fee765827631c513a0afe7577d84b66839ecce32353c176c32b39cdf6ef3924e

Resubmissions

30/04/2024, 13:34

240430-qvjbpahg43 7

30/04/2024, 13:28

240430-qqm43shf69 7

Analysis

max time kernel
83s
max time network
81s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
30/04/2024, 13:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SolaraBETA.rar
Size

17.2MB
MD5

f7cc114170a1efc219a54cd4832e77b3
SHA1

97fd16f8b6e2c58aadebfb24e1b7e4a52f7163db
SHA256

fee765827631c513a0afe7577d84b66839ecce32353c176c32b39cdf6ef3924e
SHA512

ef47912bf9f395cf3957eb3a69ceb62684888bc321c1b5133dc677a056cdf5490b50b3ef06d5fdc3c801314da548c5813bb16c50cb7dece828aecac906cea6cd
SSDEEP

393216:2+CaBlJkH8D58WBfiIDR9g+2mfGKhNz9npr+6tXb:vy4NlT2mbvxpK6tr

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2844	Solara.exe

Loads dropped DLL 9 IoCs

pid	Process
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Videos\Captures\desktop.ini	svchost.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
3	raw.githubusercontent.com
11	raw.githubusercontent.com

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	RobloxPlayerBeta.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	RobloxPlayerBeta.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	RobloxPlayerBeta.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	RobloxPlayerBeta.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589578044239356"	RobloxPlayerBeta.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2994005945-4089876968-1367784197-1000\{097CC613-AFAA-434A-BCA0-A2E8522B7EC2}	svchost.exe
Key created	\REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings	cmd.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
1552	msedgewebview2.exe
1552	msedgewebview2.exe
2844	Solara.exe
2844	Solara.exe
4796	msedgewebview2.exe
4796	msedgewebview2.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe
2844	Solara.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 1 IoCs

pid	Process
4592	msedgewebview2.exe

Suspicious use of AdjustPrivilegeToken 54 IoCs

description	pid	Process
Token: SeRestorePrivilege	2248	7zG.exe
Token: 35	2248	7zG.exe
Token: SeSecurityPrivilege	2248	7zG.exe
Token: SeSecurityPrivilege	2248	7zG.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe
Token: SeShutdownPrivilege	4596	RobloxPlayerBeta.exe
Token: SeCreatePagefilePrivilege	4596	RobloxPlayerBeta.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
2248	7zG.exe
4592	msedgewebview2.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe
4596	RobloxPlayerBeta.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3148	OpenWith.exe
2424	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2844 wrote to memory of 4592	2844	Solara.exe	92
PID 2844 wrote to memory of 4592	2844	Solara.exe	92
PID 4592 wrote to memory of 3684	4592	msedgewebview2.exe	93
PID 4592 wrote to memory of 3684	4592	msedgewebview2.exe	93
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 644	4592	msedgewebview2.exe	94
PID 4592 wrote to memory of 1552	4592	msedgewebview2.exe	95
PID 4592 wrote to memory of 1552	4592	msedgewebview2.exe	95
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97
PID 4592 wrote to memory of 2540	4592	msedgewebview2.exe	97

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\SolaraBETA.rar
1⤵
- Modifies registry class
PID:2540

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3148

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3904

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\SolaraBETA\" -spe -an -ai#7zMap23400:78:7zEvent16595
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2248

C:\Users\Admin\Desktop\SolaraBETA\Solara.exe
"C:\Users\Admin\Desktop\SolaraBETA\Solara.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2844
- C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=2844.1280.1479340825835629838
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4592
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x130,0x7ff8317f3cb8,0x7ff8317f3cc8,0x7ff8317f3cd8
    3⤵
    PID:3684
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1696,10996297169639010331,11959985867933914015,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
    3⤵
    PID:644
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1696,10996297169639010331,11959985867933914015,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2180 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1552
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1696,10996297169639010331,11959985867933914015,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2484 /prefetch:8
    3⤵
    PID:2540
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1696,10996297169639010331,11959985867933914015,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
    3⤵
    PID:4712
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1696,10996297169639010331,11959985867933914015,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4724 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4796

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4056

C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
"C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4596
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff82ed0ab58,0x7ff82ed0ab68,0x7ff82ed0ab78
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:2
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2252 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3528 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4436 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4136 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:5544
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4776 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:5632
- C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe
  "C:\Program Files\Google\Chrome\Application\RobloxPlayerBeta.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4760 --field-trial-handle=1840,i,5369052879647048598,14166639651108307926,131072 /prefetch:8
  2⤵
  PID:5672

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:948

C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
1⤵
PID:3152

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:2424

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Drops desktop.ini file(s)
- Checks processor information in registry
- Modifies registry class
PID:5352

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
PID:5908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
2c881ccdf4028871e010f5e21a722452

SHA1
3d49e4ce206f32fb3f9f3b8352655409f8f85767

SHA256
5f5ffb96fb23570b54df41473a33a6e7cf4ad26b2b1531785b14e41604c1201a

SHA512
2e281ecd110a9b64a1f7cf370527539398c39841a6550105d746e4c3d12d4a70a04e15b6b75fb15dbae703aa092dca64eac439f160bf6dfd6757d29432918270

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\da430eaf-9d17-48fa-a4ba-8849f31c3ba8.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
122b4823524709843cafd24c1c5f8714

SHA1
fd761085fcc3ddaba9109db2a2d25317269e4e22

SHA256
76ae9da0d4f8579bc49976aa2d337fcb7b03dfad52845dcccd8aa6158be32f7b

SHA512
3b153acfa5e9f8b63c2dae0757f5d20062384a851ed522bf3437de8a542f6a2ca29712f5e9876d26fd3e43550244ddc776cd318ca877f59c9cda4fe9b07447f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
5a4836dfb537683e4517f89068f21328

SHA1
3f3c4d82bbacf025a172f4dd685126d6115045dd

SHA256
15c16af62f87452e65e7dd91d4353c122870eba086b0707ba65589868a0a416b

SHA512
914bb0ea5bfbafc388989e4f63e8840fd8a88210a168caacdd84da20ef091657a26d55dc94ae58915f537a080e4e03b0e8235825afef02abcb49c16633c3d6b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
78a25bfd4a6fbf0bb727832ce577a5d1

SHA1
4ddf9536bf29d6b7056fe24f017f4d8a974ef3b1

SHA256
3361467c58638f479f584f7a9b3a4bc56bb15b1cba5618b5919cf9ac45e59eb9

SHA512
f59d1bf237849a60f9d2de797c754dda6eda6caa213f601e54a0c35f6d974a142a1d387bb71a70a04c6eabfe677776e5e42cfac1bde929bfd3ddb35f57df7ff0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Microsoft.Web.WebView2.Core.dll

Filesize
488KB

MD5
851fee9a41856b588847cf8272645f58

SHA1
ee185a1ff257c86eb19d30a191bf0695d5ac72a1

SHA256
5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca

SHA512
cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Microsoft.Web.WebView2.Wpf.dll

Filesize
43KB

MD5
34ec990ed346ec6a4f14841b12280c20

SHA1
6587164274a1ae7f47bdb9d71d066b83241576f0

SHA256
1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409

SHA512
b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.dll

Filesize
985KB

MD5
8bc9404bba7520eca7b7251be6756291

SHA1
93dd99a2b072c2be32cb8bedeefac279e0846daf

SHA256
5f862734433875f2fc628f8d1e3eddd05cda785e7b08f6bcc0d06d73d1d1ce0a

SHA512
09efec78dadd45c791ee85a92c3ff06a543813f7337de2a9f43975a8b22b533b662bc2ab7383215c09dc908c42d6b008d1593402d3f13231c956778de2d1b7e6

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe

Filesize
56KB

MD5
c3256c5f0046841c566b77f0c86eedd8

SHA1
48ab4b19274e8bb4859236e73e8e2ce3b6957c59

SHA256
d51b22a5d11d05453349ef55d319f950f6b1d05ecb3c6d4f34f3f2d2dc55c63c

SHA512
cb5a224f26aade0499ca0fbc6cabe2f348eaed86812e8f5b1b271019744830dbba46544ba7d974af404fcd556f487f790affa814aae6cbd6946bb935d3de37f2

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\BrowserMetrics-spare.pma

Filesize
1.2MB

MD5
1045bfd216ae1ae480dd0ef626f5ff39

SHA1
377e869bc123602e9b568816b76be600ed03dbd0

SHA256
439292e489a0a35e4a3a0fe304ea1a680337243fa53b135aa9310881e1d7e078

SHA512
f9f8fcc23fc084af69d7c9abb0ef72c4684ac8ddf7fa6b2028e2f19fd67435f28534c0cf5b17453dfe352437c777d6f71cfe1d6ad3542ad9d636263400908fd2

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\manifest.fingerprint

Filesize
66B

MD5
33fc4bf1927352bc1845acdde3a6ba63

SHA1
63ac2f004ac10198e729e9ccf55f6ac4f7f3c622

SHA256
4ed04e713c9d8f5d80e83645b62f1be84ec0516d37f339b3d443d8f792dea113

SHA512
7e38e264713750baf58dd9ad779885a7aae5a6fcb825eaa44b3cf814dd09cd0bf8f95b5ab5db600d19a64b02ec2155b4c9a3bc2a86e9b18eece8b3100e8c2ff1

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\manifest.json

Filesize
113B

MD5
b6911958067e8d96526537faed1bb9ef

SHA1
a47b5be4fe5bc13948f891d8f92917e3a11ebb6e

SHA256
341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648

SHA512
62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
59ba0f15d1c57691967efe0ec86ebf19

SHA1
6920b1b2ad498a2f448b22055e263cc78a5b25d4

SHA256
e72d29f1d31bc4e84a95ec2751dc7b16ee82d00bc7e0989e0b3381581e09d76f

SHA512
8220ee9ac5e5050d99663d533450b0885d7a9bf83f994a1c78eb2ecf296896b6faf06c4a744b3d0bcfc69acf363f615245168826a546f413126031c74f949fd6

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
f945a4e9f796a8312b3e5dde7b90dbd5

SHA1
9e4c371e54393dd6232c0f849a0b3506e01acd2a

SHA256
cb77f27f7e2e7e262aada052c4c5b0b1a490f8bc29f64b3c364f1d34045683b3

SHA512
bb78a00b8bdae29e82f55e0a3528f32f6a5020debc4cba204ce93fe1ae1ea3e14f3b695477381416671ca9b0bf236b67aea186d15b013fc2a2d619dd6a7b82c7

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Crashpad\throttle_store.dat

Filesize
20B

MD5
9e4e94633b73f4a7680240a0ffd6cd2c

SHA1
e68e02453ce22736169a56fdb59043d33668368f

SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
ba773c8842db276a48f01c19ab39456f

SHA1
ed613a87271a007206ab43e6384d45245bdf6ead

SHA256
17b84a64ca830979764fa834a198f51c23370f097a8880683845cf9eed48b605

SHA512
359ce3d1a59107b87e1dba2ef044c2d3df09d924aa444affaff38870b399402134f018e46188b4ee877c9612d9a6458aa4c1f2cda55bb6471c72516be5b075e7

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
48B

MD5
1ae1b6b4979c7e8ccbd51d0054ad146d

SHA1
9e90d846134af41a92d3cdeb6a71dbaecc3b6f7b

SHA256
e1b62e55c3522391f104422bf4d35ec0e4b523c53d618f02d29735c46846bc6f

SHA512
2d2f62eedcb6984bfebca9a74af8329f1b60fb45a178c63fc7c26d7867dfd7c400968c7deebe6568c6142a9bc1f9db1254fe9a5fc5baa06caf37dc00f16eeb83

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Extension State\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Favicons

Filesize
20KB

MD5
f56e431b1d09b7ee9076ac27c118cd1e

SHA1
fd00bdd050f91f04e12091c5786438f7f9b0b28f

SHA256
0db6438854d1086c869c9bda01877547517cd155cc8336dc1838abe3458b4bf6

SHA512
54f7b298f2f7447fa071f58bdb1bb80acbdb1c0de4ea46760d391427649b8f255f040c650ab758700289ad5b35096ef8192eff77c4e3c47d72713148a4ad3714

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\GPUCache\data_0

Filesize
44KB

MD5
aac0250a11cf3b2d54ede6fb6c60fbfe

SHA1
6fe516e7d6f763623c640b30c4c0a48d91e567e3

SHA256
ed3e257fb5b39fd2ec3204c73f0bdea4c771284697b5e11b771e65ad6ad31ecd

SHA512
3f99c9ffc1eec32176f71237fb0d3eb3e7ee9848c67cc42d7de7c4f137617850cd69438aaf508b74c59d71571b023af816b3bf992485dc6a2c221ed2a6304741

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\GPUCache\data_1

Filesize
264KB

MD5
41494c9b9bfa5ed0c1a2b92591cdeff2

SHA1
d3706f9863437b24bfc6d5cedb779e8ed88b8e54

SHA256
309041dbf6998978c612beb76133cad7b928be8597d6c9e62ad68f62301a5810

SHA512
1160fa722c7c55e437417819a76f11861ac54a0a518f79d10c9d9641a6fb83d195f904fcba45d447bee1c78cc05aca475b1153964f97afaac1809820483db001

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\GPUCache\data_2

Filesize
1.0MB

MD5
2a5c726f95e1579781ce158a7782bc36

SHA1
cc53a7876e8f7b727358c90071f64158dee54110

SHA256
f19452da18ceed7de6659ec795719042920e91f9b32280c78edaa9e480d530e8

SHA512
a18bff3ee9ad4a38ae92c85f695bcc8961fb07a3ba8d3ba7a0c42c4627eb92d1dd1e176435fdaeb843f90f216dedfe322468c70ccf87ebeed9a7b346d20fdca5

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\GPUCache\data_3

Filesize
4.0MB

MD5
e4904c98a262ebe6a1619eff05510b48

SHA1
0fdba1e9123f75d1e4e35baf7d73de81dcff9ad7

SHA256
8d2848a9c3455478bfb9acda01d7efdcc49aff7f4a20fb91cefe6f307b616b26

SHA512
7f0eebb0b01942f46da2cc585b01e78e247dad2b4a98ab5eba2ea1680cac32a5ee90750372f3e0ffc35ae59b36768da98c9af3301088a982534c29472e2c1cba

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\GPUCache\index

Filesize
256KB

MD5
9af4c84f0589ef4597b1524dd367f006

SHA1
107a65b6ff7d73bd8369997705b86bbce536911f

SHA256
a55d854c81f65700e7c062f461c10bb848cac7a6aab641e810103a39ebbf3c06

SHA512
89504e7edfdcf99122d54d681e4b4675892b3fddf328b20a60b06f26f07547f79a40071a5ecb05f36b65dafafc6f85a7abb1c460e9b74a2a1de9c7c63961ed5f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\History

Filesize
164KB

MD5
95fe549f1ee2b6195312b4728ac50646

SHA1
3e6d31dc4c97653232475cb0e2078dfec5eee85c

SHA256
555ec244736d15c52bb59bcdd76d15d9920568e84ad41a8a0a8abfcebe3eeccf

SHA512
bdc40e1a664d54846f423ccd2638a8c4d2d373217d2b3a43ccef5ddbda3dc3a5c44208fb1109a8382a8794b21396563b48b99cb77e013c12211d0d6e622c29d5

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Local Storage\leveldb\LOG

Filesize
353B

MD5
6a1dce356817253660ab1739910b6c62

SHA1
83b04df716c603be26357048552600f58b140060

SHA256
c03857710e3615bd1afa0c76e745545ce54ea3c03d8ccc7ab2ee0c97b3035dc1

SHA512
b3b29a25852efe4b96a028c196c1450d11db521fc282b6ac4d753102770b88000fdd23690a99be62e06a34e01a07c35bb19140ee1628959192f5fb9388a8e33e

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Local Storage\leveldb\LOG.old

Filesize
356B

MD5
752bcba57155e170282d99220ba0e71d

SHA1
0db4f22f2270c20979871d3cddb9eb6a0be1faee

SHA256
6692e855d7e4227c983ce9554397a5383b1f4adab2a0e66d6269a399a4cf7122

SHA512
f1d822c7ac5f366857c8971f2297390b77e27680f732d80e2411d71f48210ab9145da7d8cf2ccc29af88d073847390a92d23646af80544cd03f468aa84634e25

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Login Data

Filesize
42KB

MD5
5cdbe5fe7b39e0617a15efa1daca1f6b

SHA1
eace7b5e04c4d3fcb5a48baf00a9f1aa41ff7e13

SHA256
ee6731dd6cdae816e48422f6f77482460ec71446d7450e7d9c363bc4f76a0842

SHA512
8e85f436537d2a15fdbb1199af7f1df7eed3f31a9b8b1c2e299bfd6bb9c511279eace1dac6a3edb62b7be458d68e4c24e82e466dc2095bff5f6cfa8d844e6e42

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Preferences

Filesize
8KB

MD5
fd7000a151bb6ec50df5e1e6df8f966c

SHA1
3f573d52f897b6d327e3459e0cffdaa5cccdb7a4

SHA256
cdce71e577734f4686c4abbd175259d25af9c8e8ef95e29bc5ef79901cbd2304

SHA512
7455b95aaab28f088f21d7322098bcab23b82b858dafe5fa8c2a17d08bb5cc0857da06b2d48fd84455d90000b253c37bdfd901ceee166fc7100be464710e259f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Preferences

Filesize
9KB

MD5
39d2655142755bcd91768ba84e63e0b9

SHA1
3b39aa3c55c8252e06d7acc6cec1da253012e086

SHA256
35b7c5206d094734c80fc75756fde0d47feeb574f31f29e99a8c87ccd6e72e93

SHA512
9174394a1ee5f0f20edeec5bb3b2cbf47407eca5bcb7ff2fc9f2d11b41f4991f58dd48ccebca450dc99e2ed0684916f4c95dd4ee2215e3bdfde6fab0925200c6

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Secure Preferences

Filesize
6KB

MD5
91f50a4603ebc352f44ad90cc0fa1fc6

SHA1
bce527c69251c495e29c9bd8045cbcf2800c2392

SHA256
d01d65aa648118742db4c773c427e6cea1d7a266a4c15f215ca6e443333274d6

SHA512
66b3dd012e7d2c67590ffedad4d5899a017a63019e09c305aeb589655ff9289d077ea0523043ae9327aee2de421a61e8666fffbffabde759cdd459b5eab70c40

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Secure Preferences

Filesize
6KB

MD5
79390a1639dccaacf6ee1013fb26a2b3

SHA1
6c086928ba2830081a01061ab4cda14cdc03e3ad

SHA256
49ef77130913cd1f7b454d6642f4baa6b9a179e5af210268dbf1788c5124f630

SHA512
d7b35d1ba6f0612ab9dc54a1d6d77a5baab585718423d4b33f4a17fbc4ca7d191f7b4c9ace7bd3e532e76c71e89846c6fe4ce8cddbb2f4a63508a5d5ac5a2445

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Site Characteristics Database\000003.log

Filesize
40B

MD5
148079685e25097536785f4536af014b

SHA1
c5ff5b1b69487a9dd4d244d11bbafa91708c1a41

SHA256
f096bc366a931fba656bdcd77b24af15a5f29fc53281a727c79f82c608ecfab8

SHA512
c2556034ea51abfbc172eb62ff11f5ac45c317f84f39d4b9e3ddbd0190da6ef7fa03fe63631b97ab806430442974a07f8e81b5f7dc52d9f2fcdc669adca8d91f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG

Filesize
372B

MD5
5bca6f82f45f014bae01d2587b392d57

SHA1
6f16ff9e694cad24cd9314c5662d889c7ced68bd

SHA256
eb73ace559f1427cc279861675443c96a60dacc0e28d6498a11b0e23e01d2f1a

SHA512
0666012cb782d5b66d15a8a180fa38f65b657ae0dcb46286a40d6f8861bfa9e1f1f755f943e608b5f3b1b18cea932a45592669b856b90115e455fe7fa2437773

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG.old

Filesize
372B

MD5
ab0a6a0e2cf417f5fdf2c636882c1c2f

SHA1
35a4ea75cec116c50c30432cc2affe5dbf2b8e31

SHA256
546253b283038f96103c7ada9c79b59e1aa47fe9007e36eb9448a068344f56f9

SHA512
b8f84c1b7cdf497e303bc8d6e1064177e15129a683aad536b0f73320e488d1c9d6c22b7603a0adf9ea4aacc092fb32bcadf57c84b5f5aa785588c6bebe9df48f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\000003.log

Filesize
46B

MD5
90881c9c26f29fca29815a08ba858544

SHA1
06fee974987b91d82c2839a4bb12991fa99e1bdd

SHA256
a2ca52e34b6138624ac2dd20349cde28482143b837db40a7f0fbda023077c26a

SHA512
15f7f8197b4fc46c4c5c2570fb1f6dd73cb125f9ee53dfa67f5a0d944543c5347bdab5cce95e91dd6c948c9023e23c7f9d76cff990e623178c92f8d49150a625

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG

Filesize
348B

MD5
6760f651e3007805f17aa04477f03385

SHA1
35668b9637c3f106819c7a455c838cc3e6a3225e

SHA256
5a960925883b2a7444276b996a6870dd23149950103da3429f05994d1fb2c214

SHA512
477270291f3340bb97971e38f871318a1c1f6ed05538fd25944b9b1a58a3d44da14165f58152b9a6d68e45109c3b0a6cd002018c943bae41f6e0e792a05c01c3

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG.old

Filesize
348B

MD5
9399a141eb27be13735ccaad17c3e177

SHA1
ba7102afe868cf2bbcb9ebe226208e95678728f1

SHA256
ed0e7d3ba243b549325ecf1592aba023f61b1fbb7f7df2eaf7a234eefd2e37db

SHA512
dddf6e7db0a3699982191b2a27ef82360522d6180d448895d786b779a710334aeaa30e1e2f55ee4cbe55b28a155a2261eed8cf9aa220d94a3cd4d30209afde4e

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Top Sites

Filesize
20KB

MD5
3e18f6a36b53ca0b2567e692a305fd71

SHA1
c745c041f98e49bf3b738cbe55bfb461811ae1a6

SHA256
9484455a6af32c6b038c17221666c00e3dd0ddce4ba3bdcd93d3b8618af0e9f0

SHA512
6006fc6d36c50be687970165b5c3967a5682ca140f76db8d12c87e6c624b1ab294cfb42cc0238f17670ae70d50bc83212828b23d75d722465760d801c957bb9b

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Visited Links

Filesize
128KB

MD5
698d514f5e2529a36a4773d0c9bd140f

SHA1
1f296d3b745b351498a3226b294a37d1b282c6b5

SHA256
aa6876f83a926158278dca93fedb06e15a87e3922078ec8316a96868777abeca

SHA512
eab69055a779337c1836ee8609ad57d50fb3f6751207a25483b205e539e1a9e0830cd7f96d5a140f89e866984165dd3dd9ccefe98611e80964a31f8f6ebf76ab

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\Web Data

Filesize
218KB

MD5
4e059c230a4ac8c449d29a2c996e1556

SHA1
d97a6556be4a84c8fbaec0aca7d80fb580ffdf1b

SHA256
c20394a8f0de3b223723c7b358c90a9ad2b0538bed9810dd09a630ed1fa8b038

SHA512
d4b588aa6c44402bd1e353e14c43b2406b3bd8a4e028e77a4cf28dfb088a62ebf17480f73057f5825d342d337b785cec079b62af57a8d03625172b8c044ac651

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\GraphiteDawnCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\GraphiteDawnCache\data_1

Filesize
264KB

MD5
d9d7577120ca65ce86e5b88cb08ebd4b

SHA1
89564eb3ba29fed2fda88db5931ba02e154fd5fc

SHA256
4acba60bc53a48d063d6f657858592f865e6470064f5e5555b8d1d049c677b1e

SHA512
7ce164f3c8623936b8bf605cf4208f095c9e74fc9701d7b5eb4e8956d736d6d497b012653a99819ab569929e5cda618c8ff167ad354573c9aeb7bec3936f3ae0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\GraphiteDawnCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\GraphiteDawnCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Local State

Filesize
19KB

MD5
167251c01e1f9a7524f50c649a6d239b

SHA1
2eb1727cb45e4eb5c254cbe85226a7dbca3c9ed0

SHA256
5d3f9e4c8491cc26db0315123d1b8fc9498dfef00e26fdae35ad7b95c6f3de45

SHA512
34bff7557dd99f888b2c0bafefa4ab2c8571d21478d4a3a12220a00d1286228ed452a238ed9a3a31d958fe6120382014fc01502a5e5154f56ae81ac88e5d9b1c

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Local State

Filesize
18KB

MD5
930be8d8ec0e656f7e9b0e205f72ffb2

SHA1
0e77c246911a137202d4093467ff0b8b261a35df

SHA256
b45ee9beefcbc2ac48738bd98c319ad807cc7cb23df0fb13b4b8e06a213642d4

SHA512
895e760e208c1dc750b42be0a72cba943355e025e61a256274038995cf64714ff438a50d9081000d0017cfbdb8a0e7985ffcefac0d9ac5190105517cb711642c

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Local State

Filesize
18KB

MD5
ea2ba72ad46c6692bbbfe981f8972ed2

SHA1
d7dd00f9c1d8ed1b1970fd3b3af40cd312b6862e

SHA256
d5290fa6338edb523d65c57018af6c1251312029beb0de636c6c2aa8a0fe2fe8

SHA512
79c5be2a4a2803b066eece90272091ee1e6bd96b71d2d1a083cf5590a399e00dbc899ddc8f50ea4949300d67c6ab65cc16b37be25fd8256241805d26e3595b0f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\OriginTrials\0.0.1.4\manifest.fingerprint

Filesize
66B

MD5
7ce55ac0d7683657fd051e573ad06e30

SHA1
3bc51fbc6155c4e9d1439587e1c739995054cc52

SHA256
138e2b36e4c8bec8b00180558843355037d7de99c389f46e6183c4fc5a34c790

SHA512
f269c5c2ee53ed836bfd1b928b40e1ddb2aaea00e5585c85fecfcb1add71130d4ecfe91d2f2527934ac472c8b432d3475ca02b8f808e7e6014cd49155529d9a2

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\OriginTrials\0.0.1.4\manifest.json

Filesize
43B

MD5
55cf847309615667a4165f3796268958

SHA1
097d7d123cb0658c6de187e42c653ad7d5bbf527

SHA256
54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877

SHA512
53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Speech Recognition\1.15.0.1\Microsoft.CognitiveServices.Speech.core.dll

Filesize
2.6MB

MD5
0ee2b50c85a110689352fccfa77b5b18

SHA1
d9ecc4b12d2d50e3cbce40e75edad804c9988b25

SHA256
62a13d8459e0992c311dc3551bf3c2d1ce167ea7fa40f0ec62193f3bd760b36e

SHA512
a4f94a05a69b5ae3a0ecf8bdb7592f698d0df81e2f1fae679f38890ad04a2384883837bc792c73848955ff4af7afed49d38839f7ab174454e61919ed78655bff

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Speech Recognition\1.15.0.1\manifest.fingerprint

Filesize
66B

MD5
5bbd09242392aacbb5fac763f9e3bd4e

SHA1
14bb7b23b459ce30193742ed1901a17b4dcf9645

SHA256
22b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297

SHA512
541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Speech Recognition\1.15.0.1\manifest.json

Filesize
76B

MD5
ba25fcf816a017558d3434583e9746b8

SHA1
be05c87f7adf6b21273a4e94b3592618b6a4a624

SHA256
0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

SHA512
3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\manifest.fingerprint

Filesize
66B

MD5
88ee70021dc7963e80800e95e2d84685

SHA1
faf1a82055b22ff87579413bf88ae61ff908f815

SHA256
4fddeb8ba4bd8533e08121c1fe7c6c976332f2d0d3b9347cdd636e4cf6520580

SHA512
83c9079f58b46fa0806ea1d26988adf410f76853609109ce936a6a4f734a808e42186da8e909c04928899f5b75ff1e5d0fb477ebf1aa5c06b191ff8589047efb

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\manifest.json

Filesize
116B

MD5
178174a0125d4ff3ed5211426f1ea113

SHA1
26f72c5a2f65c767c4edb04d8da62bdadc02e809

SHA256
64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f

SHA512
c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-as.hyb

Filesize
703B

MD5
8961fdd3db036dd43002659a4e4a7365

SHA1
7b2fa321d50d5417e6c8d48145e86d15b7ff8321

SHA256
c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

SHA512
531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-hi.hyb

Filesize
687B

MD5
0807cf29fc4c5d7d87c1689eb2e0baaa

SHA1
d0914fb069469d47a36d339ca70164253fccf022

SHA256
f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

SHA512
5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Solara.exe.WebView2\EBWebView\hyphen-data\101.0.4906.0\hyph-nb.hyb

Filesize
141KB

MD5
677edd1a17d50f0bd11783f58725d0e7

SHA1
98fedc5862c78f3b03daed1ff9efbe5e31c205ee

SHA256
c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

SHA512
c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\WebView2Loader.dll

Filesize
134KB

MD5
7bf24896b80f336c1d16b488f89fef34

SHA1
50db3c6002a85894f7b960aee1d01b5537a7057b

SHA256
28cee166d574b246aa076eb59e24567026c7782f9a70a05b48a61508589e6840

SHA512
07a660ab26343cb45602710a2935c6b948c80976de612ac403a6e354f7bedbe56e1e92f95cfb0ffa746625a3da5108c9a796941a0db462621ecb653a752766f0

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\Wpf.Ui.dll

Filesize
5.2MB

MD5
aead90ab96e2853f59be27c4ec1e4853

SHA1
43cdedde26488d3209e17efff9a51e1f944eb35f

SHA256
46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed

SHA512
f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\WpfApp1.exe.WebView2\EBWebView\Default\Extension Rules\000003.log

Filesize
38B

MD5
51a2cbb807f5085530dec18e45cb8569

SHA1
7ad88cd3de5844c7fc269c4500228a630016ab5b

SHA256
1c43a1bda1e458863c46dfae7fb43bfb3e27802169f37320399b1dd799a819ac

SHA512
b643a8fa75eda90c89ab98f79d4d022bb81f1f62f50ed4e5440f487f22d1163671ec3ae73c4742c11830214173ff2935c785018318f4a4cad413ae4eeef985df

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\WpfApp1.exe.WebView2\EBWebView\Default\Safe Browsing Network\Safe Browsing Cookies

Filesize
20KB

MD5
26fc054d6e2537d0eefc2adccd8aed48

SHA1
57d91cc39566739e53ee686fdf54a54db586225e

SHA256
f1f4cab488693f20a1daa0d0d9bf8d5f4bd066d939fbcb78e3c1eb5b44582e4d

SHA512
b674081966ad1cf5318e3e86c628c13cdc67bb53cbea5a49992551033fe9730206d7133aaf0535c95a6245a2e20522a9ea9bc7c414a72cf08be8f5c2d81611b8

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\WpfApp1.exe.WebView2\EBWebView\GrShaderCache\f_000001

Filesize
16KB

MD5
93b26a977cf99c9d7038ce067f3f6c19

SHA1
daae119d188382adec6aad4c5c34c64adba38ca8

SHA256
63c283447cef315cb5165e4f0b879f2554c854f8de5b9919d2578441b4f92e80

SHA512
c3ef41ba6bde3aa36479efae3f15c9dc45487615c58a240728b03b1c2b06e31c14810a1344a22f923387c33de731ab70994c3265a023c13dbaaba3f829884464

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\WpfApp1.exe.WebView2\EBWebView\Subresource Filter\Indexed Rules\36\10.34.0.52\LICENSE

Filesize
24KB

MD5
aad9405766b20014ab3beb08b99536de

SHA1
486a379bdfeecdc99ed3f4617f35ae65babe9d47

SHA256
ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

SHA512
bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\libcurl.dll

Filesize
522KB

MD5
e31f5136d91bad0fcbce053aac798a30

SHA1
ee785d2546aec4803bcae08cdebfd5d168c42337

SHA256
ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671

SHA512
a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\msvcp140.dll

Filesize
576KB

MD5
7b92a6cb5d2cad407c457ab12d2b211d

SHA1
e04020b3448fc6084fa31b7f791f22ff15e31328

SHA256
3c6a772319fff3ee56d4cedbe332bb5c0c2f394714cf473c6cdf933754114784

SHA512
b28740c1aca4f0f60a9e4a9ab5a0561af774d977ab6d42a7eea70c9e560c77c50be5d9d869f05d0435e2923f4f600219335d22425807ab23cbbcda75442c4b42

Download Submit
C:\Users\Admin\Desktop\SolaraBETA\runtimes\win-x64\native\WebView2Loader.dll

Filesize
158KB

MD5
aee20ef43cf692c9080c5973b1b79855

SHA1
b3885791b0e122f8360d6fb7c0e0ac7fe4fa14fb

SHA256
31423e905e29c8a40a483e81dae1491990805fa066634d218b35bb96692bef0d

SHA512
eab6684095c0a7555d921fb1a2e136fa1d761c5766c48571000a97403e6d437a3a4833c571f86c039aa8307fb2fc3fae1acffd63085ae9d2ea0d9e7f9ec1ace6

Download Submit
C:\Users\Admin\Videos\Captures\desktop.ini

Filesize
190B

MD5
b0d27eaec71f1cd73b015f5ceeb15f9d

SHA1
62264f8b5c2f5034a1e4143df6e8c787165fbc2f

SHA256
86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

SHA512
7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

Download Submit
memory/644-1515-0x0000017260140000-0x00000172602EC000-memory.dmp

Filesize
1.7MB

Download
memory/644-1388-0x00007FF85A810000-0x00007FF85A811000-memory.dmp

Filesize
4KB

Download
memory/2540-1516-0x00000276C6140000-0x00000276C62EC000-memory.dmp

Filesize
1.7MB

Download
memory/2844-1359-0x000002D4781F0000-0x000002D4782AA000-memory.dmp

Filesize
744KB

Download
memory/2844-1363-0x000002D478330000-0x000002D4783AE000-memory.dmp

Filesize
504KB

Download
memory/2844-1358-0x000002D478730000-0x000002D478C6C000-memory.dmp

Filesize
5.2MB

Download
memory/2844-1356-0x000002D475960000-0x000002D475972000-memory.dmp

Filesize
72KB

Download
memory/2844-1502-0x00007FF8335A0000-0x00007FF8335C4000-memory.dmp

Filesize
144KB

Download
memory/2844-1590-0x000002D47D8A0000-0x000002D47D952000-memory.dmp

Filesize
712KB

Download
memory/2844-1591-0x000002D47D830000-0x000002D47D852000-memory.dmp

Filesize
136KB

Download
memory/2844-1369-0x000002D47BDC0000-0x000002D47BDF8000-memory.dmp

Filesize
224KB

Download
memory/2844-1361-0x000002D475E50000-0x000002D475E5E000-memory.dmp

Filesize
56KB

Download
memory/2844-1368-0x000002D4786B0000-0x000002D4786B8000-memory.dmp

Filesize
32KB

Download
memory/2844-1370-0x000002D47BD90000-0x000002D47BD9E000-memory.dmp

Filesize
56KB

Download