbb07c9b8f89fd0732aa486f7de6a363e1271f63adb2f000b627a244f439f24dff88b0d762ea22d2e07

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\contrast_v2\config.json
Filesize
293B

MD5
a628b686368b77cb72ae0488c03239f3

SHA1
1228ad7729bede6efa4a7ac5b532109e227c271a

SHA256
3dbd07565db5d5418da1e76a951a20c355fdd4f44dcb9ac9ffa84da897ef46ed

SHA512
f2bd096096e6c02f8e321c24a776b804a1dbc43c7678d830dfcdab4e53faa30cf1854b412430798cf82fd11397067fac89014dff76e5ec7e5a37fa35958160db

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\fade\amazingfeature\xshader\filter.xshader
Filesize
740B

MD5
82f526053b6fb533f29f8908a2ecac14

SHA1
59ac4f8085307d6cf5f1910dbdb6394e05304ed5

SHA256
c99d0ede6d9c4b8c56a80fa41a34321aa4e6e76047d64b58b45b96086b972eec

SHA512
e481f904bd2ca7bf779ff9f9f2edb9653e36d79cb5b25721537ecf6c795abd126338d7388e00e2d5c26444684602f9c907e0be9bd807cc0b978dc1637b69c60f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\highlight\config.json
Filesize
261B

MD5
3bf81074df63f53d5bc71ad9a72d2647

SHA1
59ccf75898b8c48aa02835b21c199b2949163471

SHA256
8200428a8b69067ec73ad0faa72496f1f5fe7df1ebafd1aabd4e00121850f177

SHA512
c0bb1e1ccb8d5b70ac53158d25654a86244805340fb83756ecf860e00e853589e4f7757ec5b0e1aaf8246989bcc2bcc78c3ec706059419e4d5d722b4281a119b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\content.json
Filesize
130B

MD5
06e43a9878f1678e784b6e61b457a91a

SHA1
81aee8f1d92c5a4a0a14a69224b72ffab1aa96e6

SHA256
b077ccd356a478e2e0878be27babf81006e8d33cd44d2a6626ad2fbce7f4aab5

SHA512
1c5621ca5d211ff939b57f3033ea7cfb21272d63c3121cf0fb56231af2039023ccce563fb4b366b720a3611fdbf1d2dad20e1931761cc394c645820e87be1d97

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\image\temperature_max.png
Filesize
4KB

MD5
e68d6346862c0556c543b69aeb9e85af

SHA1
cbcb9608f23065628ebd403763e455bdc2a36398

SHA256
16fa716c3483f2387763dbdef519f7627bee1151969a5548be91fde5d30b583b

SHA512
dadfa0ea48c4a1adc402f207472c54d848263d6ddcf2a64f4965760efa1b7377b261e8264c4c4c4a7a7eba4f940b62de31cd961cdddc3ffe409e2250db9ad124

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\image\temperature_max.png.meta
Filesize
352B

MD5
bb52ec83847fe9575b677b4962138c3b

SHA1
cec0342b11cea30ea38682f5658790154859f963

SHA256
99fb9eb6d93f1775e62e5ffcab477b45afb7d85584461d29aa070c651159abb5

SHA512
99a55fdc679b95300002396a855badbc8251039da05085cf2400876b9f00b7bb03e93cba277996bfbdc6e2a7a03ed7b7943e3bb3f029afde83e1a8ed82887d81

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\image\temperature_min.png
Filesize
4KB

MD5
022745eeb8f0fb385c55dd1410e459cc

SHA1
458498a67efcc7b2aee8bdad8dc0cd3b65c2ffcc

SHA256
4d6b06cbcc92d8bd42b0ff8da7661ed729652c4bb8ce3c7ce1d9c2db631c00a1

SHA512
3e8271122039e8e794e6fcd3936b941f691827915295249bdfc0f4131ebdeacf159ebb40cb0b798a85670de2afa7c4d2364144c43320273da6131dd8a3406e76

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\image\temperature_min.png.meta
Filesize
352B

MD5
968e1a92ed6ce22b50d6a855516d6708

SHA1
bd35f3661882d55e3127d5ae01b8d4033d15efcf

SHA256
0dcfcfc4d3db8a69617016304ea3420627cebf851a5cada66c0c1fa5df63e21f

SHA512
4580f992a3295ac80b0c3db3ba3840b9c7ab2e97feff5056dc63366c389f3bdbe8ec3be99b69f388b7130748a83056e36f72827f4b51eb8ad3f7f677fe85cb49

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\main.scene
Filesize
2KB

MD5
2f7703fc57450664e2bf33c73bfd6a0d

SHA1
551ccd3c16c3f11251e190be8394443e026872df

SHA256
ddf39775e5dd5cd52acf3ea780ea07440b5c4d8fe068ff2edd356478892f6f18

SHA512
6dfe50f95e82103f771add99c976e77f605f5fe7c2244f840b0ca384d26215a69641977af4f46d9b56bf48abf0ac295b5b846f6d546751e5f8e36a1b97aa20dc

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\material\entity.material
Filesize
839B

MD5
2256acdf8b9092762a49642c553cedd6

SHA1
8ded352d7c443a4fd5c1f4ade9e9e474fb11f024

SHA256
35192ed64374b241d70d49e8789747909e129c53ab5a0804b7f28c05a3c6b77c

SHA512
37be06cb6988766bfce4409afe872e68d9ba25c5df50da890ed5e4295cccbaf56f30b0b6c861e86a74f26b84c43e689b86fb23c5751db0e91f0f7d60e2cb8ae4

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\mesh\quad.mesh
Filesize
1002B

MD5
d9e7897877e74e2a21045b5258c3446f

SHA1
2a4c327df66077b695038d04ea01a85f63398a10

SHA256
2589fe8d31dfcfd5f521aacd5c00a64a0292fa773aef26009dc85ee78e9bdcff

SHA512
cca81fa076a1e27ad0dad5697c5d73c70089b2445a0fe43c466f79b656a10087f9a2272c85c11dfa28bfb8eb1353ca644e6e4a94542efb1097e89bba5c293e29

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\rt\outputTex.rt
Filesize
510B

MD5
18df6305832cb33bdfeb013d86e37908

SHA1
97aca6f12b1c882fb6fdd28071bdb56f1772f234

SHA256
554c5c6ab074cd55cb6ad256f5ab52fc649c403e4b4c8efc26ef0b9567226e84

SHA512
dc2fdcef9325f2f3994f869e188fd177d0a7c3345fffec7d9f1552d2debbb707ba94a075767e18fd64d671d84ba943299e06d8c2a99b05ac82274c75c54a6285

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\sticker.config
Filesize
276B

MD5
e01f72a4bf01bf8af5641f66ea96a092

SHA1
9c4d360dde86652d64edc98db5b09b81f6521299

SHA256
628398a978ba0d718e5753bd40e2652a7db9bdab38952def94802ee2c9cf0eff

SHA512
441cb9e28853f836f735faf15cb4bed822b3e75d6b401394347d2f734f920a5d26f416fb5430f28557251c8d654a4f89ff4a57267ef97325494f7de41d55a0e1

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\HSL\xshader\entity.xshader
Filesize
1KB

MD5
07ec3efcfc5f0459f945202ac4f8cc00

SHA1
0eccf723f7002240c22eb90c1e49560d5d4d1e96

SHA256
a112e4d48ad3b783194d4cff5f9eb31eb04c2d9ea7ece6ba6dd6ea634bece058

SHA512
dea93c925cae1a875737e1a3950ac7c30fda0e12a85a499e6a427d87bbcb43fa5b78390f0d36700eb1fb8df4662b577d0ac2bb1c3b58c823ddbfbe9a73dbbe37

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\hsl\config.json
Filesize
318B

MD5
77519af09a628a989796aa3537fc2e9a

SHA1
02b671e9f94751af5e8ef21f5d4055fa3b5d14ae

SHA256
85a973186f9e260957d41f64dc40bc685c502daa864093f04b91511fcc50fe7a

SHA512
9c1042ae891ec2d8cb481bac62ef8020a8fb2b0008a1912f32e95db4c0fc8904d30de1d18c1e610445f44c111fc5e22e408b7c2190ee936469b2e2e486cf7945

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\algorithmConfig.json
Filesize
454B

MD5
e32b15b2f60bd97654b82e1f6bf3cd0a

SHA1
b3cbcc5bf7ae1fb2e63be09251f44472034cb860

SHA256
bb9ca7d984c8eecebebfd3aadff29bc267d9bf1cc6dc683a887c32823dae45d2

SHA512
48c746ce269f7fc3900d605cf909f8afc86bb5250791082f9d5ce530b1e3d4a85233b2695d501b71be8665806222fd866dd5904696f6ea6018e9adb7f3dcb5b1

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\content.json
Filesize
129B

MD5
135a9654f82a58293a06f0b0aa238366

SHA1
e344e3a1bb5908d54459516de010998307ae7ba6

SHA256
8f72e2d5ebbf00be0a6473d8fd4ff494b628b7f6b972410c9cdc3f8484bbbe98

SHA512
4622a5b0bb6eda00586b6e93699e27c8d62c1a551a6e5c95bccfb9d07fa5652ddf9a0c80e0caae869b301ef86acb8261ee5cca31d8ac05838516f42f95551fd3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\main.scene
Filesize
2KB

MD5
93f7a540d4ce6fa49cc5d48a1c93f3e3

SHA1
e04969f35caa886b687c1159b9c0a08de2834322

SHA256
335944a33967b6f2433d4dcf870f3a36d30fb52a6b3c3990cd18c58510132f5d

SHA512
16ad256515508dbe380813ea79c79b111bc872b1f23f09c448fa70f5fb857d581a8024ca8ac5e741a5e786dcd3019a6999701c0e8421ba9fdf0f7ff6d95da488

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\material\noise.material
Filesize
652B

MD5
450891aac173ead9ac0c53de9305d2a0

SHA1
5bd8be3996757c7aec3f1c80f0bb3103790571a7

SHA256
fda54d574bbe6040e6dbf5cadca7340c0ed837f65d5f7c06a5bd9dab983b31ef

SHA512
4d60b328c76e255f33d0c72269d71460b3466eb3afe7ee37adeb700bf481cdb73d6795920078a64f052b523dec8ae5a9f09ff182c7a062752bff6b949cf010a9

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\mesh\quad.mesh
Filesize
998B

MD5
4aa5436ee2b0532f2ed534f609640375

SHA1
dbf2226c55da470d70b441e70939984957ee72e6

SHA256
879e4889ea6ee05a3835c75c99595c87740223d1354a679b85e9c7720809aef6

SHA512
14378ce5fb36b54e0dbb57e33ec6353303152813e80dd5e2edc61a556300e3a667496f686a65f214d4f7dd047ce3c281ac467423be234d5afad0d6fe2764c8cc

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\rt\outputTex.rt
Filesize
510B

MD5
8ebadca36c0a1b88562b6052beccc091

SHA1
08b3456e57d3cccd4f8f8067f41a991983437756

SHA256
5cedbe5ea2f46408ba45424f6374b2a3666630a4a211d9a928cd241b0762dab4

SHA512
e758eba6d210e667684453039ce00e62272cc6d2ce0debc1573c798eef4d95ff277ae7d96e6d9fca9cd8f2620d59ea3d9291d197cdf37e719939724a9f905822

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\scene.config
Filesize
363B

MD5
464dae1c58a2faafb9321c8235f3f9b5

SHA1
337d5b2ed9ff72660ca19146761632e92fc45484

SHA256
0adc55e18bdff0fcde5e163338cdcb74618b1198dbd95d315ca5ec256005921c

SHA512
73d3e0c4c88eb7e9dfa5f9b374767cc8c51c270c37b49e39f516d7b00e1346bcd985f9dc5f1d320df9e3eab5a051c90bde14ce5399ffb09126c3f383369727af

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\AmazingFeature\xshader\noise.xshader
Filesize
1KB

MD5
6cac7f9a27e8c3280db152891d9837c1

SHA1
18916b27baf2a2211282e4007f8940556b1ea73d

SHA256
94d6bc0f3912ada7dc7c2fc6cb3ca7ef38bd2e54bc6a2a93ba5c62790e0bee92

SHA512
61ac520a6c8f49792b9bc2d9a8e8748926a3e175297017f626f6bbf6d5ccdbc30bae8850fbada13756ee82a68ea4b6f3ac814756507ff79a44d41ab6cde560df

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\particle_v1\config.json
Filesize
301B

MD5
9ae761dec3eef8278fceb28262aae2e5

SHA1
26b380999c34223d2be4ad462b5ac4cac662d30c

SHA256
1b76c3df72fb1c360bf91611a5608678f11e4036a5271c637781eaaf27cf1e6a

SHA512
f54910324ec9400cc3afd7682ac0f01f8ffe19a4037913e6c39043b4220aed6c25659ea66fdd605e0bbeedeaf9b71819f0c2bf3c930d62783fe50ce157a85d63

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles2\AmazingFeature\lua\SeekModeScript.lua
Filesize
2KB

MD5
186b47678a46f5a92b2e2eff6ccd788c

SHA1
a0d7cf9808266871e5ff2c2af2564af3485d51fc

SHA256
22a5beb53cc88b765fe88d6e897fd67cc9957eaed8230b1835e2bb24426d25de

SHA512
7708a813c96dc4f1b78355fffa88d8881908ef2d486d36ee94ea28c900d4468ff2921a4609b6a59a03b99c5335ffc2aeb382042a7d0e6088f1ed83ca5fef947e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles2\AmazingFeature\sticker.config
Filesize
297B

MD5
315d136751a75b65a3ff682586bfd279

SHA1
5643a369a727f9f4ab60f2696e2d3589f740cd12

SHA256
eb62bbf1d38cb3bdda35aa51ff5c68b72ecbecd151137121187a23a69674e145

SHA512
ef8c20ebfcf4275dafa19f4530cf2f5446655347735ffcbce75913584ced75e36f8cc58c0d2b468b60b14afc96b681b0a8068197720e1073147abaaa3c41911d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles2\config.json
Filesize
330B

MD5
148636f3c3512365f738ea476bcb33de

SHA1
d04709e5cba87e0e8d45454a087d962e3ec807ff

SHA256
f3c3bbd6671e8b331ce242bdf7d0a6c70539afbdf86d150bb1265d3b76898494

SHA512
78e38f38c5ee8fa296223fdc5a27dbf6a9b8cf5a89d456a6944975c5239389b1dc8075dab85e7e160318e3d788687a8f645102d2a58c65219413c25a1eaf7b1d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\ImageBusinessSlider.json
Filesize
1KB

MD5
3d90abb2663f9d1acc7cbedb9909deef

SHA1
12e761279f8830b58dbb9c334a9f341d50737710

SHA256
c87243387967a9712819daba2869ffc7957e94eedde1383e794ddd2a031820df

SHA512
c8d238c53d5da820accb55afa610c74cb7aae69facc228493ccfef51951ffbe1ebaf49619a0ad5e83a657347642696dcc3f50dc8776b570c4478f6670189727c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\content.json
Filesize
130B

MD5
37b0fff723a30a6bbcbf578c5969ec88

SHA1
cd4cfcd7ba00ac851b80fa720eec37a1346f370f

SHA256
fc2b74417e526dffd214dd36eccb1531e6c777a0cbfd2dcf7939b4a5a7f52cfb

SHA512
e80de26b6947beb8a2ed6619f20de97542139d231ae1747c4ba7a5dd6d14c1f43dd051bb171c6699d0abc5d0f99f0685f8ec68f4a7da34b91cf588b98120c77f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\main.scene
Filesize
16KB

MD5
381074904250eec5f43e251b6d8e91c9

SHA1
232cf9ef32095b194ac6cd346ab601f3f1c7ea92

SHA256
a6129e2717e2afe4d3b0e1e081bf2883057ff3e08a588bdfe130dccb8d4cfb71

SHA512
d490811cfd51dcaa170a7a01aa2c5b2a575bcf18f204a73808a8810dac93b34efb89fd88535a0054fd658c976058a1774d8ce0b95bac8de74cad6b9330afe4ae

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussX_2.material
Filesize
802B

MD5
0fd08a0eb4cb83f4597652f167d08a70

SHA1
5948ec6e859346f0005010a895c46a0e72fbb87e

SHA256
bb3eee876daaf66c381852151905f2f99393c6c1cf8eed84aa698009478bea91

SHA512
6aed71ed17b6d1241d3219106dc4740849d717863d3c912e42d78aa5741721c092c08be234e03e6b45040ef14c6c1ca28b7421830e04f23d377f5bd924e2d69f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussX_3.material
Filesize
802B

MD5
50205d07706b8287830835c4610a68f4

SHA1
a7484fd17a99cfe449682155547d2aec9b45241f

SHA256
9ba45dff7ca433ae5f578b95a4676262b2cb5c44790b3e59d7073b151ae19061

SHA512
fc1f25040a35b99efd911e969b031a84658d32558c00cd681f9f7a7afae736b1685e1546d403c467aa0ba020315f7cf4fffbecc61400e57c83c841708eaa4cd7

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussX_4.material
Filesize
803B

MD5
08f5cc694a116aae2190754ba1b6b64a

SHA1
7af09c17a62c6c27e9ca33390f9c4db4b3e138d5

SHA256
9ee366374686d5278d08e56bd6698dbc3d71d41ac27675a31e4c860fe69b16ee

SHA512
c20a59845444bb2f3081bc4d851a262840525b01abcdcc7b5d66a5935f35034c8675a2f4c0a20238e42d1012acdf6cf1e25510cf9f26c72ae5892deb501a7d58

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussY_2.material
Filesize
779B

MD5
a7329fae369e3776f223ae0215eba401

SHA1
afefcdec1a26728fefbd63065b5173d174982116

SHA256
ad95a4b166ab0296940de3a8dc14ca6e2bb518b9c9f4cdc81c722ed6b9feafe5

SHA512
71e4a16970c233f1f84fd5a290e8d50d60d8db2df703625e0e8701a2b7a51d683f85804a2de1f081b9fa04b9f7a1fedcad44fe5ecb34015fd0fef6a829387ad7

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussY_3.material
Filesize
779B

MD5
533280d5d48ffe1bf9c29cf12df1b9c0

SHA1
acee17ddde63e2fd6010b8c7db5086501fab6532

SHA256
fb92e5eec31dbd5730e9342da5180a7c23ddcfa8942f789c8b8c526da67932a5

SHA512
325361fde822ca1c8287f0154059f888502321f4e15ecad882d0c6a9600c5f201527b4b9eac14be03f2417a989ca64463e7f34e6a59c410dcaff34b6cce5108b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\GaussY_4.material
Filesize
779B

MD5
2a7a4702c1a659386254f9ea17cf5bfa

SHA1
5ca9d1cff9410df789f69d8c377ea2c5cf28316f

SHA256
b61a22b9d271e1d058e76221ef846283365658e4cda17a93fcda4c6f499f0833

SHA512
93b60f0a105054be47bfc853f7c96e905b91ff1949a8b12cf8877dcec5794491973bd27b8f99e57b1aaa71017c518bd97d69de63f3b93063ff41305398f3063e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\blend.material
Filesize
746B

MD5
61f42ce4aee7b5c8d666301431380883

SHA1
bc7ec0c3ec71fda2185130601467f492938fb282

SHA256
05ba3353db47661e6b7cf8521191466427d0a7b2bc2890faf06b13814f998905

SHA512
d9a20470a19a20c1cd4965aad4301624ab3255538f4bbfc32e49511575c687e17cbec74233dcf3a6e14c828a2a15e63fe3b0b0e489faa89ecce88ad7d0f8fd44

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\cameraRawAdjust.material
Filesize
1023B

MD5
b9aa49858b3cc109e7b2e8712584bb1e

SHA1
2a84882c64ad9109525330952e8155ef69046373

SHA256
d4507227f59bad0e422c7956c179ccc77dbe52451c9b7a9698ec1eac3129904c

SHA512
fa45ef54b45e679059e7ca05d175551702c87f08d9ee25180e92bc4b379e43cb65360ec878dc4ee2d1e57ddd8b6926b1d3645d3fdf8bdde79b3007f5139c079d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\getGray.material
Filesize
683B

MD5
8e2fd46c1b59e4776a9876fcd6e49c90

SHA1
3db1adf1da79714e74eb959631c13999be92ab3f

SHA256
67edd369889edda553a46a2d4da5e668e1858382221d3368b79cb0219b8ba7aa

SHA512
df782b536040c798f34ad6a19d469853384ae7dd128eacaa30b6ccbe3565361d226c14bf8ef53fd3896dd5468192cc78fdcf54e54efb1be3a0ceaf6171f14158

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\material\guideFilter.material
Filesize
741B

MD5
4149ce9115300f41fa539f4e91585d86

SHA1
32f12b0df05a7f61e2f1cf942d5fb0ea544492d9

SHA256
6989e7a601a4291e4d2dc9ecb175691ebf08b1b46f4d23a2f777c43c1412e720

SHA512
c8c5bcbccb9f1c750d397860bbfdd454842c3167524c20eaf7a40b91d647eb7f288e345b6eb3541a09fcb27533a0bebc25a9da00c487d0498218395805838529

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\mesh\Quad.mesh
Filesize
1KB

MD5
c556ff57d5700b309a111f4ce5ed2193

SHA1
294dadf983b7d77be6614a97ed7736bb6e3885e6

SHA256
844c1880d87b789d86093af993c51d3f18f0c351b0adbd18e51cc85849d267d1

SHA512
8dc7dc4b1baaf4ff272f73e0ecbb98e5f6fbb94b3b356bb90ed3eb9a11208737c94bed4150b4c8c84bb397b77f9a593d4e0063853bfcfbad6c68ac9bfd5c257f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\NewScreenRT.rt
Filesize
569B

MD5
b1d15a9ec5e78fbda6a65041e9865946

SHA1
7ddf12eb13b632c02e7a8e6f2cfcbb93f2dd0013

SHA256
b0c05fd5785fb5ee51e8c6660de87496ef78cd17d09f8f91d067a8d19100a97e

SHA512
f316b4ae29c13079d24260610100a5de8f229f5de2bcc2f615e1a846df0ee9836d6a94035e98581879bf75eaad2af72c68cefc828c5061c752ac0f756875c315

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\NewScreenRT_2.rt
Filesize
569B

MD5
0f73ce743c03a1e58cefb31d0dcdebfe

SHA1
6b2fcc105b2bd6075bb96318b65fd416045e1717

SHA256
3189e4c0600fd795fb7ecd64edd85cc79daefc64990270fa6eed0e30765dd981

SHA512
417df535d9fb17b6a228703432723251ed36a6dcdffcc9b3b342cc771f58e3f7096e6612b08c0b0f90e058cc944f16fff52f55c949ebc7785e97ed2346e2fb21

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\midTex1.rt
Filesize
510B

MD5
ba697c3d9ec4275c5b1a09fe180464c7

SHA1
1c6195c5fa98a014b39406e4734138d19cd257a3

SHA256
988efa227c672c6777ef5309a997681556fe4d4bae09b57b5c224c4af8de7378

SHA512
d6dd9b1823839f35ab73214a945b5e12b83f54783e5348902a7f4524fcedd26791b525d89bc160930ad4b18557ee37014410a228ae72813b80e873797224006e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\midTex2.rt
Filesize
510B

MD5
4550eda36aa0e8cf1cbd9d8ef3b34ad6

SHA1
645d12776f1016efde199800b8e53cc46b91d008

SHA256
24b81322a7a5938f72d77dcd98d4d3ecae808f710e040f11746debe7dfa41d9e

SHA512
276d1f37d7302a662d15e1ba680e712bedb30327c6fd47253442268c3e6f12c648980820f2730e8d251844d3582460e97d046415d76260ebde633f7658fbdb74

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\midTex3.rt
Filesize
510B

MD5
3dccd5d41c5031e87705b56d28d482a6

SHA1
2ce9884241526070b30f5f5d4a2778565fad37e0

SHA256
e93def3db002de84dfaa6f9f4ea1b8e28944f417cde35b1a14ed5375fba0d44b

SHA512
e0912d927a560f25b74a46ea63878c2d5be0683928401579c576676f704073336d48a66271e5f08a84923bd49ec824e7ba183864d56c00923cc788f5df25dc5c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\midTex4.rt
Filesize
510B

MD5
5d355e67b07e3f96f39f10947cbc8f4f

SHA1
34801863a7a55ba3c5722418a4222f3cb6324206

SHA256
c0e1b493f8a10903083b406a3b767c152e1d72715a30d1f6264ec35cc35e8d58

SHA512
b735b284f0bc80286a731b5ee8aa6e123dd633581222a4be0d2859eac076aaf18d6b6ff56f543a83196f835c03c06b893c9a9df029a86a8b50f96299d35f836c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\midTex5.rt
Filesize
521B

MD5
7f43ae390ac1e2fd2ff3a0e2a4cb552c

SHA1
e95ad1dfa28fb9cbedeac7e3e1a3368047d6b9f1

SHA256
95dc090b3cbf6abd6338336110e12cee49099d8ec9dbc7d38872abe40ec1676f

SHA512
7c769078bcecf056ca45426e847487db2e787ee26ae0914d6d3a6ae3c01fc060f293e37efe96bb6896ae14e0310d8a9282cdf1a0a3d60422bfd1876f065c5fed

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\rt\outputTex.rt
Filesize
510B

MD5
167a1d405f5f684119d9372bb372cbfa

SHA1
8491118051150e3d0fafff9f04efcb7a278322d7

SHA256
bc45c371bc37fa2003214b0496442f7998f7e3d9f9abdf6cd99e14b31484cf6e

SHA512
23250e45180ed223d4bde098ac684f553c15ca691b74c87d4f92544033d06972f7044de1c3790cad6e94d07c984ea1a7d77fde078236a10829ec46408b25d6db

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\GaussX.frag
Filesize
1KB

MD5
3d2bae2f5332b0fa09bbe636c27f6c55

SHA1
b6d400e69123cca5c6731e93025ca46721a1bd85

SHA256
0384e6b9c8b245aa05d595391b348a4b06a46fc2ba85d3dfc7cc2ea21fc1accb

SHA512
9b7adbaa7afab46a6e529bac42fa3849f96768129dc32d88c2b06dee01c459a8d3bf7f3a9aa0dbaa5868081698ac93aa6b3885201c8242ac5997825fb0a1d734

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\GaussX.vert
Filesize
168B

MD5
18acda817dd3ed6f2e33377a9ca5a428

SHA1
532deafd2e223b524b52ad601335bcd4c66613bb

SHA256
cf05efbf2e2640520fa59682c896f718000088d2e7cc83f07c224c813d30cad7

SHA512
6792edccfb6625f23e70693f3b1fa30bc306ee584cfff822061e0da93a02b5e17abbedd851ddc92c714a8922a7bae0f2996041356b55781a77bfaf3791eb4284

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\GaussX.xshader
Filesize
990B

MD5
2e70a63b0f2181f831923e70bd601b74

SHA1
55c4fe0a03d43696959104a83e6ba62e958235e8

SHA256
026d2c6857a07ca0bc9ab1238d21df89b2f069defaf922bca975bfe42f996e0c

SHA512
120a79808a8d5fd230e2d44c3e36d3bd4e281a843cc13cdbf6a7f3c361419cb9f7ecbc773a802a048cd78283535f244869d55a44c03127d032cadaa890e9c4a8

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\GaussX1.frag
Filesize
1KB

MD5
85734d5169405ddcda98b8d8b823bed5

SHA1
cd8c448924a8b2b547ea921d974e858e6da24237

SHA256
3bd8a0bdda1a5d97038659d07ee83c08d45bcbdb8620996b7d8fed1fc4375d28

SHA512
a3d24c6563656e2f0a04a9ef370fb07178ba2847071a4471e8cef701eb6b1fa95e6e9e06b629512f37010682fcdce31a58a8c2b10090f2b6ca72c1c414de2a63

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\GaussX1.xshader
Filesize
991B

MD5
8541134c9df38d8b56c1cfbd20b71613

SHA1
6d8419cb3a31face4cc4c0be09689661071ef55a

SHA256
c103e24cb7a9c85514392dec044e50be8fa0074a1d87197eb4306d3cf33cdeb7

SHA512
c00c7e54432c0d1f0196847ce0a5f3d1c25de2db4f2e2aef82e7f45ff8333263f5bd99d0d16fcf7069a1d4a36b58d432383feb4e37e1e16921fe5a79fe4bb2d2

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\blend.frag
Filesize
489B

MD5
461a252d897c2eb1d074d58c3afeb5af

SHA1
69763038085dc0066e8d4d3709f999470fbf6a2e

SHA256
0e69608e65e285adeed451599783ea714ffacdca32454a113159579c0b038650

SHA512
afb6d175c99d4c0a7578ddf7d825e659a22d931d2e3ebc040b5919d28df9d3ea809d3c51178f44614701a926d4fad2cbbbb69e8ddd054bd2fbe7146fa4a85ca4

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\blend.vert
Filesize
282B

MD5
b0b876d2cc58df90a07d9fa9a047b703

SHA1
597fecb86afb3c8ddfba5a8365b2d0e4f550fdb8

SHA256
a3dd0a14a9a48eb6a68b45de413c79a21134a3273ddca966cbf754f7b652fc0f

SHA512
8c22a5dc20ee334952e57c6476836cc6b3e2bdd2bf32abf00e406db4e9fc9815936305efee4ddd60c3cbd50bbe70dfc22b826d4bfda62b95138ec2ec35e0925b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\blend.xshader
Filesize
977B

MD5
0ab700e91816d4ac0bc6d529f014fdf7

SHA1
48b1b8e76a7d4bcfa3495f50a423e29a6d89ea06

SHA256
f788495ff65f560044c56287fb72cdaba53c415a587773702fbc498eaab406a9

SHA512
7aa69c9247e10978d7051809ee5d2477f70672053e615beb4590464253c4a36ea57edea40ac2bffe496d50f696c28ed67ebc4743815168dc213db55feb93564e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\cameraRawAdjust.xshader
Filesize
1KB

MD5
ce5c49c155f27a838431c284fc8a0406

SHA1
7ea6bb3c2a1d6f68caa819480beb4fc04e2f0c54

SHA256
1f2c82094a84b14066e6d93e7f4fa3e280614f370ccf297a28d23469e5c04e9f

SHA512
4ee7ab499fbf706b897da1f2a7c6a83d97cc920483535976e557f2b2985220f645493b0da6c1a7f69f501fda75bf84721ba35a48e2932cbb54f607bace481d9c

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\cameraRawAdjustCore.frag
Filesize
8KB

MD5
b662984ae3d33d553f4d35280bbb3fb8

SHA1
3b0963615d84872b79f9bf8d2ddff1e14802945b

SHA256
73e723c7e4032dec8da3f40c1c4df7917803ac0c5bfbf0955800c0d9687f72dd

SHA512
565912efe69e17428a827311c247d8f4d1b47b14a568337bbc4521a1cac0e9de8926edc8ffa38e443698b94de87a54b2c4802ee8ef21900b347c67fd93de4475

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\getGray.frag
Filesize
234B

MD5
40169471cadcf1db4c7bc5a1779b93b3

SHA1
b31d25e29ae3bca5b69a570571d29b9671a821c3

SHA256
e426d0ec442a009a3215e888bbcc8b99ca6308b8214d341dd4ad5a5b1ca305d8

SHA512
db594a5c5732c569d3fcc3d6e73c42dff81373565d71641e3a06f41c43497290bb6b3342b19c3c230ca52cc5df266b217071d00a6019717ff8e9e0f75904411f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\getGray.xshader
Filesize
988B

MD5
9162bd31eeefbb50670058accf8f9782

SHA1
d9418ffe60bbbc5c0a3d61d3a0ba76225206f953

SHA256
485ccbe9096f99af6f555aba5b0fafd93968af7ee0161bb228d55e817fcb14bc

SHA512
b92afb7bd08887647e84dd6f2651fb054ed0066934d6bfd26e373c88940270d81de0c427cbddaf4907bc0aea94aecbca44801a041290e6ef1a642c7cc4b68865

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\guideFilter.frag
Filesize
540B

MD5
dd61f4e356cb9ab70fc84b9cc755a0d2

SHA1
7a58baa1aaa2744b51b8b14dd7ce472f90771b86

SHA256
cbcbb33a2dcd5035b08aee178418020af2d449fc4eb8fcd759d53526283024d7

SHA512
87a28c3c427d933843b24902606e0066a9399a6581b2cba766f3573e4c99de511d62010323ec0c99053aab490ebcace35e1a177b921a3859bea2c0611fd538fd

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\shadow_highlight_v2_gles3\AmazingFeature\xshader\guideFilter.xshader
Filesize
989B

MD5
32ded8055529f2946c020187dc2ee282

SHA1
ee0350b002ada9872817953dfa76c510dd6f2dd1

SHA256
fce73b91ec527c7d950398d89e7afea52427f3fb3f6707b72cca647143baffe5

SHA512
7d1d742eb1c11e4e0dd388ac6fa986f28c5446bfca5ebf66424c40d85ff02e41d47e2ff34a824edde789a372e9c79e3baba7ed4bd53779c44b997088d4cb09df

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\LuaRTTI.MarkGen.lua
Filesize
166B

MD5
3b020c4f6c40f7436c57c8e70ae429bf

SHA1
cfccf46119df2c1355d6edc7d735be069537ab24

SHA256
425a0804076088345fabf8527182630f4886d04f185f02715191da72b50c0c6c

SHA512
cd205332aaa1e38de867f363273d9f87b62a01bc53fd0ed0522944cf454313559b1816a353f17be2ff3ab512d80138c2ba518f178c364983640548dce816e2cc

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\content.json
Filesize
130B

MD5
27239fb7cfab1c4c472049730d9e86df

SHA1
216c36f853cb02ae4594b2ae0c0b04ee853c1920

SHA256
18d1cebf5ba1d4f2d8a41aaa12117f908c13aca621c2d2bee44a272b19431428

SHA512
b8d716a39d9a4b840c8b712cbf742b84780f0ba0a05d3b31f735acf5e208e89b248adbbb03594895553f944ed2134042348fbffd8bbd5bffe9e4a5cdbc765ac6

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\lua-meta.json
Filesize
3KB

MD5
70ab746520f74637626cce4ccf30cc5b

SHA1
8397fef65ec26e1088f6b8af9760537bb5f3b4b7

SHA256
638db9d286716cc0220a963bc43d46595b0f072255dd5971f220a1a67098ecc1

SHA512
a1c592de0baeed48aadff57fec27d47deaa9805b588a399f5721fb98753c357432919196f67a3ff34dd00fceee0fc8c25a8749b349f138c7121b648fac80e43b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\lua\Lscript.lua
Filesize
8KB

MD5
9e31485238e83f6f772e4c5367e39f8c

SHA1
517bc35a1aa5bee44685083d56fcc522e137f209

SHA256
87feea0d99750fd2cd91230d723c77bf8c4b48f8e504c714970365427759f9db

SHA512
03484886e274be310d4dc4ae6c9e607981dce55e95aaa32482621b57b15e52ed27e29873a6abb9a99bdd298bce4f96106c0e215a0259eef1aee8ee772e4c2912

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\main.scene
Filesize
2KB

MD5
ee9ea26fbdee7dea8a63ceea3d10abed

SHA1
5ef179497fbc0bcbe2a12002607113625cf743c1

SHA256
a9d4b06d4eafca0dda1d409d9105fb73faa6122147eeabdd1716080eef229558

SHA512
fff958e3bf4812836a2557510831282a4cc90388a853ade554926d5a82400ff016ef7d98d1d1a0d0e4f3f67a41e200aa30ab2acb7b6ef84149914b253b58fd44

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\material\noface.material
Filesize
692B

MD5
40f83b69bd80fd0deb2105deaf2ffc8d

SHA1
bf41353cb3b7459d8c601c53d3c7f41ff3c9a8bd

SHA256
8539040a84f693475dc16c925354935bc85cd485562befb7ced1ad1cb52d1ced

SHA512
06bb279f21a420d658402d3bcd43526373c594be7a3b4e2ea6437e31efedacabd81e1c50427bc9bb113597e11dfcaa54170d878f211bb65ce89ee90cbed5e647

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\mesh\Quad.mesh
Filesize
1KB

MD5
12e115976563c68a30400c943bfeb23e

SHA1
f844f21493b7c532c52b1dae3cf9bcbaf2913845

SHA256
119e2e9f016877f83c4f7c91aa23614387189cd19d8a9098b5de338f5e0df38f

SHA512
e3b012fc6d24562ef19018f5351bd81f2dfa2ea0f9913ab4861b807a7d2afdaba03a8224661d789fe759d486b80cbea29c2bc054d106fac4d4eb1c55d93ebf4d

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\rt\outputTex.rt
Filesize
567B

MD5
cf24830ee14324abab0e003efb31ea43

SHA1
b9ae2fbd54e70c24cbe8f8a13a5f58554ef7f9e5

SHA256
8cd4b0db123b2babd506e58a78020adc44f248cffeaaf0e819451807ad94bf9b

SHA512
a55bdd07c2fabd3f36bce607926a474ea2ac0181b370c9e667a71c5c4727740115e1f60f176b43c340afcec6902e4224f47f29c246471a86cd5bf74dd4a74bad

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\AmazingFeature\xshader\noface.xshader
Filesize
1KB

MD5
92b6d5217e89e4240a716eb00e5c03ea

SHA1
ea9ad400e9f19099ea63d272da6d7e3d198f56bd

SHA256
06de6e75308dc5b8451a2cf7e3109ca2262e144fa4014bc7706dc2f7fcac7f55

SHA512
00218f253e8c4c8fa6d836d7ab98bb42a7fc3db91438714f1287af8b0bbf583dba4069fcd669f0306ea13c72a189f64a9350ddb6a5adef1fd85a7f00f656656b

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\temperature_tone_v2\config.json
Filesize
338B

MD5
a61c79f493a60e39bad91c3458e51621

SHA1
3500cf0316d9c053bf05c380b04a4c5936199778

SHA256
474a9d95cb7bc887cc2ac7324648a336e80d63976b76b21e3ff33f710f034b2d

SHA512
b4043d19338c134ce8fd2aac1edfe45276918473b74d57d584e3811a15b954c1838d9d12c1d95b8e81266689d2e61ed67bf4b8c0fb02f80c4a71726494f9910f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\DefaultAdjustBundle\tone\config.json
Filesize
256B

MD5
93991c08f7655b2feabb394e5c52b21a

SHA1
a6539661e83c614000186c66e00f962a0fed97d9

SHA256
b57b933c9a505ba7d6351672147d522996a0124180156bfdf19705a0d8b93a74

SHA512
03980036b0ccc8bc77025032adbc79ddbc8274c068c3e53470b3dc360ca9a67c213e2cd7df413d8b3dae88011d0d7f2b6369ca62a0bdfe9e32f1af6d309bce0e

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\LogWheel\log_wheel_v0\Wheel\xshader\entity.xshader
Filesize
1KB

MD5
0bbae960c83483a878ce02575b7125ae

SHA1
ff5860858786cf9fef79253370f0d064e889fde7

SHA256
df215933763275ed647cbc3ca4aa61d61bae5d103c57d7aabdbfd693b7d83e1f

SHA512
76a26bfeb714fa17cd1ef48b5ebdbd9d3f22e055d9e72de9c7d4abfbb25bcf8c46244b2269ed75b0dcce6ac63f352c3f58e5fd395f76d45edd7fb8c1fcec52b5

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\PrimaryWheel\primary_wheel_v0\Wheel\rt\outputTex.rt
Filesize
510B

MD5
994d1edd0a9de124db0af320df563376

SHA1
2955835e7873c70512dce5dde93fdbae2a9f3392

SHA256
04f3515e2001470f579f2e4cfc6df63e2d35593d13ac259ba769e2d2d4ef68f1

SHA512
78f56124833148c144c37de52b9dd0b8163644033cdce0b6e994d6a23cf0708580e68211dc5ddc2b2df1ca0ebeaaecfb882482c77a181a351ad45f2e39d9cd03

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\figure\beauty_head\beauty_root_pack\AmazingFeature\xshader\lips_keypoint_faceu.vert
Filesize
535B

MD5
99a36fedea2877e405f50a13999cef00

SHA1
bf24fb94861b62f289077652b0ae02e93cd43cea

SHA256
96ca09106a66055d2040069806965b88b710942a569c3af6caceb0eaf4fad5ee

SHA512
bfc4ec1069b72a572c51c019c24eb233f8ee0ce3daaed766b66e770ae7f81b4b8a37d061ae59765866736867c594cf3d2947cf6588e36da747713b5d639706a0

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\image_h5_material_publish\static\css\publish-audio-effect.efdeb61f.css
Filesize
10KB

MD5
348a4ed657cc7bb4484bf829f633bfc8

SHA1
5f5f0e3004ada5cb7456c4816e37e1b8573f9e8e

SHA256
f8a1929af639b5381308c1bbef8f76bc1b77132b56f4bca6b1bf7d5cbdfaeaf5

SHA512
e4e05331b72a3e975ca5cf880fd024d64f5df8c9015adca1f4d0c00846b0cf6a9b984060ec7cf7906c5767dc6af4444c06f207f417c09805c76aee3d175f4fdb

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\image_h5_material_publish\static\js\publish-audio-effect.ad8cf50a.js
Filesize
48KB

MD5
6a099e2034d34d47b10244f6f755b79b

SHA1
c6de28efa26362bc4c53ed6c91c65242120ce8c2

SHA256
5ae81d47aaca8ce2e08af1ded6a66344d2da21659b042497d0c90ea962bfd08a

SHA512
c167329925671c141f969a602d895a52272242cdb414eb6ca7804799006eb0fb3b8661bd876bf87018ec1f23504c3cade88e62da5643dc45be7a51a175d700aa

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\image_h5_sticker_publish\static\css\async\207.8355af33.css
Filesize
48KB

MD5
5e7396e4efc1bbd22c3ddd0aa25a1b40

SHA1
2d83f7d230be08414bda62b1243ad28e3a328a9c

SHA256
110c434f0f0b7bbbafe7a26fd3a710fee6539d74418ffa079d2a6d8f9205d2c6

SHA512
c050e1f674d2d0e71ff7b3b3ae073e1fd6d2086ded51d0b85a0dae7280ba1f55e05488edd94be7715681be9e0bfaa3a796dba5a8078d80c3269387df55beccaf

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Resources\image_h5_text_template_publish\static\css\async\821.aa04e1ca.css
Filesize
21KB

MD5
1e82b364554a37d96f9013e0795a726c

SHA1
f9b9c90fb1fa63499c4d3965b2975c2f6cfc6f6b

SHA256
05eb7c420e4a7f46e17b5822c897844d1f84cbcc88ccba96c138362f81dec1d6

SHA512
f1f05d4fac94e374b0ea6e3ceb58a6d53f95775b28f6bbe9a0052acbc5ffd6ec3d890444ef1972790d2fca4ee2d67f99d683cff5af59f4b44064362a55174c47

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-processthreads-l1-1-1.dll
Filesize
16KB

MD5
764d5b1217e9ac9762a859d25952bac2

SHA1
485580d1328f5406645b5f1921895279e6c5f2e0

SHA256
fdfe7426b381974425d3c43fc875180724d44c8396f64e4143f249c464442a07

SHA512
f25606ed097cefd7da3600b301bbaae9e45c7531f35d345e1cec43cceca99cd0f8cd0283a191fe54b19fac3a55ea7fc1a95c9e0469c6052c7c0cecd6e7744aed

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-synch-l1-2-0.dll
Filesize
16KB

MD5
c6ba697f115a8c6b3036348c2ba17c9b

SHA1
133d01b1a9bf217fdbf00041fad0d678d52a652e

SHA256
51436458dcf13297fd4e70201476c1a9e9ca8ec83d1189c02fda37eccaa57a31

SHA512
98e69c541ec2e8effbbce86d64e4e4222239534b74bc3777389a0cd7cfd2e92a078f080f7ad02ccefdca8751ce1d8b11295be66dcb072977e37b2e3295c882f5

Download Submit
C:\Users\Admin\AppData\Local\CapCut\Apps\Configure.ini
Filesize
28B

MD5
3510e512c6fd7d6bcfd5e29ee747863e

SHA1
e7fbbe63f87290adb0b1016322b44bf57046bcc5

SHA256
e2b2952b674d2f65b3be4af3deb6194c65bb3985b45731e17061a0eb1ae49f2d

SHA512
1a886e74d94745d8f98607adde5b7f82cc3d3a8fa9345689552173646242b7e58d8603500c109aac4bdc9f4a6754a1f906f0cdf06294d4038fbec404496e31c3

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\buriedPointLogCfg
Filesize
26B

MD5
613bba7cd6200dd5dae5fd5d94c6a2a8

SHA1
72db7e281fd4803ee3adedada6e0165f27b4ee11

SHA256
6561d3ca6cd3c5b619c318c98b0982eeb111d5276b8832748a3649b6237f8c2a

SHA512
4592c9777459620da8282c4950c2cc694208ee2152cb97626395de61a6b353b6a25c5e913e2ce4a6159125e25116bac842d6dfa20952bf7f037133672fff9cdd

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\buriedPointLogCfg.lock
Filesize
59B

MD5
11dc3c060fe8a1bd92ab6d170572d306

SHA1
afe295831e588c5824b74f003f009bfd91ce402a

SHA256
bdab592f14d197921c7208e83df8647d94e031e6a13bfaa689a7f84086d9a44b

SHA512
5830efadd399a2d9bfc6b560cd650a16188737c4930be302695993617b202ca9d2d1f3dee94dee7aef4042d58d7f6c95aa8ac4fc08eb073f2237c97b1c91d432

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\buriedPointLogCfg.ybhGlx
Filesize
51B

MD5
986313a6e4699ef05506c5ccf0d82e76

SHA1
ca3d0f1afc69f9c8efbfbcc97ef41eff637abb4a

SHA256
e64107c8b150e3e733aed14a728920bef2963027f4375f5f26693fe5c0810e72

SHA512
90bf272d7daeb02e09dfdda38f4c7a92e860fa9c2895ddf58c54d240e0e32f03e5c33827265604ce78f091403f6bc09e555ec5c9a4da5bbb9a8176d8774cb7c1

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\channel
Filesize
35B

MD5
ee01dcc5b74e32dfd0be4ed367621e00

SHA1
cd923aa4a3fd11420d012e67475106e441fa0d02

SHA256
6c9dcc12b4a769d50a0485e0dc696718055ba512d40fc1e4e5d49aac83c902a7

SHA512
6182d165ef80797ea05e1868d3c4e362f9ea22955a9468df7512def04ce7a4b6d1f4f920a13cce5cda7afec43fbf3b614fad63e0ef1ff5a9590eafb8170e6286

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\highlight_penetrate.ini
Filesize
45B

MD5
cd991e2fb3a3ef0a4550ce8d88d05bc2

SHA1
865d7421419c6e93efc9b28fc76d95a7625dd67b

SHA256
3e4472501eb5cf5b481a23edfbceadece092594189262dc45ef00485f96a218a

SHA512
0e200f5376bf312c0317eb44b53cb0e6f49d5792bbcf1eef150d8d2fa39edd6cd9eb6284cc1054afd0c22b1c83ef433b56b2d0e7eddf852bcc933d4d25fa56c0

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Config\highlight_penetrate.ini.lock
Filesize
59B

MD5
77175fa1083218f7448d11971c5c1094

SHA1
b6bfe95796dcc9ee5e13e101723dc615c1a20acd

SHA256
e8a8945e9e14d54786c350381bc06854a94719ccf03603f0e53254edbfcbe2b6

SHA512
58cadd6847f061250cb98aba421681bc66390fb5e41f79444e48a81aa89c36e16c79e95850c0098cbd9b821bccee9001447b2195b625f5970eaf701ace7b0c30

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\reports\80799c2f-5ff9-4b13-b616-e8b677ec2024.dmp
Filesize
12.7MB

MD5
ccf8d41569254893464b4ffa12e709c5

SHA1
ac406e3d52ca1354afcec8665093fae06e0d43e7

SHA256
c83f9b77ed94cc97cf40215dd9f176e74fe72da58515820340fd27eadc409d04

SHA512
68f64714787693a555bccddb4ad0431cb8f3df5202716f1cf455546d2fe8dbd582c5214af8b4cce04e4e957c62e378332261064ff241f8a50e4d9f963c6ebf94

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Crash\settings.dat
Filesize
40B

MD5
c6666640b12022b542bd6036e5b8125d

SHA1
8858feaed1263b4d4e569221a3938eb746d77518

SHA256
421bd60307f4f25a68e6c0b5ba2deb8f5afacfdf997eddccae2c029b5c9f1ea9

SHA512
ef1dc5a467919436125ae9936792e0c4656c701006c16e0364a25e5a241b9d893ae5497c0ff973dc5a822138d6b2534956717b637b246f4f46838a7c85b7e7f0

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\TTNet\9fe25638-5597-48de-92d8-c2054cb60d9d.tmp
Filesize
564B

MD5
d948a40b1ec25e51c2835d0d93578131

SHA1
4a7814d20f78fbf59ec796af8e598f926be2c37b

SHA256
1413fedf806ea4e46b9595df3da5e7299ca8085c8898d98c01f8128a67cae4e8

SHA512
df8a97b6d6b1fde800ad16e9ef90bff012c2287f92c8d4d18c8f6a034ee92dad69d2e10f02ddf049c6b870d422e1114d9aacf33a6450fdf5401d5c89c516a75f

Download Submit
C:\Users\Admin\AppData\Local\CapCut\User Data\Tracking\tracking.db
Filesize
8KB

MD5
8553a1c05cb36f3941e38f277a5ee416

SHA1
4605e1065d16f97b9b06fd6f212bbefa080e6acc

SHA256
ea289266b97dbb7655efd7f847cd7d6e52d6076e09e751498806bc8eba6c0ba1

SHA512
6293a33026c9298055e2d07bc1f9c80ce614ec05e72d4ba32884c4b747ebe66d8ee5d8fa014f55b45dc1f30cdae09a99858092f95f3a2ff228968dd31392c90a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\8b2036f1-781f-42af-87b7-a801725cdc07.tmp
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\8bd1309b-64e2-4c33-afd3-578efab102e2.tmp
Filesize
139KB

MD5
4dc38a118c1bf934e413fe047e73eb4e

SHA1
594627fe70ee123ce5855dc38ff66d647c25974f

SHA256
79379fa81dc61680df6a0e6ca8e33e896a222246df9cd6e1402dfdf33f548dd6

SHA512
fea839334d72e8fd22d6b3561580fd358e32e94a1b2fd58e22573a310cdc9c702ec56d66699a38ff743d78ee28dd3f93c69f3cdcac8e10ea5bc990552d4ae1ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\90a08b58-f404-427e-b559-87dcea8e4779.tmp
Filesize
265KB

MD5
66db27f0f7092c6f4b746c0a72f0aca7

SHA1
b1bd9d6f6e49383feb5f06d9e56d956e3a851dff

SHA256
0326e1766246def408642a2ea2b464e8a1b87f1056202aa51bbaf7e0f87a990f

SHA512
a1a7a5f91cc975aba232d59d570d749852690c2bc9f4c91ef25205dcbcd74d4db5af7aa012b845665efbaa7c5bd20968a02fa0e71348b40925c54db68176dccd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
98839058218839f994b8e103bad863ad

SHA1
231dc87642c3cdf4a41f4c21233c120f87e7b076

SHA256
236861e6339353e02901dcf56d40d9b09ea1070f1363b4a76f2c9fde294028dd

SHA512
399ecd3a4654a815e9f5275a9c59282bbc3b096809d2d322a6aa04f932924a10a15d0f1fb3b3944193c4d6a88f0724e11faab8ec21bc57d09ebfe9cdbfb34775

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4b4c0abd-29ba-4ce7-882d-5741ccfecfb2.tmp
Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\86727f03-e1df-4139-ab5d-d8eacabfa19c.tmp
Filesize
9KB

MD5
7652f59a44f96a5b4c514bfe822b1973

SHA1
dd552182a6796c9be044d03997e747464975d28e

SHA256
b69c9e0ed367f2811ec8d0094c30baed2a7e92b1f9e6f1b9427b2a5f6c534619

SHA512
1dfcbcb6d6bc4f66ac5ea4bd063735bed3586d3b37b3d9f0ce28883945f8c3da9bcee897228ed807a96e57faf4b228c7b9266cf43fad48b30a6ca0ad3fd46e03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
Filesize
99KB

MD5
f33bbefa9c98785a22f1345822fc9721

SHA1
30ad1d8a8fe9e5f6ddf1dd4a5bc962b3d7e33bac

SHA256
0d9fe17fb9227cf3ad2d4012e588ab9be8e34df6f27396adc6216710e7496499

SHA512
9820d53fccd139386f7cee62beb2a1a5098d7cc594b9b7345e266f85028c1e0fce1e971cd4559abca3f36dccdaabdd09128bcb3081427f2515402fedc1c2fefc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
Filesize
69KB

MD5
86862d3b5609f6ca70783528d7962690

SHA1
886d4b35290775ceadf576b3bb5654f3a481baf3

SHA256
19e1a1ad6c54fc29a402c10c551fa6e70022cefca6162a10640ee7d9b85783ed

SHA512
f0746c23a06effd14e1e31b0ea7d12156ff92b1f80445aa46e1a4c65cf5df4bc94f6dabe7aead01f1bd6a6c7b851b577a11697a186426a2c8dca897c48515ef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
Filesize
324KB

MD5
7a2499f444a0f81d580bb58a4ebc86d9

SHA1
c80e1db934e244f11892f9683444f6dd2584323a

SHA256
b4e2c97ec8ce695352891e4b16efb59d312447d3144a67c4ad609b1cee600648

SHA512
814981e4697fe9dc47264a1b5867fb0a35d8dbca2f96d4677174a4c7bf07fbb6139d82120a3ad3c3fe81db4fba0c91f7c304c6898627bd4cf3f268f3b7500fb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
Filesize
137KB

MD5
e5122ed5257471ad89ad07a51d341957

SHA1
32c1870e500dea28294912ef1352d6422158d5fe

SHA256
a54d7204c4c16d1558db09e6eca85b604a917ed189f0fe900ada38426685d713

SHA512
2c860fa57ba5bb5cba7d9697498662afedb1e29a93e6ffc0f1151c2c4297f19f5234a4539aef8ec9c667e46eec420edf35c9be7a48ca35e9b3351fd4afacf93b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
Filesize
149KB

MD5
2eb984f3cdf5d4b7c84ab99e2595f6df

SHA1
90b1277a2cfa50c946d33079ae5c4e333885505b

SHA256
9f21065f537716dddbd80314ab7e4386c271a6a65f2bbf59659882a24ab13647

SHA512
a47d494b7ad8c77c04ca269031542b873d4a28bb71515f3c7952fe1a30baf7cdace3d547ad5baf28195cd07154de50223abd0e50246dcb8d6a2e5120e7187c15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
Filesize
27KB

MD5
a0f5c51dd71e0c76965c1c119a71b175

SHA1
34f15b63ea368453435dee6c535ad24c82e1572e

SHA256
51030e8db965a0d67d5d101e5585dc2d5ba3e08eed95de58f9a30f298c600ed6

SHA512
7985167a2576c7a2a2482982009ade284dbcfa7f2233f19b4c78e94536a5987c49e21fa78bf4197f54ef990891a04e908e374ebe8703025bb79fda23b9fcf3d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Filesize
66KB

MD5
25a3382f20db29dda373559248dbc605

SHA1
3275d485bb1b9fb16e423216b57fbad011eb2104

SHA256
e4e6e0dbf1603234e5fdfd97e5d7446d4c512b5b24866af96167a421886d2eb1

SHA512
bd76ff19ad7fd5cba66e6f6b46503e61e147b242028f6f8c435e500ed9c0f78c9ff849f2daff4f10787cebc712bac116eb12a4c973447c0523c9dfe367ddac5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
Filesize
17KB

MD5
9102662c8b80875d3440c7fdf06545ae

SHA1
25f943375cfe8201dfd7f635e69583d6acd093ac

SHA256
a8f7eb599e8710533e62024f337ddd13246ebfb861d66266f80da637e4d38eff

SHA512
aad03ac2237a9a4e5d7247be7461116213f59d4c13aff62f00f81518e6091c344b618ee5a3d67cecee5f04e45f45167327cb612f1c092445250a51aeb40c58e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
Filesize
47KB

MD5
24edf43fe24e0e2e7352dbf325da6d4f

SHA1
26b8244d8366e748da623305c3640f7067c3c22a

SHA256
26d41b24cbbeb3c94bcbb52078ba4604564b15244e1f7a519d835a46101a7db9

SHA512
9660c8e0aac4c9061c535ffc8058d999b614e891b00bb60de16ba80a4910c79525538875174c7a6cdf430676fdb403ae63be39d2cba81518bb82e48cccf4af64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Filesize
95KB

MD5
7e932c178a1a2bbf09e8d3484b16d8c6

SHA1
be542e31d940563daf1b8530e076fd5d99ef2bb3

SHA256
05d0e53d62deba543a6847e8ac7a6dbc7c6d60b05e27eb1860f098bd26b33ff1

SHA512
31cb094efde12da21482828c0a577b6536b475a958c485dda9c54f46876befb790a24f1311399cdc1164fdff9989121e4fade3ab473df2d7c2c222bdb0391e53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
Filesize
790KB

MD5
c74d91628b1ad64d84b6eedd9f7c996e

SHA1
b88dab7c50a8a65b21cbcc6cec903fd92f04df73

SHA256
3458831ddbe1346dae98c2df768c946faa4f5a1f356a64d9028598fac5aff3e4

SHA512
51ff90042a939af9dac4e4f7831cf94183feaeda54496911e535fadbc6f1b38f729a16344a6e5fa92bf90280a6b38a5ce7980842a73c4958e2b6d43a9ed2fd16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
Filesize
33KB

MD5
29fd127a703ea13ee1d9a4492e447c1d

SHA1
4550738e0405bae4e39b412dd09f0adcd1a9582e

SHA256
e33d4e1b7409ce8d8ba757c8805103527f12536818ff07264b5a65411d62df1c

SHA512
42268407a36ee94f9750a1c9bf8195ac7a856972d1a9dc4e7394221d732b1fd397c49b08b90414c053b771223efafb68702fd47e17cd069c175090028cfb9b18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
Filesize
27KB

MD5
02dbb8b5695eaa16c15040a1e0d1d9d5

SHA1
0c589d4cf36dc04ecc6899ab27050dc1cda80647

SHA256
20e906ebf4ebed2ae1788e6c5044c18a20363846f15b1c98909985deed9ed749

SHA512
6fde53dac2aa5bd8ff1f4328608b352b3c8c13962efae95e57ebef9a7052456afc50d741de5cc401663c936446594b180acf4460318de05c1192e79861513874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
91a1cb49521a97f885d7c26d12e62ddd

SHA1
a0f378673a7e3cd01f0b25a0bfb3d0932ae1c1c1

SHA256
13957e49958a8ea9f4ad1f3dac4df0cefb502bc387f15f683e7bb58405b073d7

SHA512
728f018adcd344f06160bba84a32212f6a0a468762d7a037fbc670a65e4dede533549747f2dae2f106f89486a2ba09e72f852f7418b5ba03c5058b658c47c701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
75d19b601ce883c5c1f74e68eb6a8926

SHA1
2ce1f56a16321add40fae75efb668a1c2c8f9157

SHA256
594ffcaf60de49d65d201b133d70cefa0eec6e999ddc9d23fa15821b3f36b012

SHA512
13a39266e0980de4da6010b4c70d61cf8fbea3b390196a8b4648f3ac9f7a102f39bd0eeada1eda362a46e5f5a6c73b6f0137bcbaf2940e904452ecec431f78d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp
Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000011.dbtmp
Filesize
16B

MD5
6de46ed1e4e3a2ca9cf0c6d2c5bb98ca

SHA1
e45e85d3d91d58698f749c321a822bcccd2e5df7

SHA256
a197cc479c3bc03ef7b8d2b228f02a9bfc8c7cc6343719c5e26bebc0ca4ecf06

SHA512
710620a671c13935820ed0f3f78269f6975c05cf5f00542ebc855498ae9f12278da85feef14774206753771a4c876ae11946f341bb6c4d72ebcd99d7cff20dcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp
Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
Filesize
16B

MD5
a6813b63372959d9440379e29a2b2575

SHA1
394c17d11669e9cb7e2071422a2fd0c80e4cab76

SHA256
e6325e36f681074fccd2b1371dbf6f4535a6630e5b95c9ddff92c48ec11ce312

SHA512
3215a0b16c833b46e6be40fe8e3156e91ec0a5f5d570a5133b65c857237826053bf5d011de1fcc4a13304d7d641bcba931178f8b79ee163f97eb0db08829e711

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf77ede8.TMP
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old
Filesize
250B

MD5
32de5313ffb875297fa05286fb346802

SHA1
30676722e03d8f2e599f5e1307b14d4efd8bd55e

SHA256
ec544d7142df1127dfc16a52c303d38964370ebf31e79ea1f20fc6cc8a60f0ef

SHA512
a32ac7624ec07534665f3c1db17142686b2f952ef49277b26a552b134df6925816f727f1e437755d913ce0dbaf601baccd19535e57d7ffd065d6fe9d8ac45aab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\720104c8-2a22-4dbf-a7b4-43fbf6085ce8.tmp
Filesize
7KB

MD5
ffff3099a63ab688d8a86d887aae0917

SHA1
3a0e0fd853363d6d1681e48457f3d030a2b58682

SHA256
44662271b771c5f23a31df8a99e662eea2d27b99254943fdad614781c1a15f10

SHA512
d813ae7238270c040b75492ee558f02668d8d8452b3a1175af8dc6801960d02c0da7188291fe0c4ac0b37e1b5256a7924bc5546af95ce650958fb6f7fa6230b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
9551929529d127f729743d8379af424c

SHA1
9822eb11a6fef06a79156336bdcf415f98c89fbb

SHA256
12bd51e919d322391baffb94229aa0a7c7ad2a3d736bc186c624d593eacb1374

SHA512
fbcc0a8066ec383f3f47843040978b398ca92c65297656897081d32959414a94c02bdc6f0f6c2a3005b9168580b89c27532c6800310e3eb0f451fa717aee49dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
4KB

MD5
70e92e51ad9eff1315e08cb6bd4432c9

SHA1
e66d6ef9e8600dbff2f1d630d0cf0df12eebbd9b

SHA256
29f3a7f76a0a3b7798fb18122658eafa6b134fcee9b5894e0b8fa720a7903f65

SHA512
aef91344700121443852b599c6eccc750e775cc73cce08e840b06fc0510bc50f8a90adbf4c031d9a2369646a1746bc6d15a5562fcf0e97a8daed80a8a3483bea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
983B

MD5
487a21a10ffeba8667c15f4c69085284

SHA1
96a9fa60f3a5e6635286e156b9e6ef832d975f82

SHA256
48a62f2692b4fa1f5d553056297a3d4fa1fd0106367b94408edf87f962c28224

SHA512
624ea93f3a9bfb7dd93d476509c4b043b4880cd2c1c2b75a463ba58aa27e67e3472809e76a55550504c4a30f79466a3f1276f894233caa947a3d3f3962f0aa05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
7KB

MD5
69370ac7da1cb1118ed851d38b114586

SHA1
75fa6c69d829450defd1dc596d05919e7cf40fae

SHA256
3e2c9aa17e968ec67fa4cbafa447d92c64a197214655b67fad8207e4cbec21d8

SHA512
7f2b5361c50001a9f7e0c74d74060d322d438cea2e861a57d09894f1437ff5bef5afe8da80394dee3d186f482e1bd0c8a413be4780b65740656cb8180d509635

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
849B

MD5
6f40a8adabaf537d1a4fbe6c7d613c19

SHA1
36787b62ba7bf234b77419aa228ac7ff14902728

SHA256
4b8c441b965d2198b36844f7217f8abec844d069989025b6c342fd6997118da0

SHA512
e6de8addb21fcdf4b4fd01dd45698ec4854075485fab40e2ce2301ed8ade48dda0758bd7efb999fd36b9cbc4650cb34ec421498d6a89aad319d706f7266182f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
527B

MD5
a6991594b6a9f45de1cd7a4e281a3cb3

SHA1
b19b39b1d61e9cd8d25659b9e7c41fb0b41102de

SHA256
fffd7b7cea1d9c96bca28a9948c4d0a97955daaa7935929be8365b7ff9d46610

SHA512
769973e6f961ea6e91e9cb46864f2bb2bffd40146781f62e05dc177ac6bad5b7af244f28debb10c1332e7f503dc7b0fcbee9018662ce3ea2cce54dfec0f193a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
527B

MD5
68af1d1bade43d5c0a24bb40e48aa195

SHA1
6e3dc6a7985d9c2a04a9abf5793c107993d4fc36

SHA256
b8ae86e77c3857411fb33d26b36f6c7d8bfa5d62bcc5d983db1deefe1f9f834e

SHA512
d0d43d13b1f2a807f5e31989a594800e3b069ac776592c1ca38011f240778b3be84c623656672f1c44110cb58c485d0d6a162d3a6848ea15633dc50836c2857b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
361B

MD5
5ab2b7204ea224068738dac99cbe34c2

SHA1
89380127c61892e6327a74059faf46b6d37840fd

SHA256
999b0157bd05dc7fb498ad2466e7decaf4dbad2758c7d33798e0fa8880a20808

SHA512
15c42369db7d1a4c4f07cc433dfdaed101f174ddf7f0c9a123e7b06f26742517cf04b99f92e57eba7e32c2a467b8f25d9c722cc44d0bb75fca0e7af2ccf635a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
853B

MD5
96647f8b49a8d1de011355a6c62ca989

SHA1
73742bc6acb09db135ca4bdee767bfdcf6a966d1

SHA256
eb8d0176242bbb75656a3b2059892c575262c05a9e9d54cf8e1e5b0093569a09

SHA512
6972f813d4fd3ee1a8eceefee10eb277e33b3a285673ae34083cbfb6127f483dfee68da8591dd781237d908ef7ad87e6057e2339394740f66d2b852b432d0f65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
b2118178002a0e0e16fcc83e39c05209

SHA1
64b152c3d22eb1864840b27c9b6c3a57609e9bdf

SHA256
68198d927a4f4df9046cbf64dd13ec1087257e63d663425aeaddae0e1d902e2a

SHA512
6397bab1505938d933ebc3c6e9391a35bb46cc44233ea39c781463739c964eb3965fdee37cab1c961407950caacc4dc9f402c9237e74c051b6fb50e575c1ec6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
847B

MD5
25e074944c3db1c9d452de8977be6cf1

SHA1
5a15c8fbd5d8cde2476162132b9d6447654a2dfd

SHA256
16597f4920e33aa9063706cbe60ca82eb2631f23c54608155bad2efdd54bb2e8

SHA512
4391943979c3de64f2bad0e84bf28652538117335c29b85c9408ff55e9c4d57e2d297a80147f03918800498b4eacbe5e52c70cf83e6c2e925bf39f8586470387

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
851B

MD5
ee4651ae144b0f42f5f6f528e9fe7ba4

SHA1
105da6ad8525c463bccc0dd1a676b556a69e445b

SHA256
3bb57ee2d2094b96a0fc28963311f4878f1f5e5c47d08607b110cb092899e829

SHA512
781e3225a55e5fd761316a74b645818e14f9486ca426281ef341af1927b1e56552bd8eed471a8816a213c48ebe380c6e9cb4a850e90f20a87d12a58cd0134512

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
853B

MD5
28072d338b312367ce8e58169834faa1

SHA1
967686d666b73181699d682ed2ecbf4ed3508596

SHA256
7d5db627bd6efe317b7190f2818945a4e060a6c6510bc7d1af625d9cbb275649

SHA512
26fcbfb6d7bff50babe2a4433ddc4b1393edce4544ff8c4bc21cb76c0cb7549c38e74cf3ee3878756aa5354b4ebdfafeecf31184909867266d5acef7d72a0721

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
be1a3c8902b10cec8ad965c7b2eca195

SHA1
e9bb6fd6e50d1de4123a65d7f8c1cfee48d5b979

SHA256
aa1b644ed1329eab793896a807ce23bf4f1de8db0edd222823c5ba180c4126aa

SHA512
e1ea2e1a2d22033d5ebdece40e2e2e618ac0ffd83965d045a494744c74b055e6c0b67d4948673d90ea8cdeebe260a06b767e02daa15c6d2ed5b1f40a24167a04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
b31c2a8a80f4ae50d0068a6852714b30

SHA1
da4bba916ab68b7b5e0f0af43a750ab47f015d76

SHA256
0deb55a5e26f11109b763d3fd5ed249454a6703b8afb7d46f3f33ba018155433

SHA512
73777d4db7e4290cb849394ae15b056de9ba9da737ab53d1d3f25534f8c7a954ba68230bb69a73df4be6e3eb9fe8e6685fd9286356d120ddbfc21af85df3ca4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
f70adbdd644042255ccce63daa391459

SHA1
c0af95269967efbe8393e6784a4cc240612d4ee4

SHA256
b3d6a9d3bb4d5b72fa8f50110b4d57c7866584a9420c905eed6db58f82cb4985

SHA512
65fe19ee59569a6745bc67be4b49e94a8977ada48cff434ea79dc656e3e376c9354d3031a22bbec9771a984ca38e0eab7289fda3750eeb1217f0f804c8d44cc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
ec852eb8d0e6c763823a63bb8cdf902d

SHA1
e1dc790a92d18d9441ab30ec4384d2f39a8e6094

SHA256
9069b9b9fe3b879b973b28e3b95fa8d76ee0b6f5cf5c4ad9b1882aeaea2af9bb

SHA512
3af9fdadb1b24abbe52129cb18615c67a812e35bcc4da5f245874897939540809efb1649d76e606867d066eee8d8fd4730b9c8a232d70fa0f64d13a7f676d288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
d084fd231c47cc5a744f0430d533bf99

SHA1
39025d57fae3068e18e8493850a6832f3bfc92a4

SHA256
6310fa79e9d1cfeeb8a7a904869b178790c1e8f60e5dcc863764049d5554ce48

SHA512
3a3d31557af20fdd280a8974ad8872191bea798a40e431ac06caee23b9bf833381876319301695125c1aaa5d1758ef1795c11102d455e6f18d1326497cb3843a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
28221738b7d5357570a0825bf768278c

SHA1
4c7b9f0cfc17cfb753a250c0fe436ba580e031d7

SHA256
eb05e626e96fe3da997b740911cbc38bf4a395e20ea1a1070b7349bb4382383f

SHA512
202a06face4a5145bd8991e9cdb778437de1826568d13df71c28b45c6b293f107afca69f6fb26b2da34c2bbce1bcf9a0389f624939b5c91c2bf48eb9249c7572

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
da033e53c1d5310c6c4ce073945596de

SHA1
5e57b2ae55586eb117e9ea290e7939db1aa82666

SHA256
265083aca5090603e95cc1ee67f5d3c5a8799a3b47e5106670dd5adab09e8769

SHA512
7896aef30b0824e965e80e2766842ac2400211c3395cfeac064e86f14fffb3717590d7973edf0a08c96426e706c27fa29d8adaf9ed77f5d361658eb6bbf72329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
120bf4701570aafc7424b9b6aa3b6dff

SHA1
05cd7252052e932f279fc4511e490141a24085a7

SHA256
fcc7d624514f0cf1ea8dfd01155d105cdc967a76a1170c27ac9cbe865a7a23b3

SHA512
3517a076f0b2f374c8063240dbcc77c63c197dff2f9ab8ef621c03473ce1d0c2f316081f9293d85936cff86377fa2b1d2bada4d430bf2503ba4fc6b7bdda83f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
56b9380cdf3aaa573ffff3665c8adf9d

SHA1
0f7386e815b7c426c299734157229cb598cf4088

SHA256
3fe582696129174bf20ea31a0494d7d4b185c6e767c05f2dd8764ab58f299791

SHA512
6db3dc7261b9043f56e0173609235b6bd6e4deaaaa0b4d11eebfdf54cd2cd71faf761300e3daadb82e411518944c9d43e7ece9d25ec3d91c6f8715e7ac3d0d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
447dafc42e1c11a1cd562eb30fff7d32

SHA1
d79d001c77b2885d31fd593fe7302f186dff899f

SHA256
a6e4fc4ad818b34a9abb36e10ce922fa404914175ab4292e3869fb5c4e03f71a

SHA512
f6ea3124d710ab06fb6a4f7157111c7ae86bb9bed74c77d615eb80da10fa4b8cc53292c5d9a574d64072ddaafb15315fddc362c80aa19d81fc8acb1920480dc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
cf6b558465b7adea553b2c6bb750dfb4

SHA1
8ffc304159f2431583cbe3cc7553bf5e1b1894d7

SHA256
c089f297ae15fd4a67cab981f01376cc495c8c45d9912fbc3e0b51fbe4cf87a6

SHA512
111584ae94dc75969698536ad833e3cacdb0c55eb4a157d4cfda665916237564557f48bc75f2172a204c4a7a0cb08b4fe99e9bf73a36ea1a5bf63bcf5ad41554

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
0e757d4d4aeab392538461dd309ddbe6

SHA1
d217ac996f3fe31ac9d05d955d199534d5e283b6

SHA256
9215a13d284e94688ed90915b6d2533f90af1d9957c950044db6d668d67a7a19

SHA512
89963dbff5d7509c434196506b804790c059cf71e4b25e0fe898a9a588a6bf5bc21ba6fd5f01e6433be32c6564226ab1008bae3024436f1c9c4b39a5d1508e41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
793cecb02840f3839ddbfebc4e13cea1

SHA1
67f8b7e89c36cb27160878654af63401d1f36e9d

SHA256
05d8605b14356181428fdbd0a315ec6d6cdeeb597506f5ceb6572f64b1d7a11c

SHA512
34b65dc4dc563ba2b57005f337359ec78c10cd5113e1007559cad68117a583a79c3b94238bd3f39c3a87f8281e304075b473f80c3d737be6c3c2db92dd7f2345

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
b31540843698dedd2cb0603f01fc1769

SHA1
f451ac4bbe17abbd3680cb52bf975b4233eb7a94

SHA256
41804b575e70f57e3f00c13bf07d76018fd3157fe990de1f6abe3f3b9b837450

SHA512
55f037666ef5b20f04dee9904e26e456068a68aed36fc82f101495c15d9c8c3ad981c1a2d6eab7fae99866d0aa6ed2f13dfb2126a5b2d306d7346f6d5b58c612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
b2fad4bcd812d81bf1d6dc63736ac7de

SHA1
fc7e9146d3c4441afe2cbb98d6f987066f6eedfb

SHA256
f8da3e1987198d1f03d65a98d8499798a7ca7a933bb19353b854b1b7971ec709

SHA512
6c080513bd0d9b9f59a48b08656090acb69224bcb4fd38431c8ec90efaf2cba0b7c209331386d01a8eeb891bf639b2b14a3152bb359dff9d6253c75b4b0390e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1dcf6007-cea9-47f4-b1f9-b8f24550864f\index
Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
48517150b542b1f5ca766f332879b131

SHA1
f59cbb89a3c4c0bc7086286057aa56889f404505

SHA256
01a4adf0d5ed7696f40bfd855d4e2c9c6969f1cce8b4180ec308191d2b1c9e6a

SHA512
63e3c8e5596cdc849d9590423aa642a922709acdfc41fcfeabd9e7dd13209415d1d8d73796a6e19ae3e334837f726a6666f3ae4ad11b45dfa41e5c95c0e395b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
cf67ed034fa4ec898469f3b202b768f0

SHA1
a68622465aa90504bd58d4e5aff0ea9dfdcc4efc

SHA256
5519da90b000363bccfaf3a7f27c84e14a4a8c8167496099cec5a6a9ac174c9d

SHA512
5fa02e7a45a2831b167987b8c36beb1b3d0f42d9b6a2cf90b52338ecb7fab906d0237a847ba6e830cf6ff094188d9275ab97864a3b3b7123f677a5cf2db11bfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
55b4c7b6a3a0c7d5df1f31c4daaa40e7

SHA1
065669705aee4e8821d3bd67fd132f098174b446

SHA256
9516cceebe542860440fce9ff7fc1406adc897ab341db90bbd5f91c3ee7c9b2f

SHA512
4c84ea3271ec3bf11460d5713413cf4b26a9a75c25a382808d88e410131333569e39d59a1667eca37d309456461e3750d3bbac10f5e43a59f3a4c9faa4fb793f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
eb3f5a9e2aabf2b8f330992c62e5e910

SHA1
3ca7ce50ef63a4947134b8bbbe204179ef28c24f

SHA256
df4295ff3b41749a24d8a1f4f431ec1b8bd9359f2b8e373f0d451017cd56c107

SHA512
297303e494571eaee08d2cfc005c8559acbef8f89db77ff513f770c3f3951d98317fcf55cb4dc03f31efa556f6b3c2abc7d57f7dfff9dd07f80bf13c011dd893

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
63ed4c711dc538e7a3cf9435170682d5

SHA1
c16848f7515b54868c576fce2427e227812d619e

SHA256
ceb8f7d4205b6f9a0e6ffb4516fa5e676d5329ee86fe58bf7e9cb2308ff84d13

SHA512
72074603af21dce5f3226d848ee4859b8d32cb622c5552a64a68d489395a98620066dae37acce755824f63fc1c649645ed8f3165ce37f18d58eeac5b94948fa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000010.dbtmp
Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
265KB

MD5
10e648af2b804bfcd9a26197afefbaeb

SHA1
a8291cdcbcc54dda2c7d0a05a753f8f5a66a2e47

SHA256
57d8147aba5f03218f01684ef159889a7a1ed94686820713004f5bf440a05588

SHA512
b554e256f212559d19898208fbe50a6ddfc40d893d3d39e830831ba849c6b5db4591bc52c865f4dbeae366a3a02f392ec6bc33ebd55a5afabafc7aaae42887a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
139KB

MD5
07ab6cb8bb155e478afb3748998291db

SHA1
a776cd3e102a3c256a745058950d3612e16129f7

SHA256
43bc4b54993eac05c2b027d2cba6138b1dda93232021bd4f205453a13cd83c11

SHA512
8f174e4ab0a4bbda2fe6b01b207b96771d74b45d4516b24271d6e66ede809b8d88968c6975b454a51a6c5e0a8888c91e2f60a32fcff956ea801d519deeb0ba94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
139KB

MD5
19b1357f7277cb50b6f5f81a52ab9bcf

SHA1
f8bd9aae5668aa87f75dcb2a15ceecd9710a444f

SHA256
9c6b194796bebe51085f4e369257581362685996d22cda738f6f8b3308ebcdce

SHA512
fff031c06447665411c5cfb8f766955d5ab03cf47cd774f9e392b6357cfbf7ef41f0b2a77838aa173553230b009e06e2d5f480e6e2bdf209660d565e66b35257

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
75KB

MD5
e15231a2bae5f442619e99a162a19521

SHA1
6e2f31c7e587c6dc6d738e9e0781581d5fd737d5

SHA256
b3525733b48414b96234045daa3d74a5f70ff586a7379791ede0f24fb1def872

SHA512
9e0d9905d05be44f0fa4549a7fba7a380f5ccebff89244f0bb34d3738656cf13479208db03add977e5648c0ae6c0482066159525be6ccd607a80d60c69cb9a9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ce7eb491-91a1-4752-957f-dfd460846e08.tmp
Filesize
139KB

MD5
3d770171a5a435dbdf601ba98d235721

SHA1
a9ff4122855e6021414c1161ed498c1b1d97d03b

SHA256
a10f67fb27c9fe1b3378a7c732054fdfa02cf5b18e9b17fa5e7c44fb8dfa669e

SHA512
3ffab8ea2379d84f4dd0bf4871040a2e90c7a42a0e3b5eb4c0effd52d38c3c42d65db0b1c87d71a93a1ed241f1f10253e30a74e697cebd537723bb2757754e57

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar129E.tmp
Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit
C:\Users\Admin\AppData\Local\Temp\~DFF058F462944A9364.TMP
Filesize
20KB

MD5
812350a8edf3fb2906a2c5520a30d13d

SHA1
020cafa9c97112dd53d0775bdc4fd400fbd2d732

SHA256
aa533e0b31e74db96c94b3595c218ae116c9edafdc1cc173013389cb32ecd021

SHA512
fed7d1f2c40ce9e225ba1e66724fcbbf6bccdad8bac64ebaeac51e3eefb60f37fedf452b654829744394ced4feaa92f83fb08e9e01daa41176b27eca13495fbe

Download Submit
C:\Users\Admin\AppData\Local\VEDetector\User Data\config\gpuSupport.ini
Filesize
172B

MD5
70ac2ffccd9ee5a6fd76bd1061b2f5f6

SHA1
d6f760d5f8ea7b0ca9c8fda3d3a8c2bbdc46ec3b

SHA256
6f4972753e51d4d4b7efae7d37309bfc1b9d843251c82e223107d8c45802e744

SHA512
25fe98b025e6c800f54c008c86669def9befff6ecc3a58a63f041c2ab00ad7ac5b328fcc9d235ebb7d7eb2f9a1e34d27567b1385fe45521b9d03c95be2c19ad5

Download Submit
C:\Users\Admin\AppData\Local\VEDetector\User Data\config\ve_hw_check.ini
Filesize
976B

MD5
09cad5c76606e836c486f2b51ecd0d18

SHA1
96573b5fe5ff27e5242d61b71a1ac6da696b7fdc

SHA256
1325133be5f8aa4f77ea7d245c36fd1c933f4fc1a19a7868691ef3bd4c7afbf0

SHA512
308fd7baf120a518139eb47ade26818778e7e1e8c12aed9494e59f39af6c77f7f8015744b9a4c9f5b898077b6b49145f9585320f6de0dca9cc11c72382039398

Download Submit
C:\Users\Admin\AppData\Local\VEDetector\User Data\config\vesdk.ini
Filesize
1KB

MD5
e8681e05f85d2dfc485ca3f6da91ecab

SHA1
46237de99e17807abbaf53c803584502e8988bee

SHA256
f4a1eba75af9f55ee024f7bd364bcb76143d92c1a15bd538e2b807eef3925747

SHA512
d1cd51ee13875e82d774c2c926c58e5ba1bd443917eda0f8c3ffcc48364404cf20ea34e245faecaa277d64db5dc55342384d006962d8bbe9b23216d2ed5d1853

Download Submit
C:\Users\Admin\Downloads\MediaCreationTool_22H2.exe
Filesize
18.6MB

MD5
aa2ad37bb74c05a49417e3d2f1bd89ce

SHA1
1bf5f814ffe801b4e6f118e829c0d2821d78a60a

SHA256
690c8a63769d444fad47b7ddecee7f24c9333aa735d0bd46587d0df5cf15cde5

SHA512
fab34ccbefbcdcec8f823840c16ae564812d0e063319c4eb4cc1112cf775b8764fea59d0bbafd4774d84b56e08c24056fa96f27425c4060e12eb547c2ae086cc

Download Submit
\??\pipe\crashpad_2832_ZOBDLJJWFXUCYORD
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\CapCut.exe
Filesize
240KB

MD5
f19317a372021935ffcc5b8865b098d5

SHA1
d1952b91bcedf197857969316ce8b9257c9b5c3e

SHA256
52df76ee088d595b3705ada1b373b844ee2ae5f4bb99255d83eb78f4917bbab5

SHA512
05129a5322c680ea86f471d67d1bb3ddb180a55860c612082d698a3e13a3320fa4ccb4119a372dcf45a988946a80cdfa99dfdf6689dad9c65ee246897127675b

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\Qt6Core.dll
Filesize
5.3MB

MD5
7d34b38920728c923ced1068b69a4bf1

SHA1
8a62b0b93ccf5727d6c9cb454afd91657b6b354a

SHA256
a700dd7aeca808715f2fca26755d7cf5d3bd1f167f639c7a18bdaf921890793e

SHA512
fdf9c6517a56a59d9b2fac9c663e2884b24eb8df06fcf833eac7cfc7eb94e881b67cb2c37a3f99a3adbf4f444e0493ccb27fc44a13bb99b4abeb7ad42763ccdd

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VEConfig.dll
Filesize
188KB

MD5
01671cfb7dc00ab2fc4e6132613e1283

SHA1
8242cbff0e9c5baefbd39d061ba9a5c5d0c23908

SHA256
08d47fdd9a4522efd3c00367437870f68a7d0f4b890037b4ef3db9b5cc58b416

SHA512
86b5c9964e7f0e141c0410dcd457aba671bfd9b2017b91c26ca6b40c5dab3e1e469ff3896e6d905452b56c22bc560d37b99ec4aa9a2a8feaf71f993a03365479

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\VESafeGuard.dll
Filesize
307KB

MD5
d926a813e7bfadc2ba160d930962a9fd

SHA1
9348d69f8fa7858162567459e32d11fd8655f1f9

SHA256
fa1c8b721a61249fc1343dbe68af35285764b104c43d993ba5abe7eac6b88f9a

SHA512
1159a4e319de17410d1e463e28585f8e7407e2ba11807d6039a9a4a13a2078f654f8b72a9763af498fb10a3686372bd42288418806f0723cb27f8dde2766109e

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-file-l1-2-0.dll
Filesize
16KB

MD5
1536cf0238bdc0f6f79751edc3748be6

SHA1
611ab6263afde7f232bd518596c4ec5f0ee098a0

SHA256
9ed6867ad58a5ff62ffb3a3943e48ce2599ab3622d5c84bf016c6a979f624f2a

SHA512
83f1e8fe08fb389fe1873b590880138921678b6c64e145c4487b32c2b60f40cc8433175dae8330edbd87661503641194329742066ccecfa902f50e9aac075564

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-file-l2-1-0.dll
Filesize
16KB

MD5
52e0fac6d32a981ef11884b39da4580a

SHA1
f016dbf3728af4b766facf08cc0f3524aaae7c7d

SHA256
d613b57ff732aa9fa9c4416b951adbc3a119a6ba10e9210827ad7b5360fd0f3c

SHA512
adbb0a22732738fd50d678e8438d6940adb45996f8efafa52c94308f8b51a1af0d393792eb3ffad52ceaeb19eb0df38e04ff12bf6b758128e9699db1426e622d

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-localization-l1-2-0.dll
Filesize
18KB

MD5
f51704b23a204b634ec7ac3eb582f9cf

SHA1
7aa007b987ed295cbfbbfaae2cdca4e6e64d2cee

SHA256
e1035cb1cfb6400f7eec5de6aac688fc29b165361caac436b31bdbe5a7c18bbe

SHA512
49e4ecd5031d6753ccf7435b9ad405da786ed2edce017499074bdcbd03bda4f987cb630d29cb0b27e1f6b5913c1ef793b3507fe98177c3cbc38160b9f9d60ce0

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-core-timezone-l1-1-0.dll
Filesize
16KB

MD5
5ab7c9b0958f0be9d4c479219960a659

SHA1
34f78cd79eeb0e71982280d9a24ebb73942710fe

SHA256
c0709ae79388bfa4cdc1e159e6c97385c04c38ad1538dd6af31ec31a5dd75fd8

SHA512
639758b883f4b9726fd2246f900315aa280c9aef69a9c88bfb75a8aeb80a5a3f7999204e51a90a2f8013bcf8287cc078860edf1faf663ce3bdd05fd4654721a1

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\api-ms-win-crt-runtime-l1-1-0.dll
Filesize
20KB

MD5
5de208b03544aa861cf0c78dd1235063

SHA1
f0a947050fbedb378d10a35d9b3105233e6381f1

SHA256
9152c5860efda2c848300a4f608b10bba666e3a48e2aefa1e4ee3b817bbc0baf

SHA512
f3e67b0c315c7782f62984e2378c62f6c88c83581c4d65a79f92408ea473ee8a8c4e94812453c340ca4f1b8c74ba2ea37a62fa11256ad7443ced23a907ca4da1

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\msvcp140.dll
Filesize
556KB

MD5
4be644e3b3a95609f885f49efbfdb11b

SHA1
57450d7f70e74a73de76495adca9524bfcd1202d

SHA256
844609a2d0fdcb703f88843ce484468427eaaa8e3920fde3f7ce0b02bac817f7

SHA512
72fa0dd32d827cdec98f71e5f9d975ee8bce33c8bd679f27067ee570bb941806bb7df0d3c05a9fa91fe350d663eb7d14c1a863f8b320594a1d3d14a5c71e5f05

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\ucrtbase.dll
Filesize
998KB

MD5
935e934f2a1258e85f549d575f63468b

SHA1
0ea07c07879d3ad50303d48dbc90f86fbc3e257b

SHA256
2312e393ac0658d2788ba6a69111cddca55c7bf976d5f806e7f7a57357308542

SHA512
41e852e1649e3f39fe1a99866efa5af0bccec74ac28bec11af3c838da6dbdf1e5570dbd1fd6a5ae712dde5c77cb3dcc9dcc3788f630447a2b33f4a806c94f3c3

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\3.7.0.1358\vcruntime140.dll
Filesize
99KB

MD5
b87a22880c36a0417accf304aea84698

SHA1
3d4cb55dff3f35743bd2d58df748993fd23a8a05

SHA256
d36625db5bb129548e2fa1d88c17f508a368e0e2e4d2b7ef98f888dd977d6c0e

SHA512
6217447d9bb12eb596d875b76525b517f223ac5bfc178f5032e447fcaedb707619a5f0f8f1d4b0684288112a3a781d1bdf93ae723b014ff7d430dddc1dff6b7e

Download Submit
\Users\Admin\AppData\Local\CapCut\Apps\CapCut.exe
Filesize
1.5MB

MD5
d6da5d45c4adf8a38bc78d7b9fc7da51

SHA1
f2cfdde50c026c171c439aa70f387959d33792fe

SHA256
d532d39813e1f8ce5a3dcf28e044271e027dc6268fa6ae4f93f27ff2f7ba41fe

SHA512
ce18ab9124fea298209195f5af1d0ab3b57f40cf2ad3d700d9212c1e69280a03d20f4aa247797960ae081d2bffec8b8fc2631a432324cd3315e18c46c19a1fc4

Download Submit
\Users\Admin\AppData\Local\Temp\E9DDA433-AA83-40F3-BEA5-93BAD32DD698\7zip.dll
Filesize
751KB

MD5
2d97c2e0353cb0c63212ecacd326bb17

SHA1
53ac7d8a0f19314158a2e74f3d6f0d17103c1d37

SHA256
fe604c8747171a85f883b08fcaf32a64d59ff7c7ed89e862ad252d366ab66368

SHA512
392fce704b17aa367c6c8a09ccdf7505242aaed552a1772e14b828754d01ea3d1e7eef8936067fb87c7dec645783e80ace16aba8e342501ab09964d0363eefff

Download Submit
\Users\Admin\AppData\Local\Temp\nsd123A.tmp\BgWorker.dll
Filesize
2KB

MD5
33ec04738007e665059cf40bc0f0c22b

SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc

SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

Download Submit
\Users\Admin\AppData\Local\Temp\nsd123A.tmp\System.dll
Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
\Users\Admin\AppData\Local\Temp\nsd123A.tmp\downloader_nsis_plugin.dll
Filesize
1.2MB

MD5
f181413906a465fd0dd68cc4a3d98803

SHA1
5aa28be48047dd0b672ab98d5e7cbd8260486b4b

SHA256
e28ff7b8fc4b1eb2d1f394ce15de2fc031cda58db645038c8c07581c31e79dda

SHA512
8d0116bcbc3938b2ebdddf77dec87e4b6c872382d20b555571b0bc3e4a35f88d16bc450004f875a8271165b71bdbae5d4d474a5bfda4c7787da63f4325009c25

Download Submit
\Users\Admin\AppData\Local\Temp\nsd123A.tmp\shell_downloader.dll
Filesize
2.3MB

MD5
c052c0a2ed833d924b7799625413ac1c

SHA1
bdd08a29f4de283ba0eb3cda4abc26f6e85d4d5e

SHA256
098972cf9ddc9d574130e025a252a99b278de9cc0ae700acfb8c935c24eb1172

SHA512
89e67c29d5d8a401a70a5b572844f24bfde82d5d4259ecc5e6f12be0ddb434995a2e985914fc421973998e3fdc48b133e269e8bb1da513ec66199f01060162f1

Download Submit
\Users\Admin\AppData\Local\app_shell_cache_562354\app_package_61624597dc.exe
Filesize
511.7MB

MD5
61624597dc8186176268f66eb5a07893

SHA1
c46a079e6ac6999c66edc0a5cb2150e6593b9eec

SHA256
b14cac08aef5e33993863b486d816ec0f9b4ac4af3fd46ed639b9bcb57603a40

SHA512
14438910513ef8a2ef48f5999fd6febb90abbbad3af51db21595b655c11f24131854b44da8f02a20493b048eabeffae60a1d0816a3848cafab15a5f96c0f199f

Download Submit
memory/1360-7510-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/1360-7673-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/1360-7626-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/1360-7502-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/1360-7449-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/1580-8604-0x0000000002D70000-0x0000000002DB9000-memory.dmp

Filesize
292KB

Download
memory/1580-8605-0x0000000002D70000-0x0000000002DB9000-memory.dmp

Filesize
292KB

Download
memory/1824-7242-0x0000000077980000-0x0000000077982000-memory.dmp

Filesize
8KB

Download
memory/1824-7182-0x0000000000660000-0x000000000066A000-memory.dmp

Filesize
40KB

Download
memory/1824-7391-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/1824-7392-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/1824-7243-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/1824-7240-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/1824-7178-0x0000000000200000-0x0000000000210000-memory.dmp

Filesize
64KB

Download
memory/1824-7179-0x0000000000660000-0x000000000066A000-memory.dmp

Filesize
40KB

Download
memory/3220-7253-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3220-7207-0x000007FEBBB50000-0x000007FEBCB50000-memory.dmp

Filesize
16.0MB

Download
memory/3220-7246-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3220-6993-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3220-7257-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3220-7388-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3220-7389-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3376-8331-0x0000000000140000-0x000000000014A000-memory.dmp

Filesize
40KB

Download
memory/3376-8330-0x0000000000140000-0x000000000014A000-memory.dmp

Filesize
40KB

Download
memory/3376-8323-0x0000000000120000-0x000000000012A000-memory.dmp

Filesize
40KB

Download
memory/3376-8322-0x0000000000120000-0x000000000012A000-memory.dmp

Filesize
40KB

Download
memory/3596-7394-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3596-8139-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3596-8072-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3596-7610-0x0000000006980000-0x000000000698A000-memory.dmp

Filesize
40KB

Download
memory/3596-7600-0x0000000006980000-0x000000000698A000-memory.dmp

Filesize
40KB

Download
memory/3596-7438-0x0000000003110000-0x0000000003120000-memory.dmp

Filesize
64KB

Download
memory/3596-7411-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3596-7407-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3596-8141-0x0000000003110000-0x0000000003120000-memory.dmp

Filesize
64KB

Download
memory/3596-7393-0x00000000376B0000-0x00000000376C0000-memory.dmp

Filesize
64KB

Download
memory/3596-8140-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3596-7390-0x00000000376B0000-0x00000000376C0000-memory.dmp

Filesize
64KB

Download
memory/3624-9622-0x0000000003C70000-0x0000000003C71000-memory.dmp

Filesize
4KB

Download
memory/3696-8368-0x0000000000330000-0x000000000033A000-memory.dmp

Filesize
40KB

Download
memory/3696-8367-0x0000000000330000-0x000000000033A000-memory.dmp

Filesize
40KB

Download
memory/3696-8585-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3696-8586-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3696-8418-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3696-8159-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3696-8415-0x000007FEEACE0000-0x000007FEEBF79000-memory.dmp

Filesize
18.6MB

Download
memory/3696-8073-0x0000000000330000-0x000000000033A000-memory.dmp

Filesize
40KB

Download
memory/3696-8074-0x0000000000330000-0x000000000033A000-memory.dmp

Filesize
40KB

Download
memory/3696-8164-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3696-8069-0x0000000000300000-0x0000000000310000-memory.dmp

Filesize
64KB

Download
memory/3912-8332-0x0000000001B70000-0x0000000001B7A000-memory.dmp

Filesize
40KB

Download
memory/3912-8333-0x0000000001B70000-0x0000000001B7A000-memory.dmp

Filesize
40KB

Download
memory/3912-8324-0x0000000000420000-0x000000000042A000-memory.dmp

Filesize
40KB

Download
memory/3988-7034-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3988-6828-0x0000000077980000-0x0000000077982000-memory.dmp

Filesize
8KB

Download
memory/3988-6990-0x0000000002B10000-0x0000000002B20000-memory.dmp

Filesize
64KB

Download
memory/3988-7176-0x000007FEEBF80000-0x000007FEED219000-memory.dmp

Filesize
18.6MB

Download
memory/3988-6995-0x0000000002B30000-0x0000000002B3A000-memory.dmp

Filesize
40KB

Download
memory/3988-6833-0x0000000077980000-0x0000000077982000-memory.dmp

Filesize
8KB

Download
memory/3988-6835-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3988-6831-0x0000000077980000-0x0000000077982000-memory.dmp

Filesize
8KB

Download
memory/3988-6830-0x000007FEEBF80000-0x000007FEED219000-memory.dmp

Filesize
18.6MB

Download
memory/3988-7174-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3988-6752-0x000007FEC81A0000-0x000007FEC91A0000-memory.dmp

Filesize
16.0MB

Download
memory/3988-6663-0x000007FEF1F80000-0x000007FEF2529000-memory.dmp

Filesize
5.7MB

Download
memory/3988-7177-0x0000000002B10000-0x0000000002B20000-memory.dmp

Filesize
64KB

Download
memory/3988-6662-0x000007FEF27A0000-0x000007FEF2C4B000-memory.dmp

Filesize
4.7MB

Download
memory/3988-6643-0x00000000376B0000-0x00000000376C0000-memory.dmp

Filesize
64KB

Download
memory/3988-6644-0x00000000777D0000-0x0000000077979000-memory.dmp

Filesize
1.7MB

Download
memory/3988-6632-0x00000000376B0000-0x00000000376C0000-memory.dmp

Filesize
64KB

Download