25947903109ba1bf70d1e06423be6d39fccdece8258cf5c959b65ec8d0fe6aae

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 07:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OpenAI Translator.exe
Size

27.2MB
MD5

47288685df2969b998beadd450f52873
SHA1

8d6f9ad930d2279ed92d885c87cade3f384d2fb7
SHA256

b92920d9f050c9a6ed3c6c95189f03b4d770b62da60af0bf0087bfce9486795a
SHA512

61c0794376fa6f449165078ac3e8e2f4906cc1f5449b475c4af9612099da930d4570e4d4b356792201881ea586efc5c8138fc1666bf8cf0a45bfb498ae1d205d
SSDEEP

393216:REgEd1wb1JZVqFp5NuEO0dAQ012hmiSB5hH:REgEA/EzAQ5hmThH

Score

6^/10

evasion trojan

Malware Config

Signatures

Checks whether UAC is enabled 1 TTPs 1 IoCs
evasion trojan

System Information Discovery
T1082

Processes:

OpenAI Translator.exe

description ioc process

Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA OpenAI Translator.exe
Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service
T1102

Processes:

flow ioc

47 raw.githubusercontent.com

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	OpenAI Translator.exe

flow	ioc
47	raw.githubusercontent.com

Drops file in Program Files directory 46 IoCs

Processes:

msedgewebview2.exe

description	ioc	process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-cu.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-hy.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-mn-cyrl.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-mr.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-pa.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-tk.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\manifest.json	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1660220752\manifest.fingerprint	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-en-gb.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-gu.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-la.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-nb.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-sl.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-be.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-bn.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-de-1996.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-hi.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-pt.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1733699883\protocols.json	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-de-1901.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-eu.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-hu.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-kn.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-ml.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1733699883\manifest.fingerprint	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-cy.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-es.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-et.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-hr.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-ta.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-te.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\_metadata\verified_contents.json	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1660220752\crl-set	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-as.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-da.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-or.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-und-ethi.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-bg.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-ga.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-nn.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\manifest.fingerprint	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1660220752\manifest.json	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1733699883\manifest.json	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-de-ch-1901.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-en-us.hyb	msedgewebview2.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-fr.hyb	msedgewebview2.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedgewebview2.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

msedgewebview2.exe

pid process

5584 msedgewebview2.exe
5584 msedgewebview2.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

msedgewebview2.exe

pid process

2724 msedgewebview2.exe
2724 msedgewebview2.exe
2724 msedgewebview2.exe
Suspicious use of FindShellTrayWindow 4 IoCs

Processes:

OpenAI Translator.exe

pid process

1284 OpenAI Translator.exe
1284 OpenAI Translator.exe
1284 OpenAI Translator.exe
1284 OpenAI Translator.exe
Suspicious use of SendNotifyMessage 1 IoCs

Processes:

OpenAI Translator.exe

pid process

1284 OpenAI Translator.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

OpenAI Translator.exe

pid process

1284 OpenAI Translator.exe

pid	process
5584	msedgewebview2.exe
5584	msedgewebview2.exe

pid	process
2724	msedgewebview2.exe
2724	msedgewebview2.exe
2724	msedgewebview2.exe

pid	process
1284	OpenAI Translator.exe
1284	OpenAI Translator.exe
1284	OpenAI Translator.exe
1284	OpenAI Translator.exe

pid	process
1284	OpenAI Translator.exe

pid	process
1284	OpenAI Translator.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

OpenAI Translator.exemsedgewebview2.exe

description	pid	process	target process
PID 1284 wrote to memory of 2724	1284	OpenAI Translator.exe	msedgewebview2.exe
PID 1284 wrote to memory of 2724	1284	OpenAI Translator.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1800	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1800	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3344	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3564	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 3564	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe
PID 2724 wrote to memory of 1696	2724	msedgewebview2.exe	msedgewebview2.exe

C:\Users\Admin\AppData\Local\Temp\OpenAI Translator.exe
"C:\Users\Admin\AppData\Local\Temp\OpenAI Translator.exe"
1⤵
- Checks whether UAC is enabled
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1284

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required --enable-features=MojoIpcz --lang=en-US --accept-lang=en-US --mojo-named-platform-channel-pipe=1284.3956.5989126681224100469
2⤵
- Drops file in Program Files directory
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of WriteProcessMemory
PID:2724

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=122.0.2365.52 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ff9732e2e98,0x7ff9732e2ea4,0x7ff9732e2eb0
3⤵
PID:1800

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:2
3⤵
PID:3344

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=2092 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:3
3⤵
PID:3564

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=2300 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:8
3⤵
PID:1696

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=3592 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:1
3⤵
PID:2032

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=3940 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:1
3⤵
PID:4284

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=4160 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:1
3⤵
PID:4608

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=5476 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:8
3⤵
PID:6104

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=5496 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:8
3⤵
PID:5256

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=5128 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:8
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:5584

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView" --webview-exe-name="OpenAI Translator.exe" --webview-exe-version=0.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=944 --field-trial-handle=1756,i,10478308145189144919,4583085879624602495,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection--autoplay-policy=no-user-gesture-required,msWebOOUI --variations-seed-version /prefetch:8
3⤵
PID:5928

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1400 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
1⤵
PID:5320

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-as.hyb
Filesize
703B

MD5
8961fdd3db036dd43002659a4e4a7365

SHA1
7b2fa321d50d5417e6c8d48145e86d15b7ff8321

SHA256
c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

SHA512
531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-hi.hyb
Filesize
687B

MD5
0807cf29fc4c5d7d87c1689eb2e0baaa

SHA1
d0914fb069469d47a36d339ca70164253fccf022

SHA256
f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

SHA512
5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\hyph-nb.hyb
Filesize
141KB

MD5
677edd1a17d50f0bd11783f58725d0e7

SHA1
98fedc5862c78f3b03daed1ff9efbe5e31c205ee

SHA256
c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

SHA512
c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1570272336\manifest.json
Filesize
179B

MD5
273755bb7d5cc315c91f47cab6d88db9

SHA1
c933c95cc07b91294c65016d76b5fa0fa25b323b

SHA256
0e22719a850c49b3fba3f23f69c8ff785ce3dee233030ed1ad6e6563c75a9902

SHA512
0e375846a5b10cc29b7846b20a5a9193ea55ff802f668336519ff275fb3d179d8d6654fe1d410764992b85a309a3e001cede2f4acdec697957eb71bdeb234bd8

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1733699883\manifest.fingerprint
Filesize
66B

MD5
0c9218609241dbaa26eba66d5aaf08ab

SHA1
31f1437c07241e5f075268212c11a566ceb514ec

SHA256
52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b

SHA512
5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2724_1733699883\manifest.json
Filesize
134B

MD5
58d3ca1189df439d0538a75912496bcf

SHA1
99af5b6a006a6929cc08744d1b54e3623fec2f36

SHA256
a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437

SHA512
afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\AutoLaunchProtocolsComponent\1.0.0.8\protocols.json
Filesize
3KB

MD5
6bbb18bb210b0af189f5d76a65f7ad80

SHA1
87b804075e78af64293611a637504273fadfe718

SHA256
01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c

SHA512
4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Crashpad\settings.dat
Filesize
280B

MD5
98c59c0fd7c9896beba300049890d5b2

SHA1
a60a0dd1f2d8c00d06ef48a09888cd1d360b85d8

SHA256
fe40697b689637463b8f6f7d3dc7a076f61f7a1b6d81fec9f2300d50a5ab1ff6

SHA512
98fe6a4acca31945152248627fd96aee2dd7f355393e10418924d4eb796bb08bb20d2a39bdad90ec6c96df66111e533ac6b261653881e41cabbc1a221046f816

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Crashpad\settings.dat
Filesize
280B

MD5
706e592e2714bc06466fbab940e4a084

SHA1
32df9a8a466ce205a3a547f28fc25078836e259d

SHA256
2bbbc1ef8ff544c309e12e2caf7b5e9c7735340af8b2fdf413232f456f177448

SHA512
10af7c68eb11dfb999a16f0c6112c8e19af8b4e858b0c228f53058a6ac44d9bfe650b61f7a3873b780f3662219026ca5cd733d324d9e65c9f81efc072490be8e

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Crashpad\throttle_store.dat
Filesize
20B

MD5
9e4e94633b73f4a7680240a0ffd6cd2c

SHA1
e68e02453ce22736169a56fdb59043d33668368f

SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Code Cache\js\index-dir\the-real-index
Filesize
48B

MD5
fa3f328c288b866118193758b91fe412

SHA1
1fd4deb78f0b5f70da4e66ba31aeb22de2bf5b7b

SHA256
e312d2dc039241f17fded016688c2c56ea27142e4741ed2b1b7b030a317f6b47

SHA512
7cabdc008eb9ff6f514ecb864757367548db15239b22ac05f08d852ba496a254c88a517399c34d460c3adab706d2b832b55023a274490f651f62cdb4739d226e

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Code Cache\js\index-dir\the-real-index
Filesize
120B

MD5
cd63278d62b626db0ea638467b1769e8

SHA1
5babf88f59d130fc2e65afc238220b48718461db

SHA256
8081846c88ffc3933005becb8ad7f2911a4e4243c6e46665518eff173c7d4c95

SHA512
8d7a8179cdb5b90193d949039636d8cf440ad7b0b2576dfe8cedce88dd70e0ee4e4e5e6babd83ed05eb15842ce31da82b6fdd1f5926ffd5223f18e7b448cf287

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\DawnCache\data_0
Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\DawnCache\data_2
Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\DawnCache\data_3
Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Network\Network Persistent State
Filesize
824B

MD5
e68c6b6a629c25d477caf4ddb44accf6

SHA1
09eed76a5bef5eaa0115466acdf3803a5c4fb09d

SHA256
61cca4fa2b53e78e85fa3995b1cacd9bc48ba631a4af9eb69cc24f6ba36d345d

SHA512
7ff2a1028e2a2554ad3fafaadbf22dd4d01d0cedfda0ed4c765f3943590180b3e8b5121aaa94be2ceb2104b34035c00da0b733d84c6e9b332ee533f1538c0970

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Network\Network Persistent State~RFe58fe70.TMP
Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Preferences
Filesize
6KB

MD5
08a56e677153e4043a452e4873b07229

SHA1
c8fedeaed7463102a82dedd92462bcd321e2a626

SHA256
c50ecf1f210acc24dd0908e8da08e3ad4d4e9492191dbed1c3eb0948a69528eb

SHA512
a447b8dcb2fc6f9be413a3cd09f6171d1d3d593515ed973e16feec4394996ec039072c7ba807289fc2236257c8f4702b0b10b75bb7239737bce1c42aa8287494

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Preferences
Filesize
6KB

MD5
f4c04d2fe432f9197d7271c34b00475f

SHA1
98b76e71bf6e2c78976f1b26132980664bfcabf9

SHA256
8a3efeef252847451834c84d5c61f968137188fc9d0b2ac0011f03a537f48d61

SHA512
07cabd29847330ac2e2f42c1d483be864bd5d71bceaa0efbcf95eb9b9c18b40f7f69c87b9bbe533478ecb602f0ab1ea700440ea427b249dd8890fba1795cf706

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Preferences~RFe583767.TMP
Filesize
6KB

MD5
5c8850540f7934133e08923c416c021e

SHA1
f12d6454706c103b1c9e75b1b6a61af37ea4a17a

SHA256
123518c9787b737f01a52de7588ea1d392c26128e151ab8ddc978ff837dbf001

SHA512
865e9c3659595096cd4289132e060897e5470cf4ee2f71bd01c285bcbdc4bb11e2fab94a09174bbd6b456cf63e621e2231418806507e24309f55fa633294408a

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Default\Sync Data\LevelDB\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Local State
Filesize
3KB

MD5
9cb87d010c942671998f2d7e61477cd2

SHA1
c1f7629cbce504cb5b4a3c9b1dabb189b3509707

SHA256
b57234aba27a96cf0652ad72537bda713214955fac9ff0b94cb5382513bf3445

SHA512
be4829a5dfa13f707fb8509bc988925d74bde482e573edc29941499d781acdb633b6de9dd293f870198760258a3cfb1310491df3596cc9eed9f5292f46efec04

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Local State
Filesize
3KB

MD5
bbe175f9995b48996e2826ee2be9b5f1

SHA1
065e88e8b1fe54aa9002ea436be440b3075b053a

SHA256
cfe99947460adeaad2c619229b4bfad0085b563d43b4e79cb28c55f47922630d

SHA512
3bd002c8148edfdaf4411b7e21ec4442653d52516c355f8e836e2542bc516a309705bd57c6b8e1dbce756100d63aa6042c8493aa3220841e930f5c9618d3af7b

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Local State
Filesize
16KB

MD5
64670fbb42139291f67489356ab826b4

SHA1
552d2d7a8fefe5017f714f8a41a7d1ba1f0ce5c9

SHA256
5c4b8d0eace5d5d81380e2655d05c2d39a771ff416afbadfa0a77a81e158c9b7

SHA512
14929c679d26002aea808f787683c4ae6066c2be75488e9d0a665674ca435f2adeba347dcfeb8fd1f17033caf0f37cd955f973a74a221246fe2401a3c1a8c563

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\Local State~RFe57dc46.TMP
Filesize
1KB

MD5
745114dc0af091818dc1cbc929670433

SHA1
39259e384d90f6107fb57d219f57197a701abf59

SHA256
505e1a597000e794fe9c1b87e274eaa029e9a2f289711a75d2c9569cbb0a5f38

SHA512
cd722959bb85266f9b2cb6231441f5026f9b8244aa5b5671212b883c039ec771203dd857f61db6227cc685d85e20ba8844454378ddd38c7982133fd04d937b0c

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\SmartScreen\local\downloadCache
Filesize
14B

MD5
df741b3f19d9dc2621eaf973c8c9fa9d

SHA1
f45f1d9791c05366a8a23322d497c89957e75e61

SHA256
6e5ddba6d7aa3b287ea364034e1f843e4146ff92c07d8426f4a7c4b0e6435006

SHA512
650de3f99038bffbfef41a9acc0a06e15803550c6456d0bdeac9ebe18aea94ab3a0bb7d85b7a0230ce6f510f5e26fa739fe58924f355d7e3714ec37daa4c70d2

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\SmartScreen\local\uriCache
Filesize
9B

MD5
b6f7a6b03164d4bf8e3531a5cf721d30

SHA1
a2134120d4712c7c629cdceef9de6d6e48ca13fa

SHA256
3d6f3f8f1456d7ce78dd9dfa8187318b38e731a658e513f561ee178766e74d39

SHA512
4b473f45a5d45d420483ea1d9e93047794884f26781bbfe5370a554d260e80ad462e7eeb74d16025774935c3a80cbb2fd1293941ee3d7b64045b791b365f2b63

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\SmartScreen\local\uriCache_
Filesize
29B

MD5
47d41a980668e9bfae197488d6d56feb

SHA1
8acd8919b112d637a18e4c2f79f61fd62d2a1e6d

SHA256
87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43

SHA512
165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb

Download Submit
C:\Users\Admin\AppData\Local\xyz.yetone.apps.openai-translator\EBWebView\bb4b64f4-d022-4a58-84a7-d6db1a01610b.tmp
Filesize
2KB

MD5
0980a7df9c55610c2ff76569dfe566a0

SHA1
651ac30f0bef26718e601b3686b90c4886314abc

SHA256
8117e6cc0ff991dc607acc9f47ceca6e31f3bf53fa3db4a46fdab2e668b0b466

SHA512
268f8d2001a5bebb2828363a4476ea92f865022f981c3ff70ac6302c734bdf8c972d80fd6ad8bd5499dfc3168a81d55e0bceb73a4b1d12f85f6ccf07bde05048

Download Submit
C:\Users\Admin\AppData\Roaming\xyz.yetone.apps.openai-translator\config.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\xyz.yetone.apps.openai-translator\config.json
Filesize
21B

MD5
2e3ed95c2edddff5e322b0467d7cd78b

SHA1
47cd056389b1e1e5302f3fa13a55fc0e99aaef87

SHA256
483681316c6ab5219381120d2049bf80bc6813e1e9eebd12fdd9c5ba3eb966ed

SHA512
77dac60a3b7d03cb65616aae6a974af5dfc394eb9b6c99d3a43e3ab6512d466a014d87101a0a53fe2e520e5bc410e29c4f8cdf79e035c43c9c6a8fd64ee68dee

Download Submit
\??\pipe\crashpad_2724_KRYYRFPXLREZVEDT
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1696-48-0x00007FF99A7E0000-0x00007FF99A7E1000-memory.dmp

Filesize
4KB

Download
memory/1696-47-0x00007FF999630000-0x00007FF999631000-memory.dmp

Filesize
4KB

Download
memory/2032-320-0x000001E19C400000-0x000001E19C52A000-memory.dmp

Filesize
1.2MB

Download
memory/2032-136-0x00007FF999BE0000-0x00007FF999BE1000-memory.dmp

Filesize
4KB

Download
memory/3344-352-0x00000217A70D0000-0x00000217A71FA000-memory.dmp

Filesize
1.2MB

Download
memory/3344-283-0x00000217A70D0000-0x00000217A71FA000-memory.dmp

Filesize
1.2MB

Download
memory/3344-25-0x00007FF999BE0000-0x00007FF999BE1000-memory.dmp

Filesize
4KB

Download
memory/4284-328-0x0000029A6B600000-0x0000029A6B72A000-memory.dmp

Filesize
1.2MB

Download
memory/4608-329-0x000002A88F200000-0x000002A88F32A000-memory.dmp

Filesize
1.2MB

Download
memory/5584-493-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-496-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-495-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-494-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-492-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-490-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-491-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-486-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-485-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download
memory/5584-484-0x000001D8E8DC0000-0x000001D8E8DC1000-memory.dmp

Filesize
4KB

Download