Analysis
-
max time kernel
1762s -
max time network
1800s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
28-04-2024 05:38
General
-
Target
http://discord.com
Malware Config
Signatures
-
Downloads MZ/PE file
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE 7 IoCs
-
Loads dropped DLL 8 IoCs
-
Reads local data of messenger clients 2 TTPs
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks processor information in registry 2 TTPs 7 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 12 IoCs
-
Modifies registry key 1 TTPs 5 IoCs
-
NTFS ADS 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 24 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs
-
Suspicious use of AdjustPrivilegeToken 8 IoCs
-
Suspicious use of FindShellTrayWindow 54 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://discord.com1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ff9303d46f8,0x7ff9303d4708,0x7ff9303d47182⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:22⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3368 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3376 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1980 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6092 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4116 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6940 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Users\Admin\Downloads\DiscordSetup.exe"C:\Users\Admin\Downloads\DiscordSetup.exe"2⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .3⤵
- Executes dropped EXE
- Suspicious use of FindShellTrayWindow
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe"C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe" --squirrel-install 1.0.90434⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exeC:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9043 --annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=28.2.10 --initial-client-data=0x53c,0x540,0x544,0x530,0x548,0x82e6284,0x82e6290,0x82e629c5⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Discord\Update.exeC:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico5⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe"C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1864 --field-trial-handle=1868,i,16349906649821996336,6007060387562886300,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:25⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe"C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --mojo-platform-channel-handle=2132 --field-trial-handle=1868,i,16349906649821996336,6007060387562886300,262144 --enable-features=kWebSQLAccess --disable-features=CalculateNativeWinOcclusion,HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Windows\SysWOW64\reg.exeC:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f5⤵
- Adds Run key to start application
- Modifies registry key
-
C:\Windows\SysWOW64\reg.exeC:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f5⤵
- Modifies registry class
- Modifies registry key
-
C:\Windows\SysWOW64\reg.exeC:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f5⤵
- Modifies registry class
- Modifies registry key
-
C:\Windows\SysWOW64\reg.exeC:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe\",-1" /f5⤵
- Modifies registry class
- Modifies registry key
-
C:\Windows\SysWOW64\reg.exeC:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exe\" --url -- \"%1\"" /f5⤵
- Modifies registry class
- Modifies registry key
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,1219668399566716456,1862059743703943261,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4b4 0x4901⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4b4 0x4901⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\Discord.exeFilesize
134.9MB
MD5790f9fa8a926c5c80649dc13f0a983ee
SHA1a8f734215c57cdf19234a524872c761512bdef4f
SHA2569c10e3d1c10bc3f8189edd5d1a8895956bf2f2923628db5bd73f38f10955912c
SHA5120e3d292a306f0e8b711b002ea6eecabc083e1865cba27ccaeec19be53a20bec74ef6ee0ed7645eab062109c80dbc9f5028b301076f745fb5fbe88b047fffb114
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\app.icoFilesize
278KB
MD5084f9bc0136f779f82bea88b5c38a358
SHA164f210b7888e5474c3aabcb602d895d58929b451
SHA256dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43
SHA51265bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\chrome_100_percent.pakFilesize
163KB
MD54fc6564b727baa5fecf6bf3f6116cc64
SHA16ced7b16dc1abe862820dfe25f4fe7ead1d3f518
SHA256b7805392bfce11118165e3a4e747ac0ca515e4e0ceadab356d685575f6aa45fb
SHA512fa7eab7c9b67208bd076b2cbda575b5cc16a81f59cc9bba9512a0e85af97e2f3adebc543d0d847d348d513b9c7e8bef375ab2fef662387d87c82b296d76dffa2
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\chrome_200_percent.pakFilesize
222KB
MD547668ac5038e68a565e0a9243df3c9e5
SHA138408f73501162d96757a72c63e41e78541c8e8e
SHA256fac820a98b746a04ce14ec40c7268d6a58819133972b538f9720a5363c862e32
SHA5125412041c923057ff320aba09674b309b7fd71ede7e467f47df54f92b7c124e3040914d6b8083272ef9f985eef1626eaf4606b17a3cae97cfe507fb74bc6f0f89
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\d3dcompiler_47.dllFilesize
3.9MB
MD508ac37f455e0640c0250936090fe91b6
SHA17a91992d739448bc89e9f37a6b7efeb736efc43d
SHA2562438b520ac961e38c5852779103734be373ee2b6d1e5a7a5d49248b52acc7c4d
SHA51235a118f62b21160b0e7a92c7b9305da708c5cbd3491a724da330e3fc147dde2ca494387866c4e835f8e729b89ee0903fd1b479fcc75b9e516df8b86a2f1364c8
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\ffmpeg.dllFilesize
3.2MB
MD565bb417de3c33d384c9dc0abc676de49
SHA1cfe2f0ef39b45d00a2c54e88f20493375ae21d3b
SHA256008f3e14035b777598c5cdb49d4093a9ddff29fb967d0f961c4d36ad9a02d36a
SHA512c6749668731a9f35419355dd6aef673d07cfd956deadf9e940d22682f8155cd177ebd23e5667425b86694feff824b9d3980b225dcafb0658cd0a7f3a6d2069eb
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\icudtl.datFilesize
10.2MB
MD5e0f1ad85c0933ecce2e003a2c59ae726
SHA1a8539fc5a233558edfa264a34f7af6187c3f0d4f
SHA256f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb
SHA512714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\libEGL.dllFilesize
378KB
MD52ab0a3750b59b020c826899599a75959
SHA1b650a7ab1102c6807c50e8576f6cc5ca70e7fff9
SHA2563974e2d240aed199ae48ac04ce51f1e39e74951e761a444e90e6e4c6c71d0c79
SHA51219cd079a23554a501006240754c0c84e25a4cc8120f64198fa99f1efdad555b7cd19a93d9aecccc3bbb8a2539ec467090e16b17de9e8fc009f7c26c98c1a82cd
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\libGLESv2.dllFilesize
6.4MB
MD596d0ff62239f0d967b2abae2b1531721
SHA18bc7d52fe093220e3490599cf5db347357d14c7a
SHA25647380feff032757792dc13f852566ed4079594ef15c3a9efa6f402c2fceac2d6
SHA512596cd57405bacb98f209ac165e4d9b3d910e5178bb47604b50efeb099325d91f9b3462b45b4fd6045c195a94b43d2d9545f5598859b28f221766afc8dfe508ea
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\locales\en-US.pakFilesize
428KB
MD5809b600d2ee9e32b0b9b586a74683e39
SHA199d670c66d1f4d17a636f6d4edc54ad82f551e53
SHA2560db4f65e527553b9e7bee395f774cc9447971bf0b86d1728856b6c15b88207bb
SHA5129dfbe9fe0cfa3fcb5ce215ad8ab98e042760f4c1ff6247a6a32b18dd12617fc033a3bbf0a4667321a46a372fc26090e4d67581eaab615bf73cc96cb90e194431
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\resources.pakFilesize
5.1MB
MD5e9056386a2b4edac9f0ffa829bc0cfa0
SHA1f8d4b8289ebb088c9997a1fde1c2f12aedd6c82e
SHA256546456d9a1328836a99876824f3beb7279f38403cd001515f5d9eb204939e57c
SHA512c49e832e5c16a1846ea882395e83f9cbe9f4f6b44be9f0c7276d0a4495b88091bd95593c5e167dba853834058d7ca823db60d2fac73434ed952b7064b2daf6da
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\resources\app.asarFilesize
6.3MB
MD518c82fef289b0aa9fff73ce8489c69f5
SHA176999d747423ef5cd9cc0a1fa039a7fad6c89763
SHA256c5e9c322296f97c42132aa29cf9e94e372e9de3b83e2fd1266340ab476b2d821
SHA512529bb2a0c8c399b4815740928a1b74bbce23d04f9cffeb2be2d12b46f3d3aad00d4498ba95fad0e8d82e52850f6b5395041b65931c63123ab5c95c15d5a82a26
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\resources\build_info.jsonFilesize
83B
MD55ca0aba2e6fd42d3c9f709c5f2605a3c
SHA191ce7ada5441bd30e680cfcb164a3ad3133d3c6d
SHA256feca806ac58cbbd38d4875061840581f67149d3f5af7e6f9d25c9f04e3250256
SHA51285bbfc5aa4b2ef05bc016f7e2d495a137e061e57b817cdabca74c64655bd33f0aa56c71b26e5659a60cba7bda8ad38567d0f0afbe3a8f8e614339053d4bc90a8
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\v8_context_snapshot.binFilesize
631KB
MD55e59b98c444e66f981b8605636e88efd
SHA178ce5d12ef8d76e5de09873eec59657a5b3964ee
SHA256457167b96cf7cb9d80bf5f74976314b465439adb0563ed820be15d848f3daf66
SHA5129401047fb86cd7d9b9aeea72bc3b7981b834e914d7ecc19ef2f787ccf946548a95241b89d508372caad6a7cc157e2be6fa931d952f836404b7c0c5abe4ca614b
-
C:\Users\Admin\AppData\Local\Discord\app-1.0.9043\vk_swiftshader.dllFilesize
4.4MB
MD57a296124539bf04af8a64e270413e403
SHA1953307a446c7a04a0b98998296d3a8c91fcc39bd
SHA256cd181ce30aac66deb4e201cc8ea84fb4acb21560234d079c83ef88ceb1744179
SHA51254d6694456782e6378212cd996c9082bcc6f022c2eef895b292c2b38d55eafaed0f3094a5d3ca7614ba60a5346881d41369b43a5d2bd52f5ad9609fa19540bd0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD5537815e7cc5c694912ac0308147852e4
SHA12ccdd9d9dc637db5462fe8119c0df261146c363c
SHA256b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f
SHA51263969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD58b167567021ccb1a9fdf073fa9112ef0
SHA13baf293fbfaa7c1e7cdacb5f2975737f4ef69898
SHA25626764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513
SHA512726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040Filesize
17KB
MD5dd920c06a01e5bb8b09678581e29d56f
SHA1aaa4a71151f55534d815bebc937ff64915ad9974
SHA25631ad0482eee7770597b8aa723a80fd041ade0b076679b12293664f1f1777211b
SHA512859fd3497e508c69d8298c8d365b97ab5d5da21cd2f471e69d4deb306ecf1f0c86347b2c2cfb4fd9fcd6db5b63f3da12d32043150c08ef7197a997379193dcbd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD58dfe7aa57135781a66eb99931484a817
SHA198f1ce2d1defee6753bc70b517b473fd7c31ab95
SHA2564270d0bcc9c5707a20aedf2a91770089d0b33eccb75c22022d6130c728b8aff9
SHA51283aba6a61565285d54ccc82b3cd177a6105909cfea9f9472407be2819e2752225dd1b2e4b82a07e9055f1de1b4763ce40598c8d86dd9282465bd0571d03e4e5f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
2KB
MD5b14bde19ecf16afebaf8fbbe95fd2dd8
SHA1ff0db8ccd51be4e0a2268693a7302481b3e02d05
SHA25699d28d1a69c6ed40d1cc5f8ff1f017d66fafcbda21614c5fe5f09b2dd1fa24c0
SHA512eb7253a833d9eff6b387c4e87a6150a75e43579b57c74b0cafc770381934b37a8438cdf40ab9f90f554f285152b5a992c31ae0585ca9a13a7713a5ff276739fb
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
2KB
MD564f74a3679e40f4990f88bfa353a4ff8
SHA16d8e4e9f3567e8261c9c4b5a8513e4bc7a2bc3d4
SHA256878d0709dcbdade363912297ef0b58d124612f0f0484572b98a3caf118840e7f
SHA51272c49dd69de5013087b1a5af69ac9ecfb736abee7b2e536af6984d61482e8087b3bc8b0abfcd8c91bb619c2b39d8c12f0d2b60756d435edc0b60728395ee0372
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
2KB
MD5434b2b3e295a7638b6544560669e1b63
SHA107a86073d553c7d488980510bf45e18550b26ef2
SHA256a7258e6a63f086ad908d00d6a41c4f5f5421b997fb43af4f28144371dd32d36f
SHA5120e583ae2ef1bf7473aa0e65ffc969fef9e2c5cd07601fce38275ba5498637432c970118d04b0b6109028c7884b66a254557c897df7382e1022de4270d76a0678
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
1KB
MD56cb01dd824e9b355093ad4e3985d47a2
SHA1d9ad853daa193370e1a58a44d1b1a861d1737e25
SHA25691cb570b30da55ddc8c731a4e3147cab4239cabf0a4acbaa97a7ceced75cec35
SHA51295e43bfa6a8a98ac1370320f9596194e5cc56c31a825d527a0fdac890685b7b604f6adf7cdd5ed1a72b9f812ebc38b3d0f3729146dd782231b9cf890d8822653
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD581fa938e44a5a210ad5fce056064c2cf
SHA12828addaf1802fed97694f603ee0e0a71b432206
SHA256e0d5e0b9b5e0f40b2441530e4f560a9703f6fcb899c812cd5979443b958aff50
SHA512b313ea92cca69c114463225ac366218b5b43d6f13f233b6b4535e494ef52372beeeeeb8859dbada1a5405e8b26a3b578ed136a01bbf4d27873f2eedc6dd97b48
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD54dcaa5ec9106977f33ee68b644742f1e
SHA1efcef96abedb6086eee759f4f438c839a3b77cb7
SHA256e6a90ffcda1b236146b1772c3bc850d9909c3a19a8760f134fbf99606c66f6bf
SHA512c6975544db72eb67868c4b904b360cc654a6bc77e797ff2f4c388856295600d5fd5a430226cdcb0d49a81c7fbd79b073787a4a14204337278869a0c434f735e8
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD55109d4a05c39063d036a55ec31730307
SHA1df1d22a9bc1ace5fecd38bebe7e01e703472f1e7
SHA256659e649563c889026077c0a1b96493298d4b325b0554c2f348ac2d580ab842e4
SHA512a36a485a579f1c20213cbfdf471838f3e0af184ff5d7d79894f4676cc8b021ef0cbc9e789856af61de011c41857fbcaeb2e562822cdb75a445c00c2a3637c2b6
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD5b273254c74e93296e423c8fd09decb95
SHA1bd760100b4f37d8156a3c3de6738c75848721950
SHA256ec73824aeebc418b534a6043a2fbf9afe55df2ac54345439ad66c256eb470574
SHA51200fecac6e33affc92fe1cfcc261b37bee7ebeff3f61afaf99c0b28955ebb704859e57c35fb2c468ae4fafed63622f1870c88bd12acfbab59c03e02189f5ca5e9
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
1KB
MD538efc74e3fc815532ecb748d681fac34
SHA1c0b232466175338b3a673cda4007dc8140d09b04
SHA256b987d2f89f45d7b25250a7ad3849900e6e65bd01ddbb5b58cbacf6bf11bf9bec
SHA51222e525c2ff3def691db7845db5d7f95448a24c1ccaf0e0696a530c24a517b90d1abba56354b6e5cf2504c53a084e3e179a371c6fe2acfb3fb70f0f3cfcbb6bf6
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
1KB
MD54a9dfb1a20fc81182810d47bcdaaed12
SHA19f014f3f491807fb04135f4febe79a5a09987041
SHA2563a98668481c30ab45cbe573847a520c6dd7c85e20c68cc250d3ba731396e0102
SHA5129c4b07edff83d1f9c51179f6765374348ca19d9237cebb2b67e6e5ccd9f894dfd5fdd1004a5d5ce88190f5148e186459e31358737166896647ecfaa6d2fc86ec
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD5d1c51dce7e72f3f76f71aff4812048ae
SHA1a4ce7bd95444186c6a17caab656f66ed0a998866
SHA2568f975d980ea11f592b54e7f390b568fc65563ca42e3c481cb0666e6bfd63670c
SHA51299cb848e660622739384ba2139416672dea80d8a11745d083d2ad875d3a26d38213a8277b16afbb97d73f74266961737971f5968342ddfff18cae7afa334ba4f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD5c035bc7dab01a0ec443fe96d721b9031
SHA1f1c1c95d37835790bdc6468e1dbfedfbb4704d73
SHA256b42fa9d239c9eac42f666c376086953256952eb6f591ffd1fdb9b3d3bb4481fd
SHA512d9fb99c770bc2af2513001a534861476f0edcb359efaeb6a600241a03e0231873864d8ff9a8451085d78c3e3b6c371c7a8a873de4c5b275945d6c97f661f292a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD56cf3278b65d2bf223acadf7a408f3efa
SHA1f36a1a5f96bd1cbf46871b34d35e9364458bc017
SHA256ee6ec2ea6417ee69ec3a26351873eb583b4be18f6e0083f97016fcf385fdea7c
SHA5129fc391f013a3d6c2f40ad97746dd8e47b4cb5f53884bdec7a0ba1c34677d9c2588651f68c0d89cedbcc60f7058ed7c2af80eec9a86d3e19602ea541f77f623ca
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD57479d75d8f555d8a1b31cbdae218e0a2
SHA1d4944d16d624f3bdf97328cba4305c102fc879e4
SHA2566832cfc1d4af3a5ed36a178d54f4e897aa063a715413787530b4c04258756ae7
SHA512178a7e41c737b8b28325ae7df3952774d28536c58f1eee7ad65b434a910b6c6c890606a99a0e9f3eaaa9588dd5bd9bbe5515f4a148900cf2b304f2e1e943796e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD585c188ba73a041c30c898b9008e5af0d
SHA14dfc08aede5357e2f11ef18a8fcb0333baa7ddef
SHA2560cde8d16be454232bb3088085498a88f06c17f4d6635d83381ff1e05aa9e1535
SHA512293a115d7c17fd82d6b7cf5dbf29d9684ec51b71b25293713357f3df2b46faef04b501a0408e52728f36c25fa4d7b8bd602e0b3f445447a1ac569c6cae002df2
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD56eadc2980bcbe0d382d9be69e3619da6
SHA1a6cee45b33438a0022058f108a08c287ea1f6316
SHA25637ca24c75d02ae761cb0e51fbd3a05c634c6a5470f43e23304f155345580be81
SHA5126ace4965e40fd437e9346c456e0906c8092e08fbdae86a831435184330fbbfd96c3d80c8ae180b5c0041bea4f70456e42d95af779603fdd74129c963fc47e8ac
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD5f290d89065fbff3146f9dd726908fe98
SHA14d669e51c489a4317fd4cc39819dac66a208d414
SHA2567d65a34c599d09bea271909ef2a32c0becf85b6d712b85fb1b7bff1f8a5f2a39
SHA51297920f4283c5e1390f93f2562779af692b34572b2a4e9acbdd5cf8040e609256e18d3b23d825530e4321ae1e627daebbefa39720ea992d234808028647ace80f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD551e23d8af68c0407076989aa44124cab
SHA19d247a6a65d254c3b297913cf00d623333d5ca5c
SHA25648b2eebce699abfb5a811981b4e5a7651e5d76a34c35c591c2ebda46e36cb746
SHA5126aec64ae314776d2bf9a481b418f0c848202b698f24dced381c64da8a9dfa8c48619ff46162348992a837e8888ae030562eabcccd3d1439536801f2495ad7824
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD5eed25179504b61bb2371f3c31aa6a37d
SHA194b5f2e6e7e9411ce329bc8e3a96c8d945432e29
SHA2568de7ffbfe05c02c79da074051464d2a728941e6509d8b0cca682dd5223183404
SHA5125096469b0ff3633b0871dc44a15f62adac0aa802ef4e89dd9a99775bfce6c864a24519519d00b2b47ca4b3cce856125f83a2c6a5e4ce460d97e387b9baba342f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD55e036627f951b3883c49e4b7876ea7b4
SHA18dbc55c62124d9937d6196526995f893f67a0e55
SHA25686e92518d9146ba2eac1cfa9951fea6dd6eb268dd9e1d188f02edcea8864e69c
SHA5123d066713eeba67d27b2ad33175fc3520948c69e08bd54769b4854bab32228dadcc823703b86d7e9ade5c7d176a59a06e99b469c1105a851ac85be1e5a39150ad
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD540953edbdba8d7ed110fbf85e2f9921a
SHA1209387a5d817a94b901c20f689cab477106e5c22
SHA25652420e734cdb0a8fff50776cd309ba02bd1bc6c0d70355c6b14ece0a4d445915
SHA5125250f42c04b3353fef8714e68a3203adcc9dbbd026ac45391224680a92504c287e3125937abd981c386a01c4930461430417d6b01974abdf46c407c0931eee4e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurityFilesize
2KB
MD52d32ee3ae94c471a00a1c56c93db6bed
SHA12b1ca5e2c853341dc239d7aef81fc398cecddce1
SHA25625610b7ac72bb1e65e3476b44ed741e9d36cbe44bfe021e9acd1977f39f21c66
SHA512a731293e6757175e897ef6e0d1b2dbcc32862bf9dcc076c220ebd00a38aa42a230e91d171ff2d4d77c7aae107d95f232123beafcce471368481756a1352b05a0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578608.TMPFilesize
870B
MD5675aa946c0b237b3e50fea704f08aa69
SHA138f5131d97aaf67d1cb7300cd7b2354090a46382
SHA25603d8c1d63022f0796e2e4f881c8aa73140c467ed710c22f5876ffedc2f090063
SHA51266f8e873affa885d1a55025523ba85a9af79dc158340e5a093ac80bb2dc50138a30296e5efbc66dbe9574edadf1fd0d5d2a343b53c5949274f33cc21821f22bd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENTFilesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD5280a82a5c457c20d6611ce9fcbf1eea0
SHA1891a24d3b338bc1256fba94bfb556a26b42e97fa
SHA2561eefe13e871003ae911e5c92fd0a5d3289f442e3d738761d848fbb370ee249b2
SHA51255b686f9fefa55507f6b7f09206147c4ce82bce0864eae6c7279b93745ef1a2aa1223cf70ab6fcb192c671457b6bc6fcdd1b8d643bcee5e8072ad6e96e34797e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
12KB
MD55be0f14e1b85e8e0de494c7db4e98023
SHA129db281f1e64275df027a58c12b7e1cae0640c19
SHA2560870c23e5846e779947f3542e50884d7f60103f8fdd732f4b8222f09d8b9857b
SHA51229da755fffde1da289ec8d9c11416b8d3ab953498f10bb3b9b45ed78ea58b4033c5caa7ed7337423effde0647d839ec947bf062743ba0cd4c3946f0302802532
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
12KB
MD594ed4d6a1f6746a9f8a821c269a551a0
SHA134052ad639d762f9a4cf7728d0169a44b78abbe1
SHA25617655b3cdd935c06459167e107d26bc5b91697cf40c6bf330c28b47204ed4d0f
SHA512c73943e595a7443b8c1b818baa0dc26aeacc923a7305630107c35eb819453fa9211354ea1dab9185a415db760c17053df8a15e1fe5e988581eeaba76d5f7ca08
-
C:\Users\Admin\AppData\Local\SquirrelTemp\Discord-1.0.9043-full.nupkgFilesize
93.9MB
MD51483cbff9c82c08bfda0ff6c657b46bf
SHA14ec1212b1737a5b5d912ca75997243f97e613d63
SHA2565e80637edce1e013dd618f1b58fdc37aa3bf4c68fd78b3bc1e6f890937bb7110
SHA5120268813deae1e7d6a4df7a2a89d2a6635c33a0540621242f74a681639d5d94fd4e029c33942a1c21ef945e1509f883491411d62cb4a2c6a4e42b6dadc6b58447
-
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASESFilesize
80B
MD55a29ae8fae469f6bdedf197aa027d7c8
SHA1c7356f7072566a01c10edeebafc4e635dc8f6f03
SHA256bbcf67dcc531106b3016cef95f02b7ab0e960feeaebd6c6f3c8d85fe99169b98
SHA512d5102ef6acbbcc76ff4752eacf5826c47364f0e66ac261c1589ac3cd701cebb02951ad47efb8cf3d41e8e296ae28080e94389b98ffbe353acf08e69fb9afe22b
-
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exeFilesize
1.5MB
MD50cbf68e44be15c5b8e82372a42c92299
SHA1bfb4f62df20114aebad42ecae0f135b6511c1202
SHA256494e03ad9bfbbdc81e16d8e9e09b8c90bdfbc0a3e2e91c5e92008ab16597c940
SHA512b446e61aacb815423b9cba7ec858c56a19944b39ef03282e85535206b3324bd4c9b2adbdf0e25d74ca44eca4b9d3b52d1adb5e527805d83c4208a322de56a7c4
-
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dicFilesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84
-
C:\Users\Admin\Downloads\DiscordSetup.exeFilesize
94.8MB
MD57c92cd7cfeca871d12ef01fbb400a3b2
SHA19afaf3f8f483f83bcbf43aba14d58f9bbc628349
SHA2565eb41b23ad3a41b3e30f4ec3df7c2e69fe736dda2766ab2460aa9fc8275a0785
SHA512a47db4cc94522a3be4df5c4a9a0e4689663fa9e22d665dfc32b7c42a99f4f2e99ba4aa1ffdfa47726c0933d4cfd55841bca816dc33ebca7901986cb6b717db0a
-
\??\pipe\LOCAL\crashpad_2512_ILNPWVQKMLJNOEQQMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
memory/808-521-0x0000000000270000-0x00000000003E6000-memory.dmpFilesize
1.5MB
-
memory/808-723-0x00000000075B0000-0x00000000075B8000-memory.dmpFilesize
32KB
-
memory/808-729-0x0000000007DC0000-0x0000000007DF8000-memory.dmpFilesize
224KB
-
memory/808-730-0x0000000005530000-0x000000000553E000-memory.dmpFilesize
56KB
-
memory/4844-733-0x0000000004F20000-0x0000000004F40000-memory.dmpFilesize
128KB