hxxps://cdn[.]discordapp[.]com/attachments/1009780047260942337/1233900984577818684/main[.]zip?ex=662ec757&is=662d75d7&hm=baf8dcf931347357c32e929c5837018873e76c8a7f02273d397f305c3dba940a&

Analysis

max time kernel
74s
max time network
76s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
27-04-2024 22:13

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1009780047260942337/1233900984577818684/main.zip?ex=662ec757&is=662d75d7&hm=baf8dcf931347357c32e929c5837018873e76c8a7f02273d397f305c3dba940a&

Score

7^/10

pyinstaller

Malware Config

Signatures

Executes dropped EXE 3 IoCs

Processes:

main.exesubprocess.exesubprocess.exe

pid process

2680 main.exe
760 subprocess.exe
2384 subprocess.exe

Loads dropped DLL 60 IoCs

Processes:

main.exesubprocess.exesubprocess.exe

pid	process
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
2680	main.exe
760	subprocess.exe
760	subprocess.exe
760	subprocess.exe
760	subprocess.exe
760	subprocess.exe
2384	subprocess.exe
2384	subprocess.exe

Detects Pyinstaller 1 IoCs

pyinstaller

Processes:

resource	yara_rule
C:\Users\Admin\Downloads\main\main.exe	pyinstaller

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 17 IoCs

Processes:

chrome.exeLogonUI.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133587296444306595"	chrome.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "183"	LogonUI.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe

Modifies registry class 1 IoCs

Processes:

subprocess.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3062789476-783164490-2318012559-1000\{B8811249-4671-48B3-AB93-4496B158D331}	subprocess.exe

NTFS ADS 1 IoCs

Processes:

chrome.exe

description ioc process

File opened for modification C:\Users\Admin\Downloads\main.zip:Zone.Identifier chrome.exe
Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

1240 chrome.exe
1240 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

1240 chrome.exe
1240 chrome.exe

description	ioc	process
File opened for modification	C:\Users\Admin\Downloads\main.zip:Zone.Identifier	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe7zG.exe

description	pid	process
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeShutdownPrivilege	1240	chrome.exe
Token: SeCreatePagefilePrivilege	1240	chrome.exe
Token: SeRestorePrivilege	2084	7zG.exe
Token: 35	2084	7zG.exe
Token: SeSecurityPrivilege	2084	7zG.exe
Token: SeSecurityPrivilege	2084	7zG.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

chrome.exe

pid	process
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	process
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

LogonUI.exe

pid process

4940 LogonUI.exe

pid	process
4940	LogonUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1240 wrote to memory of 3144	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 3144	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1576	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 2352	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 2352	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe
PID 1240 wrote to memory of 1052	1240	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1009780047260942337/1233900984577818684/main.zip?ex=662ec757&is=662d75d7&hm=baf8dcf931347357c32e929c5837018873e76c8a7f02273d397f305c3dba940a&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1240

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcfa32ab58,0x7ffcfa32ab68,0x7ffcfa32ab78
2⤵
PID:3144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:2
2⤵
PID:1576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:8
2⤵
PID:2352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2168 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:8
2⤵
PID:1052

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:1
2⤵
PID:2980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:1
2⤵
PID:3504

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:8
2⤵
PID:1760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:8
2⤵
PID:4884

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 --field-trial-handle=1792,i,15847179649816337621,16503572538718587946,131072 /prefetch:8
2⤵
- NTFS ADS
PID:3388

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1744

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1820

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\main\" -spe -an -ai#7zMap4549:70:7zEvent26661
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2084

C:\Users\Admin\Downloads\main\main.exe
"C:\Users\Admin\Downloads\main\main.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2680

C:\Users\Admin\Downloads\main\_internal\subprocess.exe
"C:\Users\Admin\Downloads\main\_internal\subprocess.exe" --type=gpu-process --no-sandbox --locales-dir-path="C:\Users\Admin\Downloads\main\_internal\locales" --log-file="C:\Users\Admin\Downloads\main\debug.log" --log-severity=error --resources-dir-path="C:\Users\Admin\Downloads\main\_internal" --lang=en-US --enable-media-stream --allow-file-access-from-files --disable-gpu-shader-disk-cache --gpu-preferences=KAAAAAAAAACAA4CAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --locales-dir-path="C:\Users\Admin\Downloads\main\_internal\locales" --log-file="C:\Users\Admin\Downloads\main\debug.log" --log-severity=error --resources-dir-path="C:\Users\Admin\Downloads\main\_internal" --lang=en-US --service-request-channel-token=9D05A754BFCA86C1012DC91E69E1046A --mojo-platform-channel-handle=2264 /prefetch:2
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
PID:760

C:\Users\Admin\Downloads\main\_internal\subprocess.exe
"C:\Users\Admin\Downloads\main\_internal\subprocess.exe" --type=renderer --no-sandbox --service-pipe-token=B13C234B8C5B421E35631DC13694981B --lang=en-US --locales-dir-path="C:\Users\Admin\Downloads\main\_internal\locales" --log-file="C:\Users\Admin\Downloads\main\debug.log" --log-severity=error --resources-dir-path="C:\Users\Admin\Downloads\main\_internal" --enable-media-stream --allow-file-access-from-files --disable-gpu-shader-disk-cache --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=B13C234B8C5B421E35631DC13694981B --renderer-client-id=3 --mojo-platform-channel-handle=2824 /prefetch:1
2⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2384

C:\Windows\SYSTEM32\shutdown.exe
shutdown /r /t 0
2⤵
PID:1936

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3a21055 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:4940

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
2a14c1f27fd913e409b45178397fbb67

SHA1
8e423137acec73cc9531cc480a4851ce1edda0f9

SHA256
ec404ded6a4848c6ec5c10d7c5b6c554fa43de1b904f20e3c26a56832403f240

SHA512
3e43a73d9e2772ac85a35de4f986768b900f576ebed367980c55df1ecc2408444764e0198edc10db27e4ac15037d2ef86bec75f7e98691f412f62ca81b29ad8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
3eb1f13924db0f80423e93a6d2c4b13c

SHA1
ec97dfb84fadcd360e154bc8b423f45f6eaf748b

SHA256
b0078bbd9b7aaed18fbdade25f5edef9a438b1bc1d0b6659d70182c9167a94fc

SHA512
9a213c2e1bd8c162edc62b2a1f1281a7ebbb3b8b53a8ab6cf78ad4502f6276f3fa2a671c4af69f3f6023e7ba2c2129f81800b12f0cb810a29d800afb007e6093

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
e182c1d1ab5cd53e242614a6c5899fe5

SHA1
530b3d6ce3cb8aff3722ab5d5dbf65f2bb3e3076

SHA256
ec9b1c01d991dddb229f635ace4972fdeeeb2831db8aadae8426da3826468bb1

SHA512
93d58aec62791f80ef4ce04eb2b9bb450ec00223e3c8564c01b8db2af35775a1c20e75a8d025652d72245ae68e3fac39cd9e34d38baf62eb25792f19479efb85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
dd48a4858c8646c653b57d0afe22178b

SHA1
6b5d52a8db59a757ae177cb27a532c3ff1233994

SHA256
d5bcbb30ecc50ed4388de73ba97164332a8bac3ff18c8e1b9dafd4a1ec7fb890

SHA512
b303748b3ad4e32d683c9bbb1819df88da35a4e6ca6594db88d7d903b1b102e3ceacafd6c8808cf42cc7614b3dbef3cfc89f1f25451057bf059cc2835b6bd4e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
12524009be27ca3ab2562102102f9d65

SHA1
82e2bbaa6d97fbbf7213dada97df9538f8d4aec9

SHA256
1c1b1894bd5348e3ed245cd7d40e6f7c2fd8c1ffd673ed2531e96a59888c16ce

SHA512
1413be892aab68893b196c16c66bfdc480b8d363ace5ff23f87dcee8cafdb1182b7faefdeea10d3d76778742390a2640d4f48b4bddcdbb91694f9a363d085a11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
130KB

MD5
88ce58ca5a50ddcee12f3ba8f4cea6bd

SHA1
cf46c5c98bf5b2a4f46f2901211f7becd514cb44

SHA256
8c718e9e42c283b8f16cc35df10ec973f20b1bd050192ef006e892b25cf1c6fe

SHA512
cd5eb6de14f8145142ce57af70d0c20be4f9fe5a1587458efe50ee29fd6b9f4f4e7beb54b71b6b8009b39ce640cf8e0692af9dfc8a2a4a8876492af563a4a698

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
130KB

MD5
b8cf8af2072a37f71874845a762f54d1

SHA1
6b837fbd44731dac25f9594047dcec884083315d

SHA256
db65515d075fb498b959bc7dd1e8f39aa66fdbcc903e913f4210940dddc29150

SHA512
df391180d13168bdf71a673e360dd2075d29bc057db97a84771ba4237a78e588f52dfb1539596a1fac313f86643c6bc4e7795b7718f9f51a31e90f4f22043f92

Download Submit
C:\Users\Admin\Downloads\main.zip
Filesize
176.1MB

MD5
91a9f1c0b7290fe823508a8ef61f6707

SHA1
61279100942e4d647ea403aa1d8d296f731a9122

SHA256
148a7df460bc77debaa567ef92e8590a02646aef005faf7dbb1c3e47d126d9df

SHA512
cc8eaf35b1cf595c39c64439f03bc6522dd78a3ae4db0c263aa92a7f934c9691759d4d5648e68c3e076f115cebdb026d3cf9f22637e1e2917a756853a77ae477

Download Submit
C:\Users\Admin\Downloads\main.zip:Zone.Identifier
Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\hook-PyQt5.Qt3DAnimation.py
Filesize
633B

MD5
7e49a106518a0b24a385472f20897ead

SHA1
4b1f212a26d58d9bd950ecd74161b833baf75b29

SHA256
5287211c9e7572467fb325c9c9e2ccdbae124d45d1081fd152cbf7a0277a83df

SHA512
5c7ff7a786b906892b59547b975b60163b22c184ecccf263ebf7c3a1b7729145fad99fe10c5267ee26e345fd77afacd2230ec07d748ebc1b48da8dff20e9322c

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\hook-PyQt5.QtWebKitWidgets.py
Filesize
633B

MD5
0c14d4e682ffa5cd1272c416d9e35207

SHA1
a2c069b248de868f485caa2428d49a60ca368618

SHA256
f2fd53d6140e5fd8d20f7cbaac48b07443b2b6aa8d07b17119e8d76d590394c5

SHA512
3339cc05d87447d75139667914943a5f1f72f72291c985f698a549cd3da11de06cd2040a0841c6913a247d13343fa0294ef16e6ba6ca8fc1d8931d0be548e31e

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\hook-PyQt6.Qt3DAnimation.py
Filesize
633B

MD5
5a8c950f6874824a43331edf2aeb7077

SHA1
c14705c1d6d10d0d229f569eb7a2afe3aeb95ee7

SHA256
c7261094df2d79913d890f5e09b515284286ed0edf2a14a16f8b24aecd259476

SHA512
421095a0601cccbd4644ea4be751e56b671eb15879d99512ede9f101930e95c3da852f1f9720aca8ec947b224affbd5ace81e0ad4a8cae773c10cf9f13626703

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\hook-PyQt6.QtHelp.py
Filesize
633B

MD5
13a6f0b41293ec52e3372259f0294767

SHA1
02c2afb687a17d8234440cf6560dacc7a02b3a36

SHA256
d85f6a0f862a219aba0cc2917a09fb0c7bd2e84ab72169016b949189ed7537ea

SHA512
6a16b65546d42035e05462cea20b1a82f4c1f8800138d42b47deb3d07959c48d7513a938e15d57d536c6f959310b8f9028ae47e8d6b934b5784e183394f028a5

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\hook-PySide6.QtWebEngineQuick.py
Filesize
633B

MD5
eb6617a5dc51345a4ef110b519fb6979

SHA1
413d634c7cd29fc763a86c765afce5e0f4a024f0

SHA256
72ad4b8ccc384bf26b0b8ec8873d6487bb5dd3a250d453bf6bde09d1d2451bde

SHA512
df7d1888d5ec9507a613c93b3bc05897180a854d19532246d20917ba2eefcf3a9c746ff073696a2d12bb783e33eb869567ff9588020eb589ab78f3d81e584e69

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\pre_find_module_path\__init__.py
Filesize
2B

MD5
552dacb15f2019c8f3f74c55befa242c

SHA1
9762053d4defb8be822cb0957983a6b8796976d6

SHA256
32c4858e22cc2c967b42150fa550562a2c839c2cebcaab91cabdf6f4da020022

SHA512
a80f7cc2606ef6e5474e96b1e520c17ecf432f0da9a566bd157044130cfb548f10d929ffb5783008df78b6d07d07d109bffbad1998cb8309eccec7e4d3fc813a

Download Submit
C:\Users\Admin\Downloads\main\_internal\PyInstaller\hooks\pre_safe_import_module\hook-gi.repository.Atk.py
Filesize
783B

MD5
1b0bc7182c35820f0929015d09008c89

SHA1
685c570e0f8a4edd20d784fc1b6290040d0dce95

SHA256
7397fbe0a78f507b7eedf1ffb4941fbaa078e32b184cb6c29bbeaed90541d3b5

SHA512
dbfedd44c1f5793dcefabbf094cbeb480e9a59f39e43589e63715d41ade24fe29a72e58485af5dc57f4cabb44285d37de4393e87bf5200aa79a9e2e363a3d95f

Download Submit
C:\Users\Admin\Downloads\main\_internal\VCRUNTIME140.dll
Filesize
99KB

MD5
8697c106593e93c11adc34faa483c4a0

SHA1
cd080c51a97aa288ce6394d6c029c06ccb783790

SHA256
ff43e813785ee948a937b642b03050bb4b1c6a5e23049646b891a66f65d4c833

SHA512
724bbed7ce6f7506e5d0b43399fb3861dda6457a2ad2fafe734f8921c9a4393b480cdd8a435dbdbd188b90236cb98583d5d005e24fa80b5a0622a6322e6f3987

Download Submit
C:\Users\Admin\Downloads\main\_internal\_bz2.pyd
Filesize
83KB

MD5
6c7565c1efffe44cb0616f5b34faa628

SHA1
88dd24807da6b6918945201c74467ca75e155b99

SHA256
fe63361f6c439c6aa26fd795af3fd805ff5b60b3b14f9b8c60c50a8f3449060a

SHA512
822445c52bb71c884461230bb163ec5dee0ad2c46d42d01cf012447f2c158865653f86a933b52afdf583043b3bf8ba7011cc782f14197220d0325e409aa16e22

Download Submit
C:\Users\Admin\Downloads\main\_internal\_ctypes.pyd
Filesize
122KB

MD5
29da9b022c16da461392795951ce32d9

SHA1
0e514a8f88395b50e797d481cbbed2b4ae490c19

SHA256
3b4012343ef7a266db0b077bbb239833779192840d1e2c43dfcbc48ffd4c5372

SHA512
5c7d83823f1922734625cf69a481928a5c47b6a3bceb7f24c9197175665b2e06bd1cfd745c55d1c5fe1572f2d8da2a1dcc1c1f5de0903477bb927aca22ecb26a

Download Submit
C:\Users\Admin\Downloads\main\_internal\_lzma.pyd
Filesize
157KB

MD5
b5355dd319fb3c122bb7bf4598ad7570

SHA1
d7688576eceadc584388a179eed3155716c26ef5

SHA256
b9bc7f1d8aa8498cb8b5dc75bb0dbb6e721b48953a3f295870938b27267fb5f5

SHA512
0e228aa84b37b4ba587f6d498cef85aa1ffec470a5c683101a23d13955a8110e1c0c614d3e74fb0aa2a181b852bceeec0461546d0de8bcbd3c58cf9dc0fb26f5

Download Submit
C:\Users\Admin\Downloads\main\_internal\_pyinstaller_hooks_contrib\hooks\stdhooks\__init__.py
Filesize
428B

MD5
ae9777b484fe39a577fb02ab257379b9

SHA1
0fd5b4f4ae427a96c1b7df8c3044448279f265dd

SHA256
c4a8b461bfbd5f605fbafc83d170e69c31ce474008981db82f54d5567920865f

SHA512
1b84da8523abeee5b6ca54fab1027606e131a514dc95d572623e00a322c00eded51e674dee9048dacc3afbe67068007983febaa7c520bff253a30b4c54f6bb82

Download Submit
C:\Users\Admin\Downloads\main\_internal\_pyinstaller_hooks_contrib\hooks\stdhooks\hook-fastai.py
Filesize
565B

MD5
8fb750969445f2c60a9d84befd447561

SHA1
0d10b229afe430e6e9817a4ca7381789787d3723

SHA256
4812ae9489a11e0a0f254ab8287a95a40b1f6fb18e3e8205fdf0fe3ed4774ec2

SHA512
3e210caaee335b47170d54ab33995cdb144ef3b6b0a3a8725399c475d7311fef255bdade638cabca242d86dbc1a6b546f2d3c60c644d807332cc921cde25feb6

Download Submit
C:\Users\Admin\Downloads\main\_internal\_pyinstaller_hooks_contrib\hooks\stdhooks\hook-nvidia.cuda_nvrtc.py
Filesize
572B

MD5
34058b220fe2c508e2cb6705df0fcb5f

SHA1
57021f42570bbc97cc434fcc0b3546278422a366

SHA256
af1a7f8b185d9492e350f874ec7d658a9e50d2660d22b00719b4497c5f99d8ef

SHA512
23a3bc9ce908f0aeefe4d12752f6f861fb3d510467ce99d42cc5e6bcaaf488af5235523e2f63057d3a80436e4c8009c214401bcc56ca688c7f3d66b2c90830e8

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-console-l1-1-0.dll
Filesize
12KB

MD5
f5930f589b29164cc1913da7224dd543

SHA1
a48f9512d67f60f4a83be03323ffbfd1fe86a66f

SHA256
8f314fa84661de1ddb7a59af24f96c7a0731ab77d8b89417fba64689cbbda445

SHA512
835b590af5b8f703e88925de33994840c1e8fb51807c3374d41bc6d192540f761dd382fcd680eb78486ba7fe539320e3af9dcfe1479fc1222138c6a31c31e2f2

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-datetime-l1-1-0.dll
Filesize
11KB

MD5
986e1a053bb4c7ef254989b888eb0416

SHA1
5a4be3ca1b1aa1f3c0a3927a2dbd3d8e6f4d8fa9

SHA256
ee2c828e07583d651c938886a39317a70ec18254f4be37de1ba52bbc03fd3073

SHA512
3801c4fec021d538f6e9a2d29fd2f28cc5ca6cd4ce0903f1a322d1d96fe89e0c01653baf05a9318ac06573e6ac3027bd8e446247d7f1dfb6c54295c558ed4821

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-debug-l1-1-0.dll
Filesize
11KB

MD5
be0985a93d49f066c71d50469fb1736d

SHA1
333a67d34ace55833c761520292ed95e4e7db45b

SHA256
0a455b95154098fd916e859b3d3af928515f13cd9df745ebbcb726b1d28e6aaa

SHA512
723e72898874117346b2cc55c565b89b88d1ac95726df80112ab2e67a1a3e0bf38d751c65efcad415f1667b13606aa1c9620d4786e186368e275b8fd7cb78ea0

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-errorhandling-l1-1-0.dll
Filesize
11KB

MD5
feb34b945b55861295345d4de56daff8

SHA1
8d4ad7262464d5e3d256dae9e802216d83942fa8

SHA256
b1673091c1d1ebf5b2f5577f479d7350ecc78c3d0033428c51ffa2854f642874

SHA512
a51bd94c46e17371cfb6b213d2e138a09e996bb073bde0d4707917eccdb8f8b7e6a9f7461cc7992c77254d573a9aae314b7192788253ef80503cf4703e3b20bb

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-file-l1-1-0.dll
Filesize
15KB

MD5
7067670187c557f39168d871d158108e

SHA1
ecb280514d52d2b41dde19635e502baed067458d

SHA256
d7af49c42b42ab6d53d0115f491f485b15fec5998576c900699c00fa74b3ef9c

SHA512
3b67a1459c049ad79cf51f8ba790d8f0c70824db091180f3698a13f39c093f6d73f03b9e6cbff907fd5023af8fc78a3c7019c12dee6e0fbdf46fdd14973066e8

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-file-l1-2-0.dll
Filesize
11KB

MD5
740172fbadaf5ec1c087864972779dd4

SHA1
24dc24efe6b823b3dab6abdac21948096e784a7c

SHA256
02c9f0158565034baa66d94ab3bd7b35732c871933ce2b85442639dc9e2ba721

SHA512
e59b894eb84ade8943defe17c251087580e882565b57c160df137f6e6a957fc296f6f14e853350db2c17b96d7016cc544f7fde5fc14762c9c90ac19e1f7941dc

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-file-l2-1-0.dll
Filesize
11KB

MD5
e6f48279f9721c34af7b74145dd888a8

SHA1
a72065e72185db0127717eb8cc70f15feb8de68a

SHA256
c6c4529917c20ef5d1c13adefcd3d594198372b765e3766190ce35ec0f9cabc2

SHA512
72beb368c205a909b363839a4553fc780e536663df2f19095819f1048d9ebe07de6d3b9b1859143703be233be64537fb117d55a9a9fe4bf7d56f812e71fcf49f

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-handle-l1-1-0.dll
Filesize
11KB

MD5
b40ae20b189293d0d63d63ecbab3e7aa

SHA1
639b92babf14d8b0e0282d2857253a30616dcdd6

SHA256
d04d52e3be5bf04d3da81805c88fadcafc90a176a2205635bad8c9f7eb28b590

SHA512
c58452cbf7f0142b90ed41e8ddc1cd547c7c9aff8fe0f5cd336a1fc4cd8b63d27362924d8f00f0eaa9aaa2b5bad486e1e411717631af7b3dc486d5941cc7c599

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-heap-l1-1-0.dll
Filesize
12KB

MD5
784fa05af2ffc7e383a7cb71a88a6766

SHA1
47be971c7334961ad1fdb21deebfc2f8db4923e0

SHA256
c0ffd40740a11362afedf3924ac6d6fdc36164873881193729708d3623a06dbc

SHA512
d9b25d59619690f260eb5b9527ae3db1b23385a43da2912956ffed345bc2f097aebcbb4a21183a00d452e06b64c0515ecd7a173e123b5816800344f67b497758

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-interlocked-l1-1-0.dll
Filesize
11KB

MD5
6a23fa1869e61ff1721976383249dc12

SHA1
c250f9f0ae207648fa0bcb24dbff8d450b673886

SHA256
9380e020b85c9f5c0f95f54bf6f0f561b74a94c4e6b5fe1e66fd47ff0c8e9d01

SHA512
2ac944e535326f8da92de8ffd76a70f6e4c6af7819b347311fe7118d52181708efb9fc354a444f14b84bc5f95749c7297bd0e1d70d9e7a6de2ee540098d8fe5c

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-libraryloader-l1-1-0.dll
Filesize
12KB

MD5
9974ad2e6c81571e71e2837730e125f1

SHA1
9a54d381239e2d545c75c64ceef99912ec6fb804

SHA256
6de0990e426f0f6ca459f9a7ac0f3375279935e3cf182eb8dfd7106630865aef

SHA512
c4e14c382106e52214c478e9ed2046e3c4abb9d244b5bb5abc742b457a4372df6fef2300e8535af34095f19471e35e38e36edd27ac8cea8c36913e3089683cf0

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-localization-l1-2-0.dll
Filesize
14KB

MD5
38edcee1dc735c2259604545fd580aa9

SHA1
60fe52917c0f94f89cd46e1fc4e5924b79d6f0fb

SHA256
ce6855146cba2a1471cb356ae5e249d668243bc5369ea84d2d1902789f7805b3

SHA512
1ffe5328bcd91c22a8eae3b3c696a08a46937c359bf8e52497f2ba353ef4b1e791794a878597c8d05212ab7bf15b8105d695280eb7e69fe9071ffd4c373b981f

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-memory-l1-1-0.dll
Filesize
12KB

MD5
4899302c510347d4ee9bdb65a09f25fc

SHA1
3cd2a73ff55c1d08e0040454b35589d17de7daf1

SHA256
6f935269894476a6d974b183d3bbf87f94b81c282870a144debbef8ec7e1c7cb

SHA512
5b9bd75fd33c62c3259a8c20ffc9da460f1fa57daac4d2bb60a6525b3df1e52b02098f788a67f44e3073b8b89f6a75f296f942626700e4e063966746aba61674

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-namedpipe-l1-1-0.dll
Filesize
11KB

MD5
837342515ef2f9c53e202a02f4b8c8e9

SHA1
0deef23039dcd9c167097fcbd1b4191648906ec4

SHA256
94b423e8a81e3769c07e5cb49e0bc708f6f1dffb2f3144e9ab617b654aec6bf1

SHA512
6aa1b860fd941a760f69bd5b2985dbbc12271597f342474129a4d6455350c4f50c378fac98d02b7a6ccda9548dba00d25dd1b33f7205774392eec59c6d9e3b96

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-processenvironment-l1-1-0.dll
Filesize
12KB

MD5
616ae97ebc94e6f7066562b2e782db26

SHA1
058dee978b5ae83f97af90b1ffe726b023fbd45f

SHA256
7979cfd81388e22b95c98dfb4e308c0b1b4f18395eb4e317fbfe4369a1569001

SHA512
01e2a5e39e1e86c3fe89ed121db694572276b463650aa9467c2f63517927a71871393c6c80c302ec7df9a95564bbcbc1c209a7899fdfc842c2487323fc94464a

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-processthreads-l1-1-0.dll
Filesize
13KB

MD5
aca3e62c7646a34b58c23e78d12e0198

SHA1
13bb678e01c81c68d41eea5bd5a6aa6892f94674

SHA256
d2fce4abb9548be029c623940e5114e64017fac3a6e6a424cc8601367e877a94

SHA512
9952d9b4290439ce65e2f092893724f1c659a20c26cda4beaf39b7e76807a8daf62b791fe08bc854206dc70e2f18fefbbb5eb6bfe68fd463660e3d3424356599

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-processthreads-l1-1-1.dll
Filesize
12KB

MD5
2f17d6384b532dfc41b8d80d2605c101

SHA1
9abd5e43ede2d3c29ce4d394b5259ea25727bd90

SHA256
1410ca328d46dd446857a6d89a191eba28bb169f1e0ed12033af3ff5d03dc5a6

SHA512
9ea3878cb0ae958d5ac50c238eb96289ffb47f99beb9053ed6e02f548cc71352b91a8ffa0010ed2a0f9b19b40a96927f8d121208e7339598ea91cdb108c7957f

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-profile-l1-1-0.dll
Filesize
11KB

MD5
97ba766b4b10f6cf555be5f3cc231784

SHA1
b18f1ca1dae2618d23b6334df0c12c7402c160d7

SHA256
9a638b024d35c8eeb2bfdaa6318cad6c581bea1fce53c0aab79ad68407bf2346

SHA512
f8b9da71c72b1bf2fd1c951c6f32f2e528364b4d228f908e62f3e6121b9f9500ec6e76f2fcd8f9eae47068e3c1dfb438b6469cb19d7cedaf33ee3e29d3162e05

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-rtlsupport-l1-1-0.dll
Filesize
12KB

MD5
2757e7ab8b11915a0b35c5cc56dc9dc9

SHA1
16260c4b2c139208b7d4531fb67b673facc01047

SHA256
29fbd6c05549d7913739d5c62341cbde4dc88759dfe0a7ab2c63dcf0f719e817

SHA512
f987f6387b2f85c47600e516f429457ff2d57f7ba61dcf48f499aef865b2c330aba666e1017edad66d22e26d61ad1d6f075f6dc9543bd3be31830567e0a3ffbb

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-string-l1-1-0.dll
Filesize
11KB

MD5
8521375aef48f4e781b4f531c268477f

SHA1
d90accf2630870a4eb127414ada1b11951912e6b

SHA256
083e96f60426524450eeb8163f2d7805399915f00b698ea15e21b4e858d893ff

SHA512
25ae6a1b0caaaf37b4494a3b2e3a4dce16c7aaa1f2d6e107ada09df1639948e214bb74cafdba6c9da8e949b4be8b07bffc5018aa7e2d3772d2aea0600960cfa2

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-synch-l1-1-0.dll
Filesize
13KB

MD5
73c4ed6cb4373080b2d330983430fd3d

SHA1
78c53e5a60a7299502dd4f642a3cc6a050ee8ca5

SHA256
30a4519723de642b161186ff97ec9e46d2a35ffaa926b4dd79a570cf3e74696f

SHA512
51440499c232db09400b13f93b27843a9136b31a616c5f72189810671759ca9d138026db71e4c39caf9ac4bcd07c57d96917448b89d01ef94065bf5aa723d89b

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-synch-l1-2-0.dll
Filesize
12KB

MD5
1541b2aa39df08b86ba3caae73e5561a

SHA1
696cfd44a4e1723403d0dc5eaaa0e9f3fa00da5c

SHA256
338815131218bf7f7d97b8ef223611b2ee7ca8d7d59dea9077e7951582b5dada

SHA512
93d32c9ae79d164bb12e8a9088d1152f1984807ac597008588287d4164771c34ebaf274d13db7f761e12628c067582d7b49afb3d86a989525032b2b53ec5ffd3

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-sysinfo-l1-1-0.dll
Filesize
12KB

MD5
29d559918745aa796cd663a9d4125244

SHA1
0112be6885f77f479eb8932586d4c624c4b12af8

SHA256
7b00fb4a0984a1d22bdbe028a8927acf0ee86437e646d1cd62061d74b622381e

SHA512
2122a503da0789381aaaa97fdb0d4e3d225508c38dce54a0c382c3090528200a68de2bfdf1473c2a1fd0b54ad6eef7b67180e27f895ed4816d19d870c79c5942

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-timezone-l1-1-0.dll
Filesize
12KB

MD5
202babbfc439861c13377e652a1b5a89

SHA1
e68ca975d19c9d6fb6575abc8400d6e8d12814d2

SHA256
dec0cb4e7b45d9881179f4ec40b19420edfa8f1e2ef3c7bb25a39a67a0773d46

SHA512
1dd136d4a04096346a6c1606d9da456ee3638386fe1303b51924f9dd39dff0a5cff1c4170a82d2e7d7b409d303581f55b38166025222b4746165c029534234c0

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-core-util-l1-1-0.dll
Filesize
11KB

MD5
a031acb56c038da377c81e244727e8ae

SHA1
d608d2fda585b6051a57a227ad27ee3fc34dd35b

SHA256
324d97e9eba75eedce3daacb4037281083881275ed739f184fc44f3d736548ad

SHA512
61b2ed66893c9b3216bcc523c233a704e4e6610d5336ad2fe0bbdf21730f17445e298283a64a88448e3bdee0c09623c79e5198b9c2cd2b7ae1cb1ad329ff66fe

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-conio-l1-1-0.dll
Filesize
12KB

MD5
01626cae227f51c40055da48dd04d993

SHA1
e9a516b8893461a2ed1420d9c8545ea76d445c24

SHA256
04694e20c27c100abf281ecdee85b6c722ab4cf482c79c178ec98df490d5000f

SHA512
1c00fe956861f5794d4d6518c1671bdfd23a9c583cf187a9f320e48043ac22cf145a2b98cdaf601f47cb1621c6ea364cd3950e3aec535376b8b3e9480ecbb437

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-convert-l1-1-0.dll
Filesize
15KB

MD5
6631d6f796545e4c8972224c2cf6b0d8

SHA1
64d5f66f5dd6404edcb297d05441c1772f626e4f

SHA256
ff298053ca6312215c2226c7fd52863d28311f39f8def24a670f12b12c698ed1

SHA512
dddafa56ed399ea85a4c0c0f3f5ba0f92e75dd86051fd4848c4518a64baed083bc59335c44e123697aeb7d0c856b8438f690987e36a7bdbae68122827df9f15b

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-environment-l1-1-0.dll
Filesize
12KB

MD5
bced817b57b576b5ae5980d860ba3af4

SHA1
238db5baabde6624934a96e33c28f37aaebf4b61

SHA256
57c5a5c41a284696d80f02c3ada685196a613d89ba1ee7ee3b2fcf82d80a695c

SHA512
22602af52b78b14609f1bd95623ad9ee35a00255fdbbf2fa7fd4db6cb4bd5b0e79eb50ff95321fb3a961f8cc990ecace5695f803995d572222eb1c207d154e7a

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-filesystem-l1-1-0.dll
Filesize
13KB

MD5
945330cfaa752b395f621877172b1dd7

SHA1
cc6e65cf6ce41769513e71d6ba8b5a3dcfafffc3

SHA256
8cad63c1d688f89ef654e558f653bae8601b7598c4cb0eb3868a4dd54ad51966

SHA512
111de0e6498d3d479d33c8d02b415372d5e9b5eff712d3a3456dd8935f69adc4a5d748f781919240521ae9cf6aa0149b30915eb65abc5099e0bf042e408a1e0e

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-heap-l1-1-0.dll
Filesize
12KB

MD5
b5599ef505d01ed0d2e20aa26fdc087c

SHA1
ef7d454732cd03077382902ad1dce3b1c3331a10

SHA256
3627b070e4605eb6635bc55af6d3835eb06446eb5713427335c875f17c54e4c5

SHA512
ef8c670e1006dfd4a513033f0ade94a9538fc27a0fc99b2b04ffb8c6532ca25644fe391ff2f83972e48c1aaf4912e230e212ae35bf7518b255c65c35679752c5

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-locale-l1-1-0.dll
Filesize
12KB

MD5
10ddb31c8ad3cd81d7c3aff678a5fbe5

SHA1
b883dec799516cc2080e0ef93085c95abd2009b2

SHA256
59cd76e1cbcc506ad7211c396f96f51cbe65e1b02e7f31ce5773c1700f4dbb8b

SHA512
e324d715da8063e20daa90f301d72e975a88483693afc7a2327a355d137d9d55546f5ca5bc32439f344a31db3c498ff70f107511c1d98b7e6f7dbbcab56dc3c7

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-math-l1-1-0.dll
Filesize
20KB

MD5
d29e505c12de663b744eaef62ccee60a

SHA1
d2f4a59cd20889b260f8f79572ddbb1f8b1943bf

SHA256
f18ece461f1286fa0505b14d7150be11bdfc966cf49dbe0493169fd25dc6637f

SHA512
4b19c2fb306abbbfb1dead178dbd877d25c85d5563a506d6ca7e95678c71eb187e15b65987774e5d16d58742a835293e5d5869f49c6ec88f423dda1e934b79bb

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-multibyte-l1-1-0.dll
Filesize
19KB

MD5
ff996dea580f1a0d8759c4e169bc5d7c

SHA1
a863a08510ba22b0e16f6215846db74951ac9dba

SHA256
1347fd38cb9b7a095bb7a7e97287434f8b45b29b9f44e0db7e7911dcd5b422ec

SHA512
d98c3dadb9ee54f6d00879f86f1c5e1d1c8cab97193cd51fdbeaa7732dd802dee2a6c9f7223e4a18520990b520b6ad9cf31973f9d96d2b759f18fa11decc8005

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-process-l1-1-0.dll
Filesize
12KB

MD5
69839588e336e156856f9782c9657116

SHA1
93babea4342dddf4a61c126ced6800be8f0fa5b9

SHA256
24409635769f16c748bd5e76575388ddeb7ad0ab2bf4e4cc2b5983baf5b17bbc

SHA512
b6b9e107be44507457a1b58aee2de43fd3661cffddbdcdcc98392733af2997f3ddcd469eb4a73c697638c67eadb74041094474b5d8f42982f0f59f402c7a4da1

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-runtime-l1-1-0.dll
Filesize
16KB

MD5
8f1efc8ef773453eab0689d950ae370d

SHA1
36c703f4a90a4efb89dfbd042b112bac66542ae2

SHA256
76911cd368b605a300be39659867e10262fd4f27cf92bbd5eb1b9a2f5544eaba

SHA512
fdb33f34422531e95cd103d94948c762252383ae3a52f92960a9401895330d23b52cf2917cf35a7807332ada1f0f7d436dd98c99928f0d5291166d22a0af9259

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-stdio-l1-1-0.dll
Filesize
17KB

MD5
fba4470283b7292a65fd870837e87107

SHA1
f7e3a79ce3c7f40b5919e526b0453f04ca160ecd

SHA256
f1d772774630df9c837585cbfae9c42d192d29659ca5908faecf60d707e2fe9e

SHA512
cb6cba74f940f65338a25119e3f3b5a6abd73376d6f9f85c9c5ccf73432a0f608309ab77f15a974c54eb8a716b9546ff4aa698a0a26fd7cb7f5cee64c8cad251

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-string-l1-1-0.dll
Filesize
17KB

MD5
e8c7ba6f0522c65559b1aa0ae68122ac

SHA1
332189935a4e0166b047b386dda4278f90c3912c

SHA256
812a177173a1bd7446db4ce87343fba9e5394229d812e43bce65be4e19de266b

SHA512
2c8417087eb056e66a8ca3ade9d201a693ad76918ac2335c70778446ced3ecd99cb6c8c72260816d5e5f7b9a1bda61c53c088007511e55b6da9bcf51badeae02

Download Submit
C:\Users\Admin\Downloads\main\_internal\api-ms-win-crt-time-l1-1-0.dll
Filesize
14KB

MD5
54d586e50361a2ab7d844cacaa387fa7

SHA1
6c5a0bb89e0f3cdfa3cd3079d2070b7ba7e02422

SHA256
693651cc1a4361bd349a2734801b5270fcbff9bc4e88045086ce38ac5b92c8f0

SHA512
d7890e5c23bcf7b6c61db6e2b5a4c753c5767a9922f0718246f67d3dcb9f1f27c5dd9570508d9a3fc0ecf8e35dfed4e343d0e3739470e163b79b30c065b0a3e3

Download Submit
C:\Users\Admin\Downloads\main\_internal\base_library.zip
Filesize
707KB

MD5
d62108b7efce234b18550b0229de1483

SHA1
37703c1c71b24266c99a83b7b884c8f5ffdfbe60

SHA256
5a140269077d49515ef7e388046ba4e4923750efb4100fc226766033850e0a6a

SHA512
d8d08ac5a509e9c0f0573ef7507563c5d8241cb8bcab5d33366e5a9abbb78392b4ac9528c037431bc32953232bd4c7942faf1eb4fc0358b1c22d6d5c6fd9d5bd

Download Submit
C:\Users\Admin\Downloads\main\_internal\bottle-0.12.25.dist-info\INSTALLER
Filesize
4B

MD5
365c9bfeb7d89244f2ce01c1de44cb85

SHA1
d7a03141d5d6b1e88b6b59ef08b6681df212c599

SHA256
ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

SHA512
d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

Download Submit
C:\Users\Admin\Downloads\main\_internal\cryptography\hazmat\primitives\asymmetric\__init__.py
Filesize
180B

MD5
fce95ff49e7ad344d9381226ee6f5b90

SHA1
c00c73d5fb997fc6a8e19904b909372824304c27

SHA256
b3da0a090db2705757a0445d4b58a669fb9e4a406c2fd92f6f27e085a6ae67d6

SHA512
a1e8e1788bd96057e2dbef14e48dd5ea620ae0753dbc075d1a0397fbb7a36b1beb633d274081300914a80c95922cf6eab0f5e709b709158645e17b16583233dd

Download Submit
C:\Users\Admin\Downloads\main\_internal\examples\resources\pyqt4.png
Filesize
20KB

MD5
39d9669641105bbe2d4c0e55dbebffde

SHA1
dbcce97667b6ab197eb3b300b56631a4f69083c8

SHA256
04d5b9cb3fe6f56967cd842105b62903e68d03949d33d9940772fe5b2516d3cc

SHA512
3869ab77aae7fbf0c8a2762e92387a38e466334261c996fbe4e84011c195d00c6ba5b26c7f96cfa967d00d71ad391fc2916308dc3c4b60ce2210916b99f67dd2

Download Submit
C:\Users\Admin\Downloads\main\_internal\faker\providers\currency\it_IT\__init__.py
Filesize
284B

MD5
9ee777b013c6bebf2579e1f3822049e6

SHA1
8a911667a7e9f323dd66337ed593c3b54a4516b4

SHA256
18e01fe9604344c6c69b4617184759663e9b49f2ba8f3d4e99bdb54c84e6ff37

SHA512
5b5bdf2135bbc80a424c5b74dd4c1b96ad0d3f8f459b62b5665dedce06bb918b801c15ea04405e84488d0d901d248d5f1b17d3ee347d7b6e1b2eeda43d0c97ca

Download Submit
C:\Users\Admin\Downloads\main\_internal\faker\providers\date_time\es_ES\__init__.py
Filesize
91B

MD5
c1c8890b0967052bc2041b52f72b41d6

SHA1
cadb354e1ed4d9b3407375bf1ebc4ee8f5ca6a09

SHA256
d8e67ca617a8b7b22e937ccca02728aced5037b5fd89b4e358fc34115865446d

SHA512
76622f29067e8b012e023697c5d7e6437e58551807bc953bd16d0236d668657cafa3aad7dcd6b8f012c0d5f7bb77acb286332286d6f2185d522f6c64c1fb670f

Download Submit
C:\Users\Admin\Downloads\main\_internal\faker\providers\job\es_CO\__init__.py
Filesize
83B

MD5
eeaa6ca5cb7f4bb1d7e75797f9b5af37

SHA1
0ac3743facacbc2090930b41cf38bcfe2951eb37

SHA256
ce99db30f577944104a7365372ea8363cd9d0087a6e9d88f7b835a1926da336c

SHA512
b492e6fa3eb607683a6c6f5696835aeae5e4c12fd2d44346bfd954d25c0bcf5bda808c175b0b17e26a0d5daf4f91d8588de119f5b747a80b3cfe53f68bbecd7c

Download Submit
C:\Users\Admin\Downloads\main\_internal\idna-3.7.dist-info\WHEEL
Filesize
81B

MD5
24019423ea7c0c2df41c8272a3791e7b

SHA1
aae9ecfb44813b68ca525ba7fa0d988615399c86

SHA256
1196c6921ec87b83e865f450f08d19b8ff5592537f4ef719e83484e546abe33e

SHA512
09ab8e4daa9193cfdee6cf98ccae9db0601f3dcd4944d07bf3ae6fa5bcb9dc0dcafd369de9a650a38d1b46c758db0721eba884446a8a5ad82bb745fd5db5f9b1

Download Submit
C:\Users\Admin\Downloads\main\_internal\libffi-7.dll
Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\Downloads\main\_internal\pip-24.0.dist-info\WHEEL
Filesize
92B

MD5
a227bf38fb17005b3bdb56ccc428b1bb

SHA1
502f95da3089549e19c451737aa262e45c5bc3bc

SHA256
a2241587fe4f9d033413780f762cf4f5608d9b08870cc6867abfde96a0777283

SHA512
a0ba37a0b2f3d4ae1ee2b09bb13ed20912db4e6a009fe9ba9414830ad4fdbf58571e195abbe0d19f5582e2cf958cfb49ffdacd7c5182008699f92a0f5eec6c41

Download Submit
C:\Users\Admin\Downloads\main\_internal\pkg_resources\_vendor\packaging\_structures.py
Filesize
1KB

MD5
de664fedc083927d3d084f416190d876

SHA1
fe0c3747cf14e696276cb6806c6775503de002b8

SHA256
ab77953666d62461bf4b40e2b7f4b7028f2a42acffe4f6135c500a0597b9cabe

SHA512
cff19a724fac387599d98c0a365849078dbcbea65efca1ee445f158268b9241e552212a99e7e0b34394d246e3a06c999a7f1a967f64b2724ca9b623d62996c6f

Download Submit
C:\Users\Admin\Downloads\main\_internal\python3.dll
Filesize
57KB

MD5
3c88de1ebd52e9fcb46dc44d8a123579

SHA1
7d48519d2a19cac871277d9b63a3ea094fbbb3d9

SHA256
2b22b6d576118c5ae98f13b75b4ace47ab0c1f4cd3ff098c6aee23a8a99b9a8c

SHA512
1e55c9f7ac5acf3f7262fa2f3c509ee0875520bb05d65cd68b90671ac70e8c99bce99433b02055c07825285004d4c5915744f17eccfac9b25e0f7cd1bee9e6d3

Download Submit
C:\Users\Admin\Downloads\main\_internal\python39.dll
Filesize
4.3MB

MD5
11c051f93c922d6b6b4829772f27a5be

SHA1
42fbdf3403a4bc3d46d348ca37a9f835e073d440

SHA256
0eabf135bb9492e561bbbc5602a933623c9e461aceaf6eb1ceced635e363cd5c

SHA512
1cdec23486cffcb91098a8b2c3f1262d6703946acf52aa2fe701964fb228d1411d9b6683bd54527860e10affc0e3d3de92a6ecf2c6c8465e9c8b9a7304e2a4a6

Download Submit
C:\Users\Admin\Downloads\main\_internal\pythonwin\pywin\tools\__init__.py
Filesize
1B

MD5
68b329da9893e34099c7d8ad5cb9c940

SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

Download Submit
C:\Users\Admin\Downloads\main\_internal\requests-2.31.0.dist-info\LICENSE
Filesize
9KB

MD5
34400b68072d710fecd0a2940a0d1658

SHA1
57aed0b0f74e63f6b85cce11bce29ba1710b422b

SHA256
09e8a9bcec8067104652c168685ab0931e7868f9c8284b66f5ae6edae5f1130b

SHA512
3705b1ce56dd19764b7b9e363936e36cbeb8309ceb0f36aaf94d7f9ef1dbd45bff9deadbb73ee7f56210703d5e199dcb4125744c3e459d2647fa15b2c0eb0b77

Download Submit
C:\Users\Admin\Downloads\main\_internal\setuptools-68.2.0.dist-info\WHEEL
Filesize
92B

MD5
18f1a484771c3f3a3d3b90df42acfbbe

SHA1
cab34a71bd14a5eede447eeb4cfa561e5b976a94

SHA256
c903798389a0e00c9b4639208bef72cb889010589b1909a5cfbf0f8a4e4eafe0

SHA512
3efaf71d54fc3c3102090e0d0f718909564242079de0aa92dacab91c50421f80cbf30a71136510d161caac5dc2733d00eb33a4094de8604e5ca5d307245158aa

Download Submit
C:\Users\Admin\Downloads\main\_internal\setuptools\_vendor\packaging\_elffile.py
Filesize
3KB

MD5
8bfa9d7aa566d419f6c8a15e68935499

SHA1
34190a771dc51364fc58f05326e0fed1f37eac61

SHA256
85b98af0e0fa67b7d8ea1c229c7114703d5bcbb73390688d62eed28671449369

SHA512
b5caa4a391d731abfe8953ed83008523f031f5a693c1fff14837e2fe4e08b9c205a921c22fb076c0ec84cfea8aeb895111e54f0cde1940536ad10e4e8f30a972

Download Submit
C:\Users\Admin\Downloads\main\_internal\setuptools\_vendor\packaging\_parser.py
Filesize
9KB

MD5
b7e47c6af1d5734c78f0d36b62f8a4ef

SHA1
d3c470bd4d793a9d759dc431a5f49799d450ddf3

SHA256
289424061fd76df6feaac079eb4608108b6b4e909968e878fd831f06d7795c86

SHA512
f25f9df2a5d7e9db3e723f5ee112371e107feb5ac9fe8ef57b05c074b0198abff93e7bd8237c3f019ab15b03ae84de5246346945a98c97f6b08338f7919b0eb5

Download Submit
C:\Users\Admin\Downloads\main\_internal\setuptools\_vendor\packaging\_tokenizer.py
Filesize
5KB

MD5
b0e4b78ef3c2060ddcf509ace8ca82de

SHA1
7e894dba389a70c4e5e3916705b5525788066a62

SHA256
6a50ad6f05e138502614667a050fb0093485a11009db3fb2b087fbfff31327f9

SHA512
10f6c8309a2c4261715b6e5e26becf31252e0964879287e79c62aaf93eed3a5024e5066a62d31db64d60896ae534d4e10f21b075feef548b532f4797ff506766

Download Submit
C:\Users\Admin\Downloads\main\_internal\setuptools\_vendor\packaging\markers.py
Filesize
8KB

MD5
8b2845880a67d4d1934f095997f295d2

SHA1
bbff1e2e446b8c2f30c89d5e7e62e9eb844ce8ee

SHA256
787fadc52db3ab51dd3694ddf4b71951c548c1ec0088d53482b9aae708ca9ce9

SHA512
f68802b219d23eefb852bb9ec9bd9459beb3ed441a7b9fccc6bacf71f2e40c97cfe4686292151d71c9a8cc031df1fc5b9ca24ee2d957b9d5919ebb8a7410ec19

Download Submit
C:\Users\Admin\Downloads\main\_internal\wheel\vendored\packaging\_musllinux.py
Filesize
2KB

MD5
fb95b55a40800495a6da6da9024dae06

SHA1
c598170d382f00e67dbfcff742335b1334c39c0e

SHA256
9af3e4ec53638c82ca44b21d33147b22f275ba080b802b33a3e2fdae37e98b43

SHA512
c221409d391cb6c207d8e0aca4d2e0dcc646950f65e42b0dfd8fe059dd3bfbc910759d05f886825b665e37ba68b2ec10d472c7960e533fd27ba489fef5f1feb0

Download Submit
C:\Users\Admin\Downloads\main\_internal\wheel\vendored\packaging\utils.py
Filesize
4KB

MD5
d769960271309f6e6cf3dd921605e3f9

SHA1
8e048b346108b22ece971db02c93d26ef51344fc

SHA256
7acd1c09eccab29ceb890fb757cf21df2273c73d36f1eb95dac53033ad6413ea

SHA512
f008ba72ad00747a7443ebf12d48258546e35d3ee1aafca0a90ad4f506899af03cd2dd8bd6d065c2a8bdb40e26a2cb131c6204fac818337113b9803360d0e324

Download Submit
C:\Users\Admin\Downloads\main\_internal\win32comext\axscript\__init__.py
Filesize
135B

MD5
f45c606ffc55fd2f41f42012d917bce9

SHA1
ca93419cc53fb4efef251483abe766da4b8e2dfd

SHA256
f0bb50af1caea5b284bd463e5938229e7d22cc610b2d767ee1778e92a85849b4

SHA512
ba7bebe62a6c2216e68e2d484c098662ba3d5217b39a3156b30e776d2bb3cf5d4f31dcdc48a2eb99bc5d80fffe388b212ec707b7d10b48df601430a07608fd46

Download Submit
C:\Users\Admin\Downloads\main\_internal\win32comext\taskscheduler\__init__.py
Filesize
192B

MD5
3d90a8bdf51de0d7fae66fc1389e2b45

SHA1
b1d30b405f4f6fce37727c9ec19590b42de172ee

SHA256
7d1a6fe54dc90c23b0f60a0f0b3f9d5cae9ac1afecb9d6578f75b501cde59508

SHA512
bd4ea236807a3c128c1ec228a19f75a0a6ef2b29603c571ee5d578847b20b395fec219855d66a409b5057b5612e924edcd5983986bef531f1309aba2fe7f0636

Download Submit
C:\Users\Admin\Downloads\main\_internal\zipp-3.18.1.dist-info\WHEEL
Filesize
92B

MD5
43136dde7dd276932f6197bb6d676ef4

SHA1
6b13c105452c519ea0b65ac1a975bd5e19c50122

SHA256
189eedfe4581172c1b6a02b97a8f48a14c0b5baa3239e4ca990fbd8871553714

SHA512
e7712ba7d36deb083ebcc3b641ad3e7d19fb071ee64ae3a35ad6a50ee882b20cd2e60ca1319199df12584fe311a6266ec74f96a3fb67e59f90c7b5909668aee1

Download Submit
C:\Users\Admin\Downloads\main\main.exe
Filesize
6.2MB

MD5
49d503f4b723d79fe6afc01cbee947be

SHA1
86f4ecf1abcbda9e19879765b0d0b28460181755

SHA256
f3b19c27120f08abccfb4f013b5ba5b00dac8f2e0e96e000d1f310c80252452b

SHA512
2bc6d325c0175508eab061075e15d720a829a832be8b11619f6cd7379a60c5f945fdc81feebd21f1861ddf3c293385732ba2cb6fa465c72daf483f2a1327e3b2

Download Submit
\??\pipe\crashpad_1240_QOJBIHNUXTIGVYBQ
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/2680-15818-0x000001D674830000-0x000001D674DD6000-memory.dmp

Filesize
5.6MB

Download
memory/2680-15820-0x000001D673DD0000-0x000001D673DD8000-memory.dmp

Filesize
32KB

Download
memory/2680-15815-0x000001D673BB0000-0x000001D673BB8000-memory.dmp

Filesize
32KB

Download
memory/2680-15816-0x000001D673BC0000-0x000001D673BC8000-memory.dmp

Filesize
32KB

Download
memory/2680-15817-0x000001D674250000-0x000001D674272000-memory.dmp

Filesize
136KB

Download
memory/2680-15813-0x000001D673D70000-0x000001D673DE0000-memory.dmp

Filesize
448KB

Download
memory/2680-15819-0x000001D674220000-0x000001D674228000-memory.dmp

Filesize
32KB

Download
memory/2680-15814-0x000001D673D70000-0x000001D673D8A000-memory.dmp

Filesize
104KB

Download
memory/2680-15821-0x000001D673DD0000-0x000001D673DD8000-memory.dmp

Filesize
32KB

Download
memory/2680-15822-0x000001D676B40000-0x000001D676B48000-memory.dmp

Filesize
32KB

Download
memory/2680-15811-0x000001D673B70000-0x000001D673B7A000-memory.dmp

Filesize
40KB

Download
memory/2680-15843-0x000001D6721B0000-0x000001D6721E3000-memory.dmp

Filesize
204KB

Download
memory/2680-15844-0x000001D672740000-0x000001D672784000-memory.dmp

Filesize
272KB

Download
memory/2680-15812-0x00007FFCF9610000-0x00007FFCF961A000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads