Analysis Overview
Threat Level: Likely malicious
The file https://tlauncher.org/en/ was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
UPX packed file
Loads dropped DLL
Modifies file permissions
Registers COM server for autorun
Blocklisted process makes network request
Installs/modifies Browser Helper Object
Checks installed software on the system
Enumerates connected drives
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Modifies Internet Explorer settings
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Modifies system certificate store
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Uses Task Scheduler COM API
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-01 05:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-01 05:16
Reported
2024-05-01 05:25
Platform
win7-20240221-en
Max time kernel
143s
Max time network
479s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaws.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaws.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0159-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0178-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0248-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0070-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0311-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0078-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0039-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0230-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0379-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0166-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0060-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0199-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0309-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0096-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0372-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0102-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0336-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0352-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0162-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0145-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0086-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0264-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0144-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0265-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0102-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0172-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0360-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0130-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0303-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0080-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0056-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0236-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0210-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0087-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0310-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0265-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0273-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0357-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0237-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0015-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0168-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0203-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0256-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0324-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0346-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0231-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0115-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer = "1" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\NoExplorer = "1" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File opened for modification | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Java\jre-1.8\lib\psfont.properties.ja | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\icu.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\verify.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\javaws.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\gstreamer-lite.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-file-l2-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\resources.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Oracle\Java\javapath | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages_pt_BR.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\jfxswt.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\rmiregistry.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\dtplugin\npdeployJava1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\ext\localedata.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-util-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\decora_sse.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\policytool.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\management\snmp.acl.template | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\README.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\fonts\LucidaSansRegular.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\ffjcext.zip | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages_es.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\Welcome.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\javafx.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\jce.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\wsdetect.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\management.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\fonts\LucidaBrightItalic.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\npt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-locale-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\images\cursors\win32_CopyDrop32x32.gif | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\servertool.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\plugin.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jsdt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages_zh_HK.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\sunec.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\accessibility.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\tzmappings | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-handle-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-rtlsupport-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\server\classes.jsa | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jaas_nt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\server\jvm.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_259526726\javaw.exe | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_259526726\javaws.exe | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\pack200.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\fonts\LucidaTypewriterRegular.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jp2native.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\jfr\default.jfc | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\splashscreen.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\trusted.libraries | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\sound.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\javaws.policy | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\glib.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\dom.md | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\MSIF3C9.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI45BD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77ee36.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f77ee36.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF477.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF555.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF8C4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF78B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77ee3b.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f77ee39.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF466.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF497.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF505.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF585.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f77ee39.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF535.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF596.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF76B.tmp | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\msiexec.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\msiexec.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\Compatibility Flags = "1024" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppName = "javaws.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\Policy = "0" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppName = "ssvagent.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\Policy = "3" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4B5F-9EE6-34795C46E7E7} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppName = "jp2launcher.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\Policy = "3" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\AlternateCLSID = "{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0216-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0074-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0096-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0124-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0083-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0203-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0279-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0042-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0097-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0059-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\ = "Java Plug-in 1.4.2_16" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0055-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0158-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0076-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0099-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0180-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0278-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0260-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0065-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0044-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0005-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0071-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0123-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0084-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0017-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0291-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0146-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0035-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0255-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0131-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_131" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0379-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0214-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0150-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0342-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_342" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0196-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0367-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0037-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0067-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0353-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0192-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0032-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0140-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0157-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0377-ABCDEFFEDCBB}\ = "Java Plug-in 1.8.0_377" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0392-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_392" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0083-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0067-ABCDEFFEDCBC}\ = "Java Plug-in 1.5.0_67" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0153-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0182-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_24" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0348-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0331-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0189-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0056-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0092-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0321-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0364-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0062-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0071-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0213-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0272-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0078-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0286-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0187-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0261-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0301-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0382-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0272-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0402-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0150-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_150" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0085-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_85" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0027-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0194-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0105-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0150-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0314-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_45" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0072-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0137-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0370-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0068-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0249-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_04" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0148-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_148" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0216-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0199-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0324-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0091-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0117-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_117" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0311-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0385-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0034-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0405-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0146-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0080-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0170-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0073-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0151-ABCDEFFEDCBA}\ = "Java Plug-in 1.6.0_151" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0141-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaws.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaws.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://tlauncher.org/en/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7019758,0x7fef7019768,0x7fef7019778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1640 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2140 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2104 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1008 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3212 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3512 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3572 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1616 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3432 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=788 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3940 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3960 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3700 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4116 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4132 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3948 --field-trial-handle=1244,i,16817293068794759356,18031720488682227086,131072 /prefetch:8
C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe
"C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe"
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe" "__IRCT:3" "__IRTSS:24068259" "__IRSID:S-1-5-21-1298544033-3225604241-2703760938-1000"
C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe" /NOINIT /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe" /NOINIT /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini __IRAOFF:1679762 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe" "__IRCT:3" "__IRTSS:1708464" "__IRSID:S-1-5-21-1298544033-3225604241-2703760938-1000"
C:\Users\Admin\AppData\Local\Temp\jre-windows.exe
"C:\Users\Admin\AppData\Local\Temp\jre-windows.exe" STATIC=1
C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe
"C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe" "STATIC=1"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe -Embedding A5DBDF0E331296F3C0811485D7DB7D43
C:\Program Files\Java\jre-1.8\installer.exe
"C:\Program Files\Java\jre-1.8\installer.exe" /s INSTALLDIR="C:\Program Files\Java\jre-1.8\\" STATIC=1 INSTALL_SILENT=1 REPAIRMODE=0 ProductCode={71024AE4-039E-4CA4-87B4-2F64180401F0}
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xshare:dump -Djdk.disableLastUsageTracking
C:\Program Files\Java\jre-1.8\bin\ssvagent.exe
"C:\Program Files\Java\jre-1.8\bin\ssvagent.exe" -doHKCUSSVSetup
C:\Program Files\Java\jre-1.8\bin\javaws.exe
"C:\Program Files\Java\jre-1.8\bin\javaws.exe" -wait -fix -permissions -silent
C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe
"C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre-1.8" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxsaWJcZGVwbG95LmphcgAtRGphdmEuc2VjdXJpdHkucG9saWN5PWZpbGU6QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZS0xLjhcbGliXHNlY3VyaXR5XGphdmF3cy5wb2xpY3kALUR0cnVzdFByb3h5PXRydWUALVh2ZXJpZnk6cmVtb3RlAC1Eam5scHguaG9tZT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxqYXZhd3MuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxkZXBsb3kuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW5camF2YXcuZXhl -ma LXdhaXQALWZpeAAtcGVybWlzc2lvbnMALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Program Files\Java\jre-1.8\bin\javaws.exe
"C:\Program Files\Java\jre-1.8\bin\javaws.exe" -wait -fix -shortcut -silent
C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe
"C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre-1.8" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxsaWJcZGVwbG95LmphcgAtRGphdmEuc2VjdXJpdHkucG9saWN5PWZpbGU6QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZS0xLjhcbGliXHNlY3VyaXR5XGphdmF3cy5wb2xpY3kALUR0cnVzdFByb3h5PXRydWUALVh2ZXJpZnk6cmVtb3RlAC1Eam5scHguaG9tZT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxqYXZhd3MuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxkZXBsb3kuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW5camF2YXcuZXhl -ma LXdhaXQALWZpeAAtc2hvcnRjdXQALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe -Embedding B124C247C9864651D448B834DDCE1532 M Global\MSI0000
C:\Program Files\Java\jre-1.8\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserWebJavaStatus
C:\Program Files\Java\jre-1.8\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserPreviousDecisionsExist 30
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding A38401B76CB670DF7786E924D071A2B2
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 00060549B07131401785C3180FC474F2 M Global\MSI0000
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Windows\system32\icacls.exe
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe -Xmx1024m -Dfile.encoding=UTF8 -Djava.net.preferIPv4Stack=true --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED --add-opens=java.desktop/java.awt=ALL-UNNAMED --add-opens=java.desktop/sun.awt.image=ALL-UNNAMED --add-opens=java.desktop/sun.java2d=ALL-UNNAMED --add-opens=java.desktop/java.awt.color=ALL-UNNAMED --add-opens=java.desktop/java.awt.image=ALL-UNNAMED --add-opens=java.desktop/com.apple.eawt=ALL-UNNAMED --add-opens=java.base/java.util.regex=ALL-UNNAMED --add-opens=java.desktop/javax.swing=ALL-UNNAMED --add-opens=java.desktop/java.beans=ALL-UNNAMED --add-opens=javafx.web/com.sun.webkit.network=ALL-UNNAMED -cp C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\aopalliance-1.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\checker-qual-3.12.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-codec-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-compress-1.23.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-io-2.11.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-lang3-3.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-1.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-api-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-vfs2-2.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\desktop-common-util-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\DiscordIPC-0.5.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\dnsjava-2.1.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\error_prone_annotations-2.18.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\failureaccess-1.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\fluent-hc-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\gson-2.8.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guava-31.0.1-jre.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-assistedinject-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\hamcrest-core-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\http-download-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpclient-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpcore-4.4.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\j2objc-annotations-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jakarta.inject-api-2.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javax.annotation-api-1.3.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-api-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-core-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-impl-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jcl-over-slf4j-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jopt-simple-5.0.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\json-20230227.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jsr305-3.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junit-4.13.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-native-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junrar-0.7.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\log4j-1.2.17.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-classic-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-core-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\lombok-1.18.30.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-api-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svn-commons-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svnexe-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\MinecraftServerPing-1.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\mockserver-netty-no-dependencies-5.14.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\modpack-dto-2.2914.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\picture-bundle-3.72.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\plexus-utils-1.5.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\regexp-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\skin-server-API-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\slf4j-api-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\statistics-dto-1.73.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\tlauncher-resource-1.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\url-cache-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\xz-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\original-TLauncher-2.923.jar; org.tlauncher.tlauncher.rmo.TLauncher -starterConfig=C:\Users\Admin\AppData\Roaming\.tlauncher\starter\starter.json -requireUpdate=false -currentAppVersion=2.923
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic CPU get NAME
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic CPU get NAME
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & set processor
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\dxdiag.exe
dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\SysWOW64\dxdiag.exe
"C:\Windows\SysWOW64\dxdiag.exe" /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic qfe get HotFixID
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic qfe get HotFixID
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| GB | 142.250.180.3:80 | www.gstatic.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | hcaptcha.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.18.125.91:443 | hcaptcha.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 2.18.190.81:80 | apps.identrust.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.37.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | javadl.oracle.com | udp |
| NO | 104.110.22.225:80 | javadl.oracle.com | tcp |
| NO | 104.110.22.225:443 | javadl.oracle.com | tcp |
| US | 8.8.8.8:53 | sdlc-esd.oracle.com | udp |
| US | 23.220.112.104:443 | sdlc-esd.oracle.com | tcp |
| US | 8.8.8.8:53 | javadl-esd-secure.oracle.com | udp |
| NL | 92.123.165.224:443 | javadl-esd-secure.oracle.com | tcp |
| US | 8.8.8.8:53 | rps-svcs.oracle.com | udp |
| NL | 92.123.165.224:443 | rps-svcs.oracle.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c1.gcp.gvt2.com | udp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | www.java.com | udp |
| NL | 23.62.61.163:443 | www.java.com | tcp |
| US | 8.8.8.8:53 | sjremetrics.java.com | udp |
| IE | 66.235.152.156:443 | sjremetrics.java.com | tcp |
| US | 8.8.8.8:53 | repo.tlauncher.org | udp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.37.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | page.tlauncher.org | udp |
| US | 104.20.37.13:443 | page.tlauncher.org | tcp |
| US | 104.20.37.13:443 | page.tlauncher.org | tcp |
| US | 104.20.37.13:80 | page.tlauncher.org | tcp |
| US | 8.8.8.8:53 | repo.fastrepo.org | udp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | page.tlauncher.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 8.8.8.8:53 | img.tlauncher.org | udp |
| US | 8.8.8.8:53 | img.fastrepo.org | udp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 172.67.70.32:80 | img.fastrepo.org | tcp |
| US | 8.8.8.8:53 | launchermeta.mojang.com | udp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 13.107.246.64:443 | launchermeta.mojang.com | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| US | 8.8.8.8:53 | stat.fastrepo.org | udp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| US | 8.8.8.8:53 | dl2.fastrepo.org | udp |
| US | 104.26.11.134:443 | dl2.fastrepo.org | tcp |
| US | 104.20.37.13:80 | tlauncher.org | tcp |
| US | 104.20.37.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | piston-meta.mojang.com | udp |
| US | 13.107.246.64:443 | piston-meta.mojang.com | tcp |
| US | 8.8.8.8:53 | res.tlauncher.org | udp |
| DE | 78.46.66.120:443 | res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | cl2-res.tlauncher.org | udp |
| US | 104.20.37.13:443 | cl2-res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | piston-data.mojang.com | udp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 8.8.8.8:53 | launcher.mojang.com | udp |
| US | 13.107.246.64:443 | launcher.mojang.com | tcp |
| US | 13.107.246.64:443 | launcher.mojang.com | tcp |
| US | 8.8.8.8:53 | resources.download.minecraft.net | udp |
| US | 13.107.246.64:443 | resources.download.minecraft.net | tcp |
| US | 13.107.246.64:443 | resources.download.minecraft.net | tcp |
| US | 8.8.8.8:53 | libraries.minecraft.net | udp |
| US | 13.107.246.64:443 | libraries.minecraft.net | tcp |
| US | 8.8.8.8:53 | files.minecraftforge.net | udp |
| US | 172.67.161.211:443 | files.minecraftforge.net | tcp |
| US | 8.8.8.8:53 | maven.minecraftforge.net | udp |
| US | 104.21.58.163:443 | maven.minecraftforge.net | tcp |
| DE | 78.46.66.120:443 | res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | cdn3-res.tlauncher.org | udp |
| DE | 78.46.66.120:80 | cdn3-res.tlauncher.org | tcp |
| US | 13.107.246.64:443 | libraries.minecraft.net | tcp |
| DE | 78.46.66.120:443 | cdn3-res.tlauncher.org | tcp |
| US | 104.20.37.13:443 | cl2-res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | piston-data.mojang.com | udp |
| US | 13.107.246.64:443 | piston-data.mojang.com | tcp |
| US | 8.8.8.8:53 | cl1-res.tlauncher.org | udp |
| US | 104.20.37.13:443 | cl1-res.tlauncher.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
Files
\??\pipe\crashpad_2964_EWNLZJIPDSLEMAYT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar38E3.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0245e4cd74957a01c0d6f4fcdcbb752d |
| SHA1 | 315302c2d29eb1f9cd82f049e61cf2c46586d928 |
| SHA256 | e971f932e16504ba0823a3f7a3381855aecb98c4dbebb84bb8264b3cdafd1e99 |
| SHA512 | ec6356bb4f4c36fe60b1e8ffa25e741ac0436dc89d98f941a0f0bbf71fb7ecc2ec09dde81a1fe7091c2a5f873307622d3c1307c3a92dab8f1c5aee79cfdb648e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0145ff8d97afbf0a2640c40f9c64c2fe |
| SHA1 | 88b4d82015b3eea3d48dfe3fb539266ac3c66f2f |
| SHA256 | 3abc2624ebf1b93c38ae6c443d5f91aad380d6eb6cb56cdeebb329da6a981df5 |
| SHA512 | 20accba3bd8c1229d64642f3bbd355970a18e45b7d7e8706c4ac7fa1bca01f29a94cded0b264ae92d31b05489a4bcca7766dd74ef22fef5033bbe1f7eda53aab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4a02a528702eca5f655ba69632f7633a |
| SHA1 | 81a3e86942e6eda98e3aab3c296ce7816357f51d |
| SHA256 | 174241ae935b9688e2e08fa1f101e8aa62661265d1fa68a181606d4d65fe8d6c |
| SHA512 | 03814379648d8d679b267481410d7fde3a5b0b868c57fd165d21e45349fc98ff2bd27dd19d49697aa7ba9aa1f52217b282289ae071614704872a4cdbb304f08b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9950bf5ad18f2830e501bd5791537846 |
| SHA1 | 240edff0afa95c2634498ffabeb6552d3c1a0174 |
| SHA256 | e41d5a58f8cea341db4cc1526c4076011b16722277eb9f1f823ef6056060264c |
| SHA512 | 778700460cb30e1b2fe9aaf5f6d49b793eafd2dd56201dde6d9d908c96da661e070fa3d8c801427273c82d6da5a52e998d8fdfde6015c2dd5f894d9b8f2a218c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 99b0198ce83ca316ca3a68b65ff08363 |
| SHA1 | c307fb8b1b3a3d959f6d88e17a155c2a41f48cf0 |
| SHA256 | 01fb88f1125116e985e408ba76b0055cc8476ff9498d3477cc8145147dfe08ca |
| SHA512 | b6413ab4d5a942dd15d6606272a70f35520fc37451cdfa9e0023474b0f5d6bfbd8ecd160e0cf83d40a1efb3a29bb95696898669f00eac8774603d12b782d4f73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3054e2e5ea4a3777f23db42bb0d15608 |
| SHA1 | 7c8c55a825966b837afb2ec2f470a55aadd31d42 |
| SHA256 | 646d3d096746847712e2f26e9b401c0c26ecc698c3abfdc2ae663567cc65c7c2 |
| SHA512 | dd9eec530b3db1f4c36d0a1da324a265a22e9457164f5553893791f003d65e18aace5b528f5bb9afc509a68d47e6bc3602d16c8656890a26793145112cf0c3b4 |
C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe
| MD5 | 1a2ce8f6f111d438d4467a84d8c74351 |
| SHA1 | 6f2b6d316eb820ae6875b84df9615e412ae0773a |
| SHA256 | 9aaa326da7ca2d0d7015742e3ffe5bce7df63cae147166e52f094a1c20897856 |
| SHA512 | 8f276c77a73f4035513d463be939e056a67cfcfb28df078b7e63a3f524a5c66d02128ac6a267e84226dfc2916ae74d0f945a12f7326fa89fa97070329d828193 |
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
| MD5 | d795ef2a7b1d60d78cf3d4d083346a7c |
| SHA1 | 68a623b6b821476e543ea8dadb02ee3a78c55762 |
| SHA256 | c367e0f3b55b16ff6f167f19a3885b9dc7e9e34c0ccdf1df06af5ce7656bd61a |
| SHA512 | bbc4161586240074989c56c9abed3bb36cc68516f03a741438a07633c21343a2a3c2ce43d741f83096e28a541ffb58e56c348cf8ebaa3dc91ae8953bb72c1666 |
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
| MD5 | c333af59fa9f0b12d1cd9f6bba111e3a |
| SHA1 | 66ae1d42b2de0d620fe0b7cc6e1c718c6c579ed0 |
| SHA256 | fad540071986c59ec40102c9ca9518a0ddce80cf39eb2fd476bb1a7a03d6eb34 |
| SHA512 | 2f7e2e53ba1cb9ff38e580da20d6004900494ff7b7ae0ced73c330fae95320cf0ab79278e7434272e469cb4ea2cbbd5198d2cd305dc4b75935e1ca686c6c7ff4 |
memory/1932-456-0x0000000003350000-0x0000000003739000-memory.dmp
memory/1932-455-0x0000000003350000-0x0000000003739000-memory.dmp
memory/1932-454-0x0000000003350000-0x0000000003739000-memory.dmp
memory/1932-453-0x0000000003350000-0x0000000003739000-memory.dmp
memory/988-461-0x00000000010D0000-0x00000000014B9000-memory.dmp
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
| MD5 | da1d0cd400e0b6ad6415fd4d90f69666 |
| SHA1 | de9083d2902906cacf57259cf581b1466400b799 |
| SHA256 | 7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575 |
| SHA512 | f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a |
memory/988-1045-0x0000000010000000-0x0000000010051000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 198272629061984ad581bb0e52cf66e0 |
| SHA1 | d08f1672f54611013124781d2ebe2bd01037c48e |
| SHA256 | 346eba793cf1a6f99d83355c5415f9c4f51e39329b4a5ddaf44e738d4f84f486 |
| SHA512 | 9d6733ff232057fd0fd793a6bfb2de8dced8aa4b955cdd135e0d25ebb7612bcf1e60401e2280c1567275ec00eec11e9ece18ae75df7803c4c33e600973c34af6 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\200.ico
| MD5 | e043a9cb014d641a56f50f9d9ac9a1b9 |
| SHA1 | 61dc6aed3d0d1f3b8afe3d161410848c565247ed |
| SHA256 | 9dd7020d04753294c8fb694ac49f406de9adad45d8cdd43fefd99fec3659e946 |
| SHA512 | 4ae5df94fd590703b7a92f19703d733559d600a3885c65f146db04e8bbf6ead9ab5a1748d99c892e6bde63dd4e1592d6f06e02e4baf5e854c8ce6ea0cce1984f |
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
| MD5 | dabd469bae99f6f2ada08cd2dd3139c3 |
| SHA1 | 6714e8be7937f7b1be5f7d9bef9cc9c6da0d9e9b |
| SHA256 | 89acf7a60e1d3f2bd7804c0cd65f8c90d52606d2a66906c8f31dce2e0ea66606 |
| SHA512 | 9c5fd1c8f00c78a6f4fd77b75efae892d1cb6baa2e71d89389c659d7c6f8b827b99cecadb0d56c690dd7b26849c6f237af9db3d1a52ae8531d67635b5eff5915 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35cb41176853ad4bb91baeeaba9e43f8 |
| SHA1 | f6293be8098081219b827d6999a6776541baa63f |
| SHA256 | 727455437486ca06f5947c7b7e76b2ae1da83180952c6738c5553eea9b2dd1d5 |
| SHA512 | 0e710e233369946d3019a3f6d9a06346752759e72c7cfb2130cc2cd9e8061efac80507a8145ac30dc66d741b99d99565d5db47e96bb79544e62fe4346fca9589 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\BrowserInstaller.exe
| MD5 | 83a8f0546164c9ba1a248acedefd6e5d |
| SHA1 | 7652f353ed74015e7e78bc9f9e305a48d336b6d1 |
| SHA256 | e7c5072ec60d32022b3c818c527ad86f4985837a4f0e9fc6477f54ae86d9f1c9 |
| SHA512 | 111d11acdaef0036ff5cabeb16ed55bf4c681fa6eb3c006af450a0ebadae3e213a8f3abb0f4a9aecc8e893af7a79b4eb7f74a5fc3743e338c3e3136b5d7f9f2d |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG3.BMP
| MD5 | f5d6a81635291e408332cc01c565068f |
| SHA1 | 72fa5c8111e95cc7c5e97a09d1376f0619be111b |
| SHA256 | 4c85cdddd497ad81fedb090bc0f8d69b54106c226063fdc1795ada7d8dc74e26 |
| SHA512 | 33333761706c069d2c1396e85333f759549b1dfc94674abb612fd4e5336b1c4877844270a8126e833d0617e6780dd8a4fee2d380c16de8cbf475b23f9d512b5a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG2.BMP
| MD5 | f35117734829b05cfceaa7e39b2b61fb |
| SHA1 | 342ae5f530dce669fedaca053bd15b47e755adc2 |
| SHA256 | 9c893fe1ab940ee4c2424aa9dd9972e7ad3198da670006263ecbbb5106d881e3 |
| SHA512 | 1805b376ab7aae87061e9b3f586e9fdef942bb32488b388856d8a96e15871238882928c75489994f9916a77e2c61c6f6629e37d1d872721d19a5d4de3e77f471 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 822fe10ea61dcc6b417bf53728d0ad21 |
| SHA1 | 8a6eb6a9779720b36da66be02ee0c41d2a0e198c |
| SHA256 | 944dc6e759985c856443d155f9f74276068ef7378ed0db6fff9dc80745c9c628 |
| SHA512 | df5011b23e109407876585a80de51619a2446dcafd5468687d60633a39ee18715aac78d838d1ecdc397d7f7f67888ad7ee3a430dcd7e90f0337593e05612d082 |
memory/1932-1163-0x0000000003350000-0x0000000003739000-memory.dmp
memory/988-1162-0x0000000010000000-0x0000000010051000-memory.dmp
memory/988-1161-0x00000000010D0000-0x00000000014B9000-memory.dmp
memory/988-1167-0x0000000002970000-0x0000000002980000-memory.dmp
\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
| MD5 | a266e0ae1001da0023f9664afbcaee99 |
| SHA1 | f943c180e5221a5943039c21b21f394dd99cbe14 |
| SHA256 | 819b9a02a788445ad6c4d8f38e05abe911e289e71e4d2c2e37923c9f66f576cf |
| SHA512 | 525b8473b17732ba94942df63b0e43b26ee0157b137a1a39f52034b04ce686097e92ec8d9ea422acf02edc4385863c0179a6af73af01dfcfc1cb6d7c9dad1e7c |
memory/2716-1208-0x0000000003130000-0x0000000003519000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG1.BMP
| MD5 | 3adf5e8387c828f62f12d2dd59349d63 |
| SHA1 | bd065d74b7fa534e5bfb0fb8fb2ee1f188db9e3a |
| SHA256 | 1d7a67b1c0d620506ac76da1984449dfb9c35ffa080dc51e439ed45eecaa7ee0 |
| SHA512 | e4ceb68a0a7d211152d0009cc0ef9b11537cfa8911d6d773c465cea203122f1c83496e655c9654aabe2034161e132de8714f3751d2b448a6a87d5e0dd36625be |
memory/2716-1199-0x0000000003130000-0x0000000003519000-memory.dmp
memory/2716-1209-0x0000000003130000-0x0000000003519000-memory.dmp
memory/2716-1210-0x0000000003130000-0x0000000003519000-memory.dmp
memory/1332-1214-0x0000000000380000-0x0000000000769000-memory.dmp
memory/988-1213-0x00000000010D0000-0x00000000014B9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5338e180-526e-478b-8522-1718ca32e13f.tmp
| MD5 | 7f5a4a2c5a954dda74af7f24c386502f |
| SHA1 | 6a0b877050843ffb8f1e73bcb53607a9405bc717 |
| SHA256 | 0f53de2172182e5271e0f95aca503cdb8b94b9256a49c0bcdc3cd4bff85aad02 |
| SHA512 | 2bb7100d2ff0e5c0a6238e4d7faa8705be9cbd557611a9f687c46cb3b9d503252ac97c55702548615026ced3103507926b106cec417021da87784d12d35d8cf4 |
memory/1332-1230-0x0000000000380000-0x0000000000769000-memory.dmp
memory/1332-1229-0x00000000754C0000-0x00000000754C5000-memory.dmp
memory/1332-1228-0x0000000000A40000-0x0000000000A55000-memory.dmp
memory/1332-1226-0x0000000077560000-0x000000007765A000-memory.dmp
memory/1332-1227-0x00000000047D0000-0x000000000492C000-memory.dmp
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
| MD5 | fa9848f3cff6d80b5704c6d2ccb10c2b |
| SHA1 | 714c93f3fc2b915efae0cac6028d317711d59264 |
| SHA256 | 63ff7897d3a90de887c1baebb2ef7b87e596f1749e07322090786c902bdd8d16 |
| SHA512 | 9078f5e3583a2b2cd43f63f023908f652a4c6eb647b1bd8988d33e8f2f1d34d44192ce50b795ffd9764d94a343bdc2ecdb94483ceef79739a92ff8d6a0f9a41b |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG4.PNG
| MD5 | 9d399665b43d4310c637b43ae523da04 |
| SHA1 | 5984f23773322e93fb762168cc1924fdab9cca0b |
| SHA256 | c64efebdbee0cba76aa97b61953cfeab0097443bafdddc840feeb81ab0b4f2f7 |
| SHA512 | b881e136b499b8a32a68273d476daa5b258823cceaccf73740341f2af366458e66e1e91d5da8cf8bb07dd8f67665774caef58f15031c3bcc0a2ddad41d0c6145 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG3.PNG
| MD5 | b0a5a3db3901023adfc16cff5a381ead |
| SHA1 | dfa2662d731eba223ede334a6f875b33e0da964e |
| SHA256 | 88812d618bc05aea2f43fe26cc7fb24953883418e51d6ca14d6a57fead9b97fd |
| SHA512 | 8eb6e90e6884b6ae0fdf943f4326d3ecf34eb9cc5e73d87137ffdea7caaf11cbf48bb7571096d7ed1e0de6c5627cddc9e018eeab2bfbe6639b573ac4b5209960 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 75965f3aec9d84db2e7f4b3028b1fb2a |
| SHA1 | 572b5c45881178967a0a6925c159b6abe885d636 |
| SHA256 | 3571c7e390cfd913d6f98d30a7d56ab0b8cc97c5379287fefc3d272772046aec |
| SHA512 | 55d661f18e7065af6115382f52c9785a22f716985426606133a5eee3734d3422583b8b37c11250ff6b4960cc6741f7c8aff715a32c530a6bb637100c787c674c |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG1.PNG
| MD5 | d1172f72e8fec2b8ddbfe964b7197dd6 |
| SHA1 | 91b86d380b4cf7f3fc6dba2be364551f0194ceab |
| SHA256 | a8f33799d6ea706548917b5686b7bd1c6f077fcb344cbd51e9af8d7b4ffbb7d3 |
| SHA512 | afa1b94831188a4d15314a9c2a7c528e7c748a51030bbf6dfb735de5288f5a5fbcd6db3c275a0346c69dd6e999b50df81c7bf63a0cc5cc5c563c49844d363acb |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | c2d109cfea044b1a33929230e1a6d0a0 |
| SHA1 | 762dfc5087474929be205bff8da69650ce0fb514 |
| SHA256 | 7e98b5daa80e0bad20e129709761c90e897c5157c98e315ba48956cd6a8e93e6 |
| SHA512 | e600e75e2e85d7641d3517c2bc905bf0caf6f0b2abc39032adc9857040b7227a17c5ebb88d3a9718ca7d1999119c5af59e250c2796d8713cf922d01d570f1cb6 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG10.PNG
| MD5 | 982b81691cac850c2b98b252e4064660 |
| SHA1 | 0c284934268046484921afa55587d863a3a241a3 |
| SHA256 | 3aca81c52680324664bf3128976503ce73931444b956cb3127810661dccd1687 |
| SHA512 | 5be188c92fd6dc8ff014f4f4ff3195edc69edb6142833a42ad49d45807ccb6bc5e7309a91d5a7f822f96f2951872f85d7a48328d123d2df59158af64a15e9f69 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 24af53d42866185fc162e1e04b0d0858 |
| SHA1 | 10b8427f82b0eceb8a6cf98ea33d0be4acef97fd |
| SHA256 | 5629fcbe79f945871ef925c5479d445dd60460c802668568d9f57a61e858daf0 |
| SHA512 | 33509ac157bb49c613f73775e7283b4bfec29c4e22db75832b071d1a7f61a1584fe1dddb2f3caecad02bdb4f89e91ebe0b2a4e67f4ef43b4e8b59cc54f617bff |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG13.PNG
| MD5 | 2fe88aedf465ed13678cdbc685e44fa0 |
| SHA1 | 624f5a00e7cb017e9bfdfab79f6594a7e02171db |
| SHA256 | 4351cce19e5189a474a3e5dfba8c1c33e51bd875c1d574e5069b49a752f9f665 |
| SHA512 | 6fbff486e7064d083ba8d12d0bffa102fdd61a3f818bc85516ed12b287b582adfe7d358d6ace18b45978bbafd9d9a1df2e08dde8291cabb35677314e99ab299c |
memory/988-1442-0x0000000010000000-0x0000000010051000-memory.dmp
memory/988-1435-0x00000000010D0000-0x00000000014B9000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 593e984da561b2dd8b0b4bbd94bb6453 |
| SHA1 | ca001ee68c92464491a106aa811120687d3df813 |
| SHA256 | b145322faee2f6e7926b1f69876f191e84901eaa3c1254dc8d693d64926c077c |
| SHA512 | eaa7a9efeef2d37ebf3079b704ae06dcdd5979530c8da2d32ad17e034e22a19df6e3750e48b40c0be1ba932633f39ebbc4ffc2f65a302e07919bdbcc6e78b641 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG9.PNG
| MD5 | b7b32e3aeb677124b236d776ef443489 |
| SHA1 | 3249a596e03148836131988b8ca9392f677a7470 |
| SHA256 | f60847a54bde74835d80bb41bc3c57ad211ca30d69c2eb48ef7bffc7c6b44d0c |
| SHA512 | f9044d9da82099a0747b3de0382db0999a9f80cbfe894ed9c4961498c41c5db9055c32d699424b6c5835230a2d74df491151beb90f0ff959b580164b2defab2a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG14.PNG
| MD5 | 7d26a524b09feacb9db695415e1a66b2 |
| SHA1 | 724f925c2663b623a9755bf722b3f297c8ff605a |
| SHA256 | 867072872533f9000508dafdd49f5b83e03de7b611b454290e062034a423dc74 |
| SHA512 | 6adae2bb7c7e390f5e50df048fb3417c31b025c4d32abcb97ef8206ae3f0769997650cdba178bbad8c34f07a4e613666388e4b9bc465549b47a8f01f0dec4a57 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG15.PNG
| MD5 | 859d53eb6f971993774da3bccee533a4 |
| SHA1 | c51f8e6a9cbd749b77edfeb324ef18ffdfc8e4fc |
| SHA256 | 768c5aa62161f6ddcab82911e727bf7d902c8d3d24d7c62726542b32ae70f3e7 |
| SHA512 | 5e2f6cd3ffd37a02b5d198046e422bd7c19acca91675a6c38f58d0a985dcc640aedbdab969df9afbc8be6367df071d8e77663c42d5529d9c798602e6c97d246c |
memory/988-1798-0x00000000010D0000-0x00000000014B9000-memory.dmp
memory/988-1800-0x0000000002970000-0x0000000002980000-memory.dmp
memory/988-1799-0x0000000010000000-0x0000000010051000-memory.dmp
\Users\Admin\AppData\Local\Temp\jre-windows.exe
| MD5 | af1d24091758f1e02d51dc5f5297c932 |
| SHA1 | dc3f98dded6c1f1e363db6752c512e01ac9433f3 |
| SHA256 | e52a8d0337bae656b01cb76c03975ac3d75ac4984c028ba2a6531396dea6dddd |
| SHA512 | 8d4264a6b17f7bbfd533b11ec30d7754a960a9f2fbef10c9977b620051c5538d8eb6080ea78e070904c7c52a6ce998736fad2037f6389ad4c5c0ce3f1d09e756 |
C:\Users\Admin\AppData\Local\Temp\jds259500471.tmp\jre-windows.exe
| MD5 | 96d622d62567def49ad8999324a66709 |
| SHA1 | 5a4749631631d97e9db816f5cca2392e69d0b7d9 |
| SHA256 | 953b06705f72bfffac774c41ceb359fe1d3f8a0c5d6a44f93597ce9c39399994 |
| SHA512 | c2d350895f47c5164138d2e3befbeb0acda8097a7904a28d9ad9db70ea0aabb3ec54a476dcb2746a41308fb79616d810305c53f7e23a4856a3f9eb656896de0d |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | 912449a95a0adb0e3d94641e5041073a |
| SHA1 | 47b9867ff2979e54e2b24a889e0c00100a1bf673 |
| SHA256 | e92c3a046c98a92ae305c5465e284e4c82b3aa27518d44ccfe56d1c6d1574a1a |
| SHA512 | 59ac507d41ab9a8429a0d209014615e18cace50d26ede1b64c25e0a45ff8d273c4597c3e6e637fc6d4128971535495c1bca9a362c9d7f377570e989380e2953c |
memory/988-1833-0x00000000010D0000-0x00000000014B9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | 3219ee6d0d89ee752b220d97dc841355 |
| SHA1 | 297f5c12e7ba1b5e57c246f1183a52692ac2c2c1 |
| SHA256 | b95e69e2e2221b6b6c3dd101ceadf81959aeaf23a74f07e32c09e0a65e1c8ef1 |
| SHA512 | fc676df8a6a9db13baa85f22c345715b6e12a2ecc61d7a009ed21f16e2457c76ce13c2aa52158c15868228bbe439cfbcb45b9a3c85a54df8bbb06fce72dd6bba |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\HJD0U1S4.txt
| MD5 | c2d3d4b90f585fcdfde549410e9ff2e0 |
| SHA1 | ac899fdaf9aafdb497ba4fd135df5a4fb8f9c584 |
| SHA256 | c1bf66e8826e02728a5ee08d84f2f045a7dec1e658876af794e908866b10dc5c |
| SHA512 | e4fdd64bf10e01a6b3a899edcf1122b1fc43b465067ecc6c7635314f0736ec1ca76d06b8ba5cdc24c0589f965b71ae7f0aa6ea8af133b8d10b1129a9b0b3525f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 125c6659c0e444afda15620a8a973e23 |
| SHA1 | 08a689f4aade5df1e738f4d23a4e3e2ca4ffbc9b |
| SHA256 | c4d79405d227244ec7501c59d53754852b437ef7b51d6f175f07efedae5bff5b |
| SHA512 | 1777503fbdb825a2a1f72f8c9f936afb38f862ae9dd30b3856852fe664e9a764fe1872cfbb057f7af0f9611b3fef3fb13c423d97609457d9418a32b23f785680 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 995b16f31627a0fb2e91af4975245286 |
| SHA1 | dee3739779554168be0b0e197b8ae6da4e27dfa7 |
| SHA256 | 30725b3f25dbb1a15d1846a9c0de52cb954f0b866a80587b1ededa74774ed37f |
| SHA512 | f7969a8078c81b9d416ddec613e8f50ee3cd697d2b55dcbc16cf56ace25bcc5c2eb563c7edf4f0d9d0fa5449b87b7a333b0635d1ee8c92f38d5b65f3f6b27cde |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 606102c17821ceac95bfa50466c8adac |
| SHA1 | ed0188171d9536de16e3223a9a064417c1dd631d |
| SHA256 | 73ddacd84d53cf2cbc3c1df922f936d5f8b94f11ab57989ef570cc296fbf2428 |
| SHA512 | 597f75d172ace92ca23cddd953fe7141fcdd8c00924e648e38013fdf0979902bcd6c9b2a25a1079cabe06d05e10de761d0b3592056f3d3acd431a007c57f7655 |
C:\Users\Admin\AppData\LocalLow\Oracle\Java\jre1.8.0_401_x64\jre1.8.0_40164.msi
| MD5 | 4b80c230492aedab6757f904167b4e17 |
| SHA1 | ca169fc089c12341ac8a023e98e5f7d58a1d5d90 |
| SHA256 | 0d961da2bc9f0fe029c31beb616d5069b718abd7f494f28a86fc6ace8e4718ea |
| SHA512 | fcfbaa9c987bda1143f2596aca5bb3c04eebbb8ff7cacb9f855ef66d4c1b433a0a07c9694dcaff56f481df0234e8cc833e0c4b66aa52c2541db5fc562a741aca |
\Windows\Installer\MSIF3C9.tmp
| MD5 | 64a261a6056e5d2396e3eb6651134bee |
| SHA1 | 32a34baf051b514f12b3e3733f70e608083500f9 |
| SHA256 | 15c1007015be7356e422050ed6fa39ba836d0dd7fbf1aa7d2b823e6754c442a0 |
| SHA512 | d3f95e0c8b5d76b10b61b0ef1453f8d90af90f97848cad3cb22f73878a3c48ea0132ecc300bfb79d2801500d5390e5962fb86a853695d4f661b9ea9aae6b8be8 |
memory/996-2538-0x0000000000130000-0x0000000000131000-memory.dmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url
| MD5 | 625bd85c8b8661c2d42626fc892ee663 |
| SHA1 | 86c29abb8b229f2d982df62119a23976a15996d9 |
| SHA256 | 63c2e3467e162e24664b3de62d8eeb6a290a8ffcdf315d90e6ca14248bc0a13a |
| SHA512 | 07708de888204e698f72d8a8778ed504e0fe4d159191efb48b815852e3997b50a27ba0bc8d9586c6fb4844166f38f5f9026a89bbbc3627e78121373982656f12 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url
| MD5 | 6684bd30905590fb5053b97bfce355bc |
| SHA1 | 41f6b2b3d719bc36743037ae2896c3d5674e8af7 |
| SHA256 | aa4868d35b6b3390752a5e34ab8e5cba90217e920b8fb8a0f8e46edc1cc95a20 |
| SHA512 | 1748ab352ba2af943a9cd60724c4c34b46f3c1e6112df0c373fa9ba8cb956eb548049a0ac0f4dccff6b5f243ff2d6d210661f0c77b9e1e3d241a404b86d54644 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk
| MD5 | b5e1de7d05841796c6d96dfe5b8b338c |
| SHA1 | c7c64e5b35d0cca1a5c98a1c68e1e5d4c8b72547 |
| SHA256 | 062cb9dec2b2ce02c633fc442d1a23e910e602548a54a54c8310b0dde9ae074d |
| SHA512 | 963a89b04f34bc00fea5b8e0f9648596c428beac2db30d8b0932974b15c0eb90b7c801ba6fa1082ea9d133258f393ae27e61f27fd3b3951f5c2e4b8c6a212c2d |
memory/1028-2709-0x0000000000140000-0x0000000000141000-memory.dmp
memory/988-2722-0x00000000010D0000-0x00000000014B9000-memory.dmp
memory/1028-2724-0x0000000000140000-0x0000000000141000-memory.dmp
memory/1028-2727-0x0000000000140000-0x0000000000141000-memory.dmp
memory/1028-2754-0x0000000000140000-0x0000000000141000-memory.dmp
memory/1028-2755-0x0000000000140000-0x0000000000141000-memory.dmp
memory/1804-2767-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2778-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2781-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2782-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2800-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2805-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1804-2811-0x0000000000240000-0x0000000000241000-memory.dmp
C:\Config.Msi\f77ee3a.rbs
| MD5 | d65fa17b47f348c7df6f18b1525da96b |
| SHA1 | a1727c97b23ae0bd4097c0e800d8eebd2b75058a |
| SHA256 | 24778bf7801cbad1089877b42f901b4e004301596673a2ef4e2f05539477d2e8 |
| SHA512 | 37763e753ba97f29b326e9c828051face16e4881f324318261793f3f44011313df3281c1f54e26d1dd738342f1b1853655062fafd17da97158bcb6d2e1d7a1aa |
memory/1924-2877-0x000007FFFFF70000-0x000007FFFFF80000-memory.dmp
memory/988-2890-0x0000000010000000-0x0000000010051000-memory.dmp
memory/912-2992-0x0000000000130000-0x0000000000131000-memory.dmp
memory/924-3006-0x0000000000240000-0x0000000000241000-memory.dmp
memory/924-3008-0x0000000000240000-0x0000000000241000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\runtime[1]
| MD5 | 5d4657b90d2e41960ebe061c1fd494b8 |
| SHA1 | 71eca85088ccbd042cb861c98bccb4c7dec9d09d |
| SHA256 | 93a647b1f2cadcbdb0fe9c46b82b2b4baf7685167de05933811549145c584ee0 |
| SHA512 | 237738c0a6cb25efe29effc9c3637245e3e2397207ed51e67bae5a1b54749f88e090de524f7868d964debbb29a920a68205ccbd2dfceed4a1f3cd72d08b16fa3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\host[1]
| MD5 | a752a4469ac0d91dd2cb1b766ba157de |
| SHA1 | 724ae6b6d6063306cc53b6ad07be6f88eaffbab3 |
| SHA256 | 1e67043252582aea0e042f5a7be4a849b7cd01b133a489c3b2e67c10ade086f3 |
| SHA512 | abc2899705a23f15862acf3d407b700bb91c545722c02c7429745ab7f722507285c62614dcb87ea846f88fc0779345cb2e22dc3ad5f8113f6907821505be2c02 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\l10n[1]
| MD5 | 1fd5111b757493a27e697d57b351bb56 |
| SHA1 | 9ca81a74fa5c960f4e8b3ad8a0e1ec9f55237711 |
| SHA256 | 85bbec802e8624e7081abeae4f30bd98d9a9df6574bd01fe5251047e8fdaf59f |
| SHA512 | 80f532e4671d685fa8360ef47a09efcb3342bcfcf929170275465f9800bfbfffc35728a1ba496d4c04a1fdefb2776af02262c3774f83fea289585a5296d560b0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\layout[1]
| MD5 | cc86b13a186fa96dfc6480a8024d2275 |
| SHA1 | d892a7f06dc12a0f2996cc094e0730fe14caf51a |
| SHA256 | fab91ced243da62ec1d938503fa989462374df470be38707fbf59f73715af058 |
| SHA512 | 0e3e4c9755aa8377e00fc9998faab0cd839dfa9f88ce4f4a46d8b5aaf7a33e59e26dbf55e9e7d1f8ef325d43302c68c44216adb565913d30818c159a182120fc |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\rtutils[1]
| MD5 | c0a4cebb2c15be8262bf11de37606e07 |
| SHA1 | cafc2ccb797df31eecd3ae7abd396567de8e736d |
| SHA256 | 7da9aa32aa10b69f34b9d3602a3b8a15eb7c03957512714392f12458726ac5f1 |
| SHA512 | cc68f4bc22601430a77258c1d7e18d6366b6bf8f707d31933698b2008092ba5348c33fa8b03e18c4c707abf20ce3cbcb755226dc6489d2b19833809c98a11c74 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\common[1]
| MD5 | f5bb484d82e7842a602337e34d11a8f6 |
| SHA1 | 09ea1dee4b7c969771e97991c8f5826de637716f |
| SHA256 | 219108bfef63f97562c4532681b03675c9e698c5ae495205853dbcbfd93faf1a |
| SHA512 | a23cc05b94842e1f3a53c2ea8a0b78061649e0a97fcd51c8673b2bcb6de80162c841e9fdde212d3dfd453933df2362dcb237fe629f802bafaa144e33ca78b978 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\masthead_left[1]
| MD5 | b663555027df2f807752987f002e52e7 |
| SHA1 | aef83d89f9c712a1cbf6f1cd98869822b73d08a6 |
| SHA256 | 0ce32c034dfb7a635a7f6e8152666def16d860b6c631369013a0f34af9d17879 |
| SHA512 | b104ed3327fed172501c5aa990357b44e3b31bb75373fb8a4ea6470ee6a72e345c9dc4bcf46a1983c81adb567979e6e8e6517d943eb204c3f7fac559cd17c451 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\masthead_fill[1]
| MD5 | 91a7b390315635f033459904671c196d |
| SHA1 | b996e96492a01e1b26eb62c17212e19f22b865f3 |
| SHA256 | 155d2a08198237a22ed23dbb6babbd87a0d4f96ffdc73e0119ab14e5dd3b7e00 |
| SHA512 | b3c8b6f86ecf45408ac6b6387ee2c1545115ba79771714c4dd4bbe98f41f7034eae0257ec43c880c2ee88c44e8fc48c775c5bb4fd48666a9a27a8f8ac6bcfdcb |
C:\Windows\Installer\f77ee3c.msi
| MD5 | d7390d55b7462787b910a8db0744c1e0 |
| SHA1 | b0c70c3ec91d92d51d52d4f205b5a261027ba80c |
| SHA256 | 4a2f7d9d33e4ad643bf72722587f2b268d92dab3bb1d9bc56af316672e34728a |
| SHA512 | 64f3837dd6099561ce9be97d6fae0b11f3f6cc08281f1a3266d5a6f3ca8baf13bbd780735ef62b449b577d62d086f942b48519671226c60f0e1480f9dbdde434 |
C:\Config.Msi\f77ee40.rbs
| MD5 | 7a094967cc9bdcf83fc11be9030ab0fd |
| SHA1 | 80f11b1d0d28078a724b2ab809ca8b61fef3cbf6 |
| SHA256 | 617fbeb28051be8a9459c48bf47155060cd910618807d400b2397daa87eea2bc |
| SHA512 | d222fcbae51e0746aaf6877f02cfde613775c7b3aeb636df7bbcb7c324bb5f76c0fcf819c3d0969ddc4339c8d5b44aef6eee12ef6e5115e08c335ec58c729815 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG17.PNG
| MD5 | 69862e8a82c503fbc5cea0c9e8a33876 |
| SHA1 | a69deda06d6224750bf1ab941bf934bf5250fe4b |
| SHA256 | 8fc3a97777dec1ab22f74f069354cab4880731b873452694921cac9814059858 |
| SHA512 | db86fbd4e1692de8a2dc6816d34e28b12badaed81ad07a7ce4fc225a212fee63eccd1f51c5ebdf7485ee8c0db716f9ac649cd2a4aae92218372582e7ab3d3951 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e99fc459-ff44-4dfa-a1c1-d621d465c1f4.tmp
| MD5 | 19c066706576b83c53e0be197651b323 |
| SHA1 | a96589583b2ec5e8508790772508380344c04f79 |
| SHA256 | 60bb98c11215b54275021db3d11a9c54fad89bb4647f513d580ba391f2ccf3ac |
| SHA512 | 14d5aa6ff03fd83454e8f24a9d7c6fb57c5d83b022b42b598ee91415969792d3c569428f225148979b56579a9d6c3a00ac7c5df3f49a39bf3f93932b900db632 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 90615667f3a367ebb1572b03f30a2b6a |
| SHA1 | 29064912a89cfcb9241395dfe04561d30a172d9a |
| SHA256 | 6e3e0a08e04ec00074c4020884c378e0df431b6599a8d05917c8c688b2dcdbb4 |
| SHA512 | 09cc53d2989eb74749c3e7b4723e3302ad44cc0e001e6c3c6de0197c8cdf5c582589beb29dfddf1e5da536d37d3be97534a490dc2c9e9d69995bee12a5ee9483 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c6ca90c378bcb100cbf3183eda9a2bfe |
| SHA1 | b5eddbc0fd87f0e139e31a1e104624ebf16d0d40 |
| SHA256 | 300a190da364c2e160cf11b49e1464657df3eae5c77a088e1546ba30d84bc8c1 |
| SHA512 | 5c4ac3889abb8ab7965b72a019df5e57b94a16b8420f65455bc1e0d511a29de3a4e7a4b3a4cb37d90ed4f3786ce2905b99a740b6d27b3701b7cfd1299c10c18e |
memory/988-3216-0x00000000010D0000-0x00000000014B9000-memory.dmp
memory/2660-3316-0x0000000000400000-0x0000000000417000-memory.dmp
memory/988-3796-0x00000000010D0000-0x00000000014B9000-memory.dmp
memory/2184-3803-0x0000000000330000-0x0000000000331000-memory.dmp
memory/2184-3811-0x0000000000420000-0x000000000042A000-memory.dmp
memory/2184-3810-0x0000000000420000-0x000000000042A000-memory.dmp
memory/2184-3813-0x0000000000330000-0x0000000000331000-memory.dmp
memory/2184-3831-0x0000000000330000-0x0000000000331000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\release\tlauncher\appConfig.json
| MD5 | 76f88f850ce46a6f0d0e29256b4031c2 |
| SHA1 | 65c1524639b6b6a406546a759293663fa18764e5 |
| SHA256 | cd22ccdc8774ee97b88feb2e34261d9537a3cd504a24c295712fbd7c30542932 |
| SHA512 | 8683d4467da7104b1b1526027fe7b0a00091e1aa57ad9c2edd4ac8a457e6c1a50ddab323274b9a085df0550bc99e3100c1f23153ff978b1febddaebd4e441c48 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\prerelease\tlauncher\2.923\dependencies.json
| MD5 | 47a8d1472e2d917aa9eef471408c4ea0 |
| SHA1 | e68215e8b96c7f0eb1676bbdd7784b3a58c56425 |
| SHA256 | 3e14d4b35df9c75af253eb5ca2969aaaeb290a8e2e1c155129ee0dc38563ca0a |
| SHA512 | 319684809ea42e77e48ab096647c55a95d70d26d461079896ad8c21a5bba01abc32516ce19d64ab15e7caa64b92c34080b0bcbb0ba334c483342b3bbcc0223eb |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\prerelease\tlauncher\2.923\resources.json
| MD5 | dbc6764753e3ea4164e38a8c5638a6a1 |
| SHA1 | 0a74ecb2cb77b471851dcdb39c8cfd3cf3dc24e5 |
| SHA256 | 0c5a8ffb6b746d925782a1b599b267fe0f51cc8c4f2044c7d5083bf595956093 |
| SHA512 | 8453732b44df6dbe0bb59ece1d9e2f4858bd6088634a4491fe9375363a2006a168781d97821ecc27890831e940d3967435f17a9fee6ba86e6971f157b8f76454 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\prerelease\tlauncher\javaConfig.json
| MD5 | 0de49ba7ad7c893d4d1ef2f4e9be4ef1 |
| SHA1 | 30b83af16d1afbaea335fd807c9c738ea3271081 |
| SHA256 | c087af3178595a0fd65ab365fccf8043a0cfe86b82a91697910da22d380ac4b9 |
| SHA512 | ed650dedac990488901abea5dae618780443040d6c423a0fcb99e5c8c82f667f254549eec45608437b17924ca90b642f5f736ad764bc528879516533813777e7 |
memory/2184-4402-0x0000000000420000-0x000000000042A000-memory.dmp
memory/2184-4401-0x0000000000420000-0x000000000042A000-memory.dmp
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\COPYRIGHT
| MD5 | 4586c3797f538d41b7b2e30e8afebbc9 |
| SHA1 | 3419ebac878fa53a9f0ff1617045ddaafb43dce0 |
| SHA256 | 7afb3a2dc57cb16223dddc970e0b464311e5311484c793abf9327a19ef629018 |
| SHA512 | f2c722ae80d2c0dcdb30a6993864eb90b85be5311261012d4585c6595579582d1b37323613f5417d189adcd096fa948e0378c1e6c59761bf94d65c0a5c2f2fd3 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\LICENSE
| MD5 | 16989bab922811e28b64ac30449a5d05 |
| SHA1 | 51ab20e8c19ee570bf6c496ec7346b7cf17bd04a |
| SHA256 | 86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192 |
| SHA512 | 86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ASSEMBLY_EXCEPTION
| MD5 | c62a00c3520dc7970a526025a5977c34 |
| SHA1 | f81a2bcb42ccbf898d92f59a4dc4b63fef6c2848 |
| SHA256 | a4b7ad48df36316ddd7d47fcecc1d7a2c59cbfe22728930220ef63517fd58cb0 |
| SHA512 | 60907d1910b6999b8210b450c6695b7cc35a0c50c25d6569cf8bb975a5967ca4e53f0985bee474b20379df88bb0891068347ecf3e9c42900ed19a1dcbc2d56ec |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ADDITIONAL_LICENSE_INFO
| MD5 | 494903d6add168a732e73d7b0ba059a0 |
| SHA1 | f85c0fd9f8b04c4de25d85de56d4db11881e08ca |
| SHA256 | 0a256a7133bd2146482018ba6204a4ecc75836c139c8792da53536a9b67071d4 |
| SHA512 | b6e0968c9fd9464623bfa595bf47faf8f6bc1c55b09a415724c709ef8a3bcf8a954079cce1e0e6c91d34c607da2cecc2a6454d08c370a618fb9a4d7d9a078b24 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\LICENSE
| MD5 | f815ea85f3b4676874e42320d4b8cfd7 |
| SHA1 | 3a2ddf103552fefe391f67263b393509eee3e807 |
| SHA256 | 01a4ebd2a3b2671d913582f1241a176a13e9be98f4e3d5f2f04813e122b88105 |
| SHA512 | ddf09f482536966ac17313179552a5efc1b230fa5f270ebde5df6adebf07ee911b9ef433dfbfcb4e5236922da390f44e355709ecaf390c741648dd2a17084950 |
memory/304-5171-0x000000001BDD0000-0x000000001BDDA000-memory.dmp
memory/304-5172-0x000000001BDD0000-0x000000001BDDA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\+JXF5077455548942379004.tmp
| MD5 | afa7a91dadd77b23634a0fdf18c148f3 |
| SHA1 | 6cbb57ba2355cf442e06899898ff5af55867103e |
| SHA256 | 9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70 |
| SHA512 | 84d123b67505522c256f4ff79c3822eabe2d63036023896e9854298ff39e050bef7894f6320ccf950592015760354683c4dbd19aa203d433a04a5d6bb28e8115 |
C:\Users\Admin\AppData\Local\Temp\+JXF10453094884409361976.tmp
| MD5 | ec5d243a9958b3858b5a71fb9a690da7 |
| SHA1 | d80b02c91addef2ef58136d1a7df0189f453388c |
| SHA256 | a4ece920f221b78d43b550d615c5934db162b64a331ffa663a85199e74ef2e6b |
| SHA512 | 479512c6076249a63a822d307b3d8c65d44d19abfadc597f0293fedf2c4fbac2ba6f60ca98d2c1dbb638ad09f3eb1419b6ef391fb098c7d1b62237bce9d79931 |
C:\Users\Admin\AppData\Local\Temp\+JXF13149019801371336025.tmp
| MD5 | 54a91b0619ccf9373d525109268219dc |
| SHA1 | 1d1d41fcadc571decb6444211b7993b99ce926e2 |
| SHA256 | b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f |
| SHA512 | 7f79ff3b42a672371814f42814aa5646328b1a314691d30ce09ffdc7a322adcb1af66625274f7fac024ca2f22a42b625001735711c430faef6e077e1f1d24887 |
C:\Users\Admin\AppData\Local\Temp\+JXF15791619069526318078.tmp
| MD5 | 4c41e856744eb797e9936359a6509287 |
| SHA1 | 0959e6f4dd535eb6fae388b6b9ac179dcf3afd76 |
| SHA256 | 83ff53f599acefc11f5cf63fd0516d4db72aacf7f0125a5f79c9ff222cbf9dd7 |
| SHA512 | 07ae284caa316315da74246c960198a7d549acf86f96cec550f41109fcd870a69ccac9818361657fb859e89d2bdc8398c7731c80d274d99a768102022a5f6e8b |
memory/2184-5609-0x0000000000420000-0x0000000000422000-memory.dmp
memory/556-5648-0x00000000002D0000-0x00000000002DA000-memory.dmp
memory/556-5650-0x00000000002D0000-0x00000000002DA000-memory.dmp
memory/556-5649-0x00000000002D0000-0x00000000002DA000-memory.dmp
memory/304-5651-0x000000001BDD0000-0x000000001BDDA000-memory.dmp
memory/556-5653-0x00000000002D0000-0x000000000032C000-memory.dmp
memory/556-5652-0x00000000002D0000-0x000000000032C000-memory.dmp
memory/556-5654-0x00000000002D0000-0x000000000032C000-memory.dmp
memory/304-5655-0x000000001EEE0000-0x000000001EEEA000-memory.dmp
memory/304-5656-0x000000001EEE0000-0x000000001EEEA000-memory.dmp
memory/304-5657-0x000000001EEE0000-0x000000001EEEA000-memory.dmp
memory/556-5660-0x0000000000310000-0x000000000033A000-memory.dmp
memory/556-5659-0x0000000000310000-0x000000000033A000-memory.dmp
C:\Users\Admin\AppData\Roaming\.minecraft\TlauncherProfiles.json
| MD5 | 7a414ccf04636adc5e354458f388582e |
| SHA1 | f3d6d91073e5324a48c4bf2b5bb22de99603a0f1 |
| SHA256 | a26bd3a7108090fba73cee09f9750762eb937287d538070146b60e042ee55bf3 |
| SHA512 | 36502052fb082debd1122c289a2128d614d13ad88416bb8e1566923b3e8b8141a872e6a5e12ee1c6f6d902e56188c9f9bf6ae334ae9a688e502959018a55ce60 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\policy\limited\default_US_export.policy.tlauncherdownload
| MD5 | 1a08ffdf0bc871296c8d698fb22f542a |
| SHA1 | f3f974d3f6245c50804dcc47173aa29d4d7f0e2c |
| SHA256 | 758b930a526fc670ab7537f8c26321527050a31f5f42149a2dda623c56a0a1a9 |
| SHA512 | 4cfca5b10cd7addcff887c8f3621d2fbec1b5632436326377b0ce5af1ae3e8b68ac5a743ca6082fc79991b8eec703a6e1dfd5b896153407ad72327753222fdb3 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\policy\limited\default_local.policy
| MD5 | 6d7b4616a5dba477b6b6d3f9a12e568f |
| SHA1 | 7fb67e217c53a685cb9314001592b5bd50b5fbb9 |
| SHA256 | 2b2627548e61316150d47ffc3e6cad465ca05b3cccd4785eb7d21aa7baa0f441 |
| SHA512 | a0b98cbbb49184df973bb2c4a506e9bc6e025a696bc0c8054a6352cc3f9b4a38e3baf117c6834ddaddc38498556607ed4eda8f1bc683f662d61da50e0db0c8c2 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\ADDITIONAL_LICENSE_INFO
| MD5 | 71bb3ad0017bf36d14bb96a8d4b32c45 |
| SHA1 | 1a5c553e71bdb7d94995b206bc9eaa49abd1e888 |
| SHA256 | a69bce275ba7a3570af6579cb0f55682cd75fedfcd49e0e8e9022270c447c916 |
| SHA512 | 9f658dfea71bdc3cc1549edfb5ad3171dbfa0082b2d91e820c09abe0b376b6bcd8b5170442a5e25e72274e98f130176bbdecfa7997c59705782b214f02136a20 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\ASSEMBLY_EXCEPTION
| MD5 | d94f7c92ff61c5d3f8e9433f76e39f74 |
| SHA1 | 7a9b074ca8d783dbe5310ecc22f5538b65cc918e |
| SHA256 | a44eb7b5caf5534c6ef536b21edb40b4d6babf91bf97d9d45596868618b2c6fb |
| SHA512 | d4044f6ceb094753075036920c0669631f4d3c13203caf2bea345e2cc4094905719732010bbe1cae97bc78743aa6def7c2aa33f3e8fca9971f2ca0457837d3b0 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\cldr.md
| MD5 | 8f5780e8d582fe686ed11535dec512ed |
| SHA1 | b63b615a826d8a40f5a45dc49da0ff1d8b6666c1 |
| SHA256 | f2bd33ded550a05d59e8f659416ef382490504548d846e6388b1dffd273aa077 |
| SHA512 | 49996cdcd2bfbf0e018e0fe127a98e5435e50c0b3f4891404e897826be74ad56d253bfeb51934195ed559be3c251613ecae744c39fd6793f59dbc87de6e970e5 |
C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher-2.0.properties
| MD5 | 0cfbad96ae5132710393ed312c2590cd |
| SHA1 | 53e0c27ffea87a703655b0639a0db543cfe55164 |
| SHA256 | 35243e81cb8d1d660fc184bcc451ef1b90e754fd7a219a4a602323dd3b1eea55 |
| SHA512 | 0a327c9f40c78b25c29e5b210ff1f862d41c02eb2682dcbc7e847a698cfbd8b5cc6861dc9a07d095971c2098c7b9df5aea8a6fb58c482245a8dae7567a99eb7e |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\icu.md
| MD5 | 2f77c0cae3fdc2b5b6e8d85898cc4c2f |
| SHA1 | 92db4d2a0cdc8680910fc434a1a637a5b87ed599 |
| SHA256 | af0057e8553906083f69c2fb9fe9ed4ae8bc2340a0b1e376a424702f00300b29 |
| SHA512 | 2a105217c50f345c1fba6dec9ff8a3c70ec0c14f4821c1175c2c21d4e6b5f4f1e7a49d29aae9698c4850a2298802eb926eb6d80cd6082eeaa623394b10f28967 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\net.properties
| MD5 | 385443b7e4a37bc277c018cd1d336d49 |
| SHA1 | b2c0dfb00bf699e817bdd49b14bc24b8d3282c65 |
| SHA256 | 5bc726671936e0af4fdf6bed67d9e3a20a92c30b0ba23673d0314baa5e3ffb08 |
| SHA512 | 260afc7671a1dc0c443564f1d10386f0b241bb53c76df68d8d03f1d0b1ceaf3f68847ab3477732c876c2b01c812ef7521744befe88e312f3aa63164b608b67a1 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\ADDITIONAL_LICENSE_INFO.tlauncherdownload
| MD5 | 512f151af02b6bd258428b784b457531 |
| SHA1 | 84d2102ad171863db04e7ee22a259d1f6c5de4a5 |
| SHA256 | d255311b0a181e243de326d111502a8b1dc7277b534a295a8340ab5230e74c83 |
| SHA512 | 1a305bc333c7c2055a334dc67734db587fd6fda457b46c8df8f17ded0a8982e3830970bee75cc17274aa0a4082f32792b5dbff88410fa43cc61b55c1dce4c129 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\ASSEMBLY_EXCEPTION.tlauncherdownload
| MD5 | bd468da51b15a9f09778545b00265f34 |
| SHA1 | c80e4bab46e34d02826eab226a4441d0970f2aba |
| SHA256 | 7901499314e881a978d80a31970f0daec92d4995f3305e31fb53c38d9cc6ec3b |
| SHA512 | 2c1d43c3e17bb2fca24a77bea3d2b3954a47da92e0cdd0738509bffcdbe2935c11764cd5af50439061638bba8b8d59da29e97ea7404ea605f7575fc13395ca93 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\java.policy
| MD5 | fbf2b55342947695aa2a15e3485ed29f |
| SHA1 | a04c23f61d2958fc1e9882509927b43cab0e799c |
| SHA256 | f2a00a1dec3b7a097f0815f338a84717ba1017d5d7aae96d842d2188d67c3250 |
| SHA512 | 35ffe47eb7d404785e5bef3f1f26629f5dc04c54f9dcb082a250da367414095b024e6486ad0332cebe0348a2f972e9d58979c8c86ab9753f72ff0727bda07c1c |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\policy\limited\exempt_local.policy
| MD5 | 4cbb03f484c86cbea1a217baae07d3c9 |
| SHA1 | ee67275bc119c98191a09ff72f043872b05ab7fd |
| SHA256 | 8c3d7648abcd95a272ce12db870082937f4d7f6878d730d83cb7fbb31eb8b2c9 |
| SHA512 | 2bd70518aed6b0e01c520c446830c5f567fa72974548818cac3e1e5c2be6f03db78ce6012f5463b1e19c36243d04cbaad38ec79524635eaae2e427eb1875ccdb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\LICENSE
| MD5 | 3e0b59f8fac05c3c03d4a26bbda13f8f |
| SHA1 | a4fb972c240d89131ee9e16b845cd302e0ecb05f |
| SHA256 | 4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726 |
| SHA512 | 6732288c682a39ed9edf11a151f6f48e742696f4a762c0c7d8872b99b9f6d5ab6c305064d4910b1a254862a873129f11fd0fa56ff11bc577d29303f4fb492673 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\jpeg.md
| MD5 | de0e5a6cfc652c81ee7b582aa004dad5 |
| SHA1 | fc3bed0e9b640daac5c5336badebb3a55e89dfd5 |
| SHA256 | 580be596216ee11e2554b24ce944973acaede2ebf5ffba34a6bd8cc441c05043 |
| SHA512 | 1b78c0fe3aecaf1d4da9d7c5d84cb15d7acebdecbf73b224cf72b9f84bc269a84b8366150a63a28485ee61d51595cfbfc5fbe6a175a9e277d5a41038c9e0828b |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\logging.properties
| MD5 | 0f00ec3e7a7767a4efeae1875fb5f3d4 |
| SHA1 | 167808418571e9209b952188ddab2f4e62920e68 |
| SHA256 | b62d2733ab99556b108a1951d894c5a8d76b1ac7a00c02c388f9eb9be046c56f |
| SHA512 | e869f4a3b821a9933796dc9a56ee00483493369dfbfe07b3b1d895cb8318c6821cd44134eb37513f15b830c25861b596646824ed56672d08b678fefe6a4c7504 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\aes.md
| MD5 | 2e33468a535a4eb09ef57fc12a2652d0 |
| SHA1 | e64516f3fa1e72f88caa50f14b8046dd74d012b6 |
| SHA256 | 45c6d4da48325edfbff3dcf71c704e504c057904435ed23c6d57046d551eb69d |
| SHA512 | 4d14b5ddbb4d09797264ed29ba71fab6986b4a9e75efb9402c1476e0a9e2884813d6a922dea125643b4f74e1f3e458f4e48d6c840e0f4d16ed72ffbc4611dbb2 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\public_suffix.md
| MD5 | a90527d48ad0216fd1e5241015bb0f77 |
| SHA1 | a59b3bf9478184be7ae959e27ce7257bc418985a |
| SHA256 | bca182053946267c1f3bb5d160849a6a290b2aefc57abc7155180ca98db87301 |
| SHA512 | 6fe7f9980d1e29a0ab7cccf8acb1b73c867e48a975799f57e07381a432b5ead70b2f470649aa36e38b6bfbf3e819fa2d2b9c4e3281c86ecf500549b1b4800038 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\java.security
| MD5 | 9de4139494e2c62f18b76e5df12e2dff |
| SHA1 | 9f3b4e00dc585f09b098247463f0165ee3f34740 |
| SHA256 | d3869371d15a199e17e227a45b95e6b78b69fce329dba03c4a2a42cd3efff20b |
| SHA512 | d4d150b28a2154c5c4474cf0289b66cd0dcdeccbc0cb943b98411efefb76af61211dc528820b753ffefe3a6d5a7272dd6f27e78e93bce776d258a571c0e7a90c |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\policy\README.txt
| MD5 | 3d47d94bc4f19d18bcc8b23f51d013af |
| SHA1 | a97cd312d6a2a9c8c780c15e5af51a2f4f97c2cb |
| SHA256 | 6da0747334b0fea7592fd92614b2bbc8b126535e129b1fee483774d914e98eb5 |
| SHA512 | 68a031264cf9442526307364ca74b336af55564c233c2f514cac48e910022767562f8ff6a64bb9cfcbf0fb5e755289273382c9246418a4b9207fc7761d03c64e |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\unicode.md
| MD5 | a37c772aaeb922a5ff741a1da81d52ac |
| SHA1 | 85c21732f4903895dae6e512d23accc5d26010df |
| SHA256 | 5e4e6623a21a63f9bc16ea54af4133b8038e490c0d499a74676f9e5a61b9c5b2 |
| SHA512 | 17805f146fae2058ff99d051d231bfc7238c2b79dc70930af01f3c56657e06d037664cd9dbdc42fe48c3539dcf39f4b799e0a53d08a8891ba2af484745b956aa |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.management.rmi\LICENSE.tlauncherdownload
| MD5 | 663f71c746cc2002aa53b066b06c88ab |
| SHA1 | 12976a6c2b227cbac58969c1455444596c894656 |
| SHA256 | d60635c89c9f352ae1e66ef414344f290f5b5f7ce5c23d9633d41fde0909df80 |
| SHA512 | 507b7d09d3bcd9a24f0b4eeda67167595ac6ad37cd19fb31cd8f5ce8466826840c582cb5dc012a4bd51b55e01bb551e207e9da9e0d51948e89f962ba09606aab |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\security\policy\unlimited\default_local.policy
| MD5 | 2a0f330c51aff13a96af8bd5082c84a8 |
| SHA1 | ad2509631ed743c882999ac1200fd5fb8a593639 |
| SHA256 | 8d8a318e6d90dfd7e26612d2b6385aa704f686ca6134c551f8928418d92b851a |
| SHA512 | 2b0385417a3fc2af58b1cbb186dd3e0b0875e42923884153deee0efcb390ca00b326ed5b266b3892d31bf7d40e10969a0b51daa6d0b4ca3183770786925d3cde |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\conf\sound.properties.tlauncherdownload
| MD5 | 4f95242740bfb7b133b879597947a41e |
| SHA1 | 9afceb218059d981d0fa9f07aad3c5097cf41b0c |
| SHA256 | 299c2360b6155eb28990ec49cd21753f97e43442fe8fab03e04f3e213df43a66 |
| SHA512 | 99fdd75b8ce71622f85f957ae52b85e6646763f7864b670e993df0c2c77363ef9cfce2727badee03503cda41abe6eb8a278142766bf66f00b4eb39d0d4fc4a87 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\asm.md
| MD5 | 66c0cecd7aaddf8f7d0cdb433c5c6036 |
| SHA1 | c34eb481a27b11495d8e0a5505be89826b8051e2 |
| SHA256 | 1ff912740e84e024711def5fa482ffbb46eff64559760c467352dfa7c39a3307 |
| SHA512 | 7ecbf4ef5b621227caa6889937e980cd3492e344b2ea06d0b8f6f247eb484420625eebed3ad5f23f84251b47390cb115f41197909593d3ca7d293415ac9188c1 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\c-libutl.md
| MD5 | 2e89a282a50f8702e52703464e6937ca |
| SHA1 | cfc22a6f5b17cd539234d5b3160a5224abefadb9 |
| SHA256 | bef40679922d6fdfb7e4ddb223ad6722300f6054ba737bbf6188d60fcec517f9 |
| SHA512 | ae459d8ce5581ea57e203088373c1ce86d122d0e27eb871ee1383e0e64cd8a184fa207eee0e835347316e70afa24a1c95aec30def3e09d15ee19a0b2c3ad2095 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\colorimaging.md
| MD5 | 0889fd01a6802a5a934572d9bd47f430 |
| SHA1 | 7a7e547452ee1c72e8b0d96dccbe315f62d5b564 |
| SHA256 | 04d61e3e8e71dd452ebe52008af5378d9f6640d14578aeb515dc5375973b0189 |
| SHA512 | f5872960470810cdbdc2db1dfb216cab88203b23400b16e157c8654c2eecff8d9b26ce066ec18718c8e6d54ee1c54533fdade395c454210fed5159fd4a7a0adb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\wepoll.md
| MD5 | cef1d92ff8ace278bd32ac5e18735b86 |
| SHA1 | 6c7d15e2b8f3e99527458c8ea33420ee1d34af7b |
| SHA256 | 3ac2992770080453b98c42afa807ba4b2c1738ef756b92a55c645f55e7df48f0 |
| SHA512 | 12aa61ae93fc626a230f39f44ca11c75086fd9bb50f2794fb9fec29b9bef924545fc19d9cb38fda631560ca78ae8e587144cf3cf3c83a6b336bb4711611393bf |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\lcms.md.tlauncherdownload
| MD5 | 04a8a77cafdd6185a3506eccf7a83346 |
| SHA1 | 1acbec21e9eab8bd2bee9826353c1e768d5457b5 |
| SHA256 | 8acf00b5efd25c1c055927222fd3c26b0c9fd02ed02e478c225b64e7a24d9782 |
| SHA512 | a91faa243a09bdfe62714859b9b4420e8434dd09693a6a280e1c8ef6694fb7858d0171fae4ca36721b685e3ab8bc8000c5635bf3789250a5b9081130eb4ff57c |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.base\zlib.md.tlauncherdownload
| MD5 | 440321d71d082c9f04a9995b613bdff2 |
| SHA1 | 9af688d499b3026ec8e5a2e266dc4b9b4884a87b |
| SHA256 | 81518ebc49d23a7c77b2e08eff48664ea0c7dd90957a0caf22fd9654985d3285 |
| SHA512 | c516403a109630b79998f3bea6b698247a0b5367cc9873defa75014e8c98c690d34d0810d32792d80fde1333980ac6c5f19324743795cb6455ef0ee4979496bb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\giflib.md
| MD5 | 867001e2a577f88cfc856f45959502aa |
| SHA1 | 109c11cec13349212ba94b9f3eb7d0943229938e |
| SHA256 | c8b99f33890887d27ad56fba9edd8ebbc668cfe0689168505a95613d1d4b32f8 |
| SHA512 | dafac31d75a7ab4ddd7666799a24abf22c1583ca22554a738cc26a77bf927b20dde52f12194670a5196bce3a43bd58de46944291727c8877fee1fe4a38a1f1ca |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.desktop\mesa3d.md.tlauncherdownload
| MD5 | c7e0d19c8f4eff11e97f0eb9afd3f7f4 |
| SHA1 | 6a98ee2703132e181f37d162452f073fb64ced83 |
| SHA256 | 63f4e6f75caebbccb95d903fb43e46ac7111b3624d0a34f146b276d7d9e7b152 |
| SHA512 | 9c4111728ab9472f0b160cb11ce1e4ebd75a83cfddca0b3cb87243d15afc5a7fa34dc6006e6b92084648cbad1426f70b405259f589cdef758442643e1618dff4 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.xml\dom.md
| MD5 | 13952c46b3867103ad7d1e9c6c9e906c |
| SHA1 | 4bf3f9908314b05f3b0f6e27be2c1fb7e25fffbb |
| SHA256 | 6686e8877667584a3a7c07344baadca1a03e29f677162d87c3c0811e990d1148 |
| SHA512 | 8c71f226f0f07b471aea6b8e715434b5eaa6b4a59a653ec22c2489e743e9288a0c4537f479719f9d58737d0257470c9cceff9ce647a96e79fd757a4cdcfed499 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.xml.crypto\santuario.md
| MD5 | df4b970846bc5c7742c8356641731613 |
| SHA1 | ee0a66a8c52c2294e0fa8b7edd2b7cfb6c6b2f3f |
| SHA256 | 6c05574d99b0d7e38c6217db5718e7ba2ee7f710f23a5f8228e502dcffe43e7a |
| SHA512 | ee1463a0adabb1f6bfc046ebb802fd01a9341828d730199b2423021cff1134ba5faa252767ab8572ca942a3590d834eed6a895fbf0e96ffade98e2df266cd612 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.xml\jcup.md
| MD5 | d19594fbf6eab2242dc29257905d8ded |
| SHA1 | fbdcbe5a7e7d91d440c200f5fb00e0cf6a81976c |
| SHA256 | 8d5dcfdf50455a3c34c753a98f21e953248af200415a9084e3f102cb6c43b8bf |
| SHA512 | 7ed3e58f189f2922f7543d4617308d0c35f8adc2e7cbbb6fbba49d33cdd5da64c6edc022ae9842c28e58d97b056a245245c816003978f1e0152236636ca72ba5 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.xml\xalan.md
| MD5 | b29a2d48a582be602d54da738c304350 |
| SHA1 | 24d8fea1126acfc1ee4f990fd761d138637e6147 |
| SHA256 | ea67226be5cfe19c7e79725c2c24a16676323264d69f9747c528de0b44541b03 |
| SHA512 | 1b63beefadaa6ab21a54a68abe901a38624453f7cc3ba6870e831dfb9c23990d19b67ada316e72a06129cfcb49ccc495c2ed6b35cd565f05e4ad1dceb87e8752 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\jdk.crypto.cryptoki\pkcs11cryptotoken.md
| MD5 | fa24b7e2a61a7045cb0c6c385000681b |
| SHA1 | 869fc0b687986ea26b8ff63c137e03c92234a5c8 |
| SHA256 | 262802e081760b38b3748c8b194353d340e39bc936ac22e17abbb7158d895811 |
| SHA512 | 2676cfdfd61762c7b6171985e8cfe1068c36683ca43753a1ffb10241ac61a74c9be1c00be22903df85ba6954fd908d77de60903c316506fd88b9679672ada968 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\java.xml\xerces.md
| MD5 | 5feac4b0a3606d75537b6b9d355e5d3d |
| SHA1 | d5a230002b75ea8f003984000f743a85eadcf7c9 |
| SHA256 | 472224f99de833f4f4c19f2f8a0317f22114e1c641f5d77ffa3a4280a1b80176 |
| SHA512 | d0b638c8ef8bab5630faad0d65b24735b567f7bd413e82f3ca48166c681cf00e8e543ab26ef8c6148a00956ef80c68c06c4fc31632352b403b39c799ece4dbc2 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\jdk.crypto.cryptoki\pkcs11wrapper.md
| MD5 | b77d1951df7a8488eb84ce1d25486a14 |
| SHA1 | e35415235ec3bbcb92beeceb03a9a8e7c13a6fce |
| SHA256 | 371974b1fca3744a3892c7ee1fcc593b8b4281fc218f4cafd2f709e9df5fd81d |
| SHA512 | 759c75f87309b67c56a5b7088045e04be7c023ecdbaea80842e22b81b0bfb36026191070471f8b08fef47ec73664611ce0453b4a9818f7708c95663733ee5ce9 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\jdk.internal.opt\jopt-simple.md
| MD5 | 4f3f190fd212329afc39442174ca4b3a |
| SHA1 | d7e25adf223e68d06276ae7666bbc96590dda442 |
| SHA256 | 99bc67f93cf57d6d20e6047731c93fbb267d70fbdd4115d119e0f85c6efe5c05 |
| SHA512 | fdd3d2fcfd865f62dad0ba2617ea816c78a3dc9d99d8991ffb5eb479fda37317dc3f70b0dcdb1847ffe4432947690436ad4046bfb056c37e2991e6fefa8b70c0 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\jdk.javadoc\jquery.md.tlauncherdownload
| MD5 | 8ef4ab67241efd69eaa3df9871fa0dbd |
| SHA1 | a20a019c3b06d4263b00f5e89ed394a52b8c1981 |
| SHA256 | 0716943682c624fd2f49b3a718a2ed4d6386e872fe741f1c759573ae24509d3e |
| SHA512 | 1f85e70e166146d81457f05be906f18b9b16ed82bed5f544f090d894b8d0cb1ff4fe5fffd90022f06f2024b2dbf74a30f2940a21941871358469b1f9a1a19998 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\legal\jdk.localedata\thaidict.md
| MD5 | 2ea6eb55ca40902554aaf2fd20a76ba8 |
| SHA1 | e5b9e88e174c797c313d6739e7e34772b723bc4b |
| SHA256 | c326144a2351c9608fa708b5d7d3c5a3da03e82b66479b128e9db4969539824a |
| SHA512 | 5221112cd8ef83b636dc4364f53b72c5484a5885acb55c2c071c88d23058093caee38578f7e424ecafdb483ccc0bc8e78d7ac13add536ec824a8eac171a576cb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\fontconfig.bfc
| MD5 | 0e25b41e6acf99681eaf2e8b572f18d1 |
| SHA1 | d6b4290da768e050fe6c310366272f87e6c2b6d2 |
| SHA256 | 968ac99bbaaf8a49a474c934e73ad58f88c6c7f2a363cb44771e0378444e36ba |
| SHA512 | 7c1e98bc6582af9e9c58c13cdc4d257e441a6d48fd395a3601ad558ebd481257f138d6f0dcbfe12735eb6bebeb7c8985b3d8af633b545fa01d56738f56360c08 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\classlist
| MD5 | 8609f02107e12b099812907091c67c88 |
| SHA1 | a17d9d9064f409d3d7b6fe0a5e9c2ab32154567f |
| SHA256 | b9e8a47b633879a932d920e57644b560f8f2610abebbd7003e9d0af155a35ccf |
| SHA512 | 91df39496f9957fce6aa5f58308853bff77605e07e1ce2da8370356905dcc5273f8aee600811f815c5162a1b863c380b03eb2916dd8d6ec8670fec0a3141579c |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\jvm.cfg.tlauncherdownload
| MD5 | 7ce21bdcfa333c231d74a77394206302 |
| SHA1 | c5a940d2dee8e7bfc01a87d585ddca420d37e226 |
| SHA256 | aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0 |
| SHA512 | 8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\jfr\default.jfc.tlauncherdownload
| MD5 | 31e2d129dc3cae567d253a94fa285944 |
| SHA1 | ce34fac158a582efbe025521371ecfcc4b3169d6 |
| SHA256 | 4b57387abe8b51dfae91b392274de6f8f03e41ff8501240293404c2a5b1c4995 |
| SHA512 | 1fc15b4ddb26b516fe43d67cc8942de4fcb828d0d5948873cbac7937dc6730542240bb358b8be5cfce9b249081020c211147fd354fe418bde1e283c0bc3836bb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\security\blocked.certs.tlauncherdownload
| MD5 | 8273f70416f494f7fa5b6c70a101e00e |
| SHA1 | aeaebb14fbf146fbb0aaf347446c08766c86ca7f |
| SHA256 | 583500b76965eb54b03493372989ab4d3426f85462d1db232c5ae6706a4d6c58 |
| SHA512 | e697a57d64ace1f302300f83e875c2726407f8daf7c1d38b07ab8b4b11299fd698582d825bee817a1af85a285f27877a9e603e48e01c72e482a04dc7ab12c8da |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\jfr\profile.jfc
| MD5 | dd3edd73b3dfee9ccd2f62a48a8d0978 |
| SHA1 | 7909778105c2334470d41c0f21b9e4b2f9de7390 |
| SHA256 | 509d1403d6bbd78afea4af8d1890aef5f391212d2ecc6c2d0d15311fb6717656 |
| SHA512 | 770838fab542f72da35c9aab9f78a5f9f2438f7779354c0cbaa5dc8895ee01ec71f6dbdadefa19d5afaea0cf291681855847fc1112d88eacb38685733f299f4f |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\tzdb.dat.tlauncherdownload
| MD5 | 2fd920c56de68f65493ba6962fd079e1 |
| SHA1 | 1e79bff02711d3dab3c75e90d4bb08f8086c9626 |
| SHA256 | b7dba25abdfee317daa042c89b01e5711f5781d020dd733ba411760b72addb93 |
| SHA512 | 958f835407e4a10a268bf76bc2ef0196ecd5fa92e139de4c3760544dbdf76f95e67865bac22406aef8ac5ae7508fe63cd1a688c8328e46b73a5867efa4f18d47 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\tzmappings.tlauncherdownload
| MD5 | b02ee240a8db902961fe886a19beba16 |
| SHA1 | c52c42d591f4c650b629e6b374e967e211fb5aeb |
| SHA256 | 36dc51c4bf787f640a4b45cbb84ab6954f6e595cbd3617c2f5a4e1e607b38bff |
| SHA512 | 024811961511b7182860ed03a5670f82412a45d005a1db0876f6b0c9af7e96c104566abff0ebbded11a780349444214291f439039d20fb92071c7dd24bda0e23 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\security\public_suffix_list.dat
| MD5 | e7a714571a1f7c4e1d2f70b8f3052ada |
| SHA1 | 2b09124caddf58ec734f4664264ed5666f7c1c64 |
| SHA256 | 72e17c92d464ba1476fbcc7dac6cbc493f6fb04f158895368b57d81ddbe277d1 |
| SHA512 | 981250d4da5fa5f86dad4fae8465fd8ce3cf36297a86ece0ffdfb3963ac5f8e0a56c0aeab518facb7b51ec359665f6a0685f2c5443271e70ac8c31c9b1aa01d0 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\lib\security\default.policy
| MD5 | a9bc877eb282751fa4832811bd5fd922 |
| SHA1 | f2b41d0c2c4f708f4c8b4561ff4e42c3875d9903 |
| SHA256 | a06db9c282547150e85e7a67590726f112bbda9305371907c7082215b7d13b5c |
| SHA512 | 35a1bdf6b24bb5ba0ecb7585454f607e0aa5746dae8921a49c9da3644cc309ee21ff85de34e0861e835e12b2ea4c0e501a1551f081f21d8493c884660c5862df |
C:\Users\Admin\AppData\Roaming\.minecraft\assets\objects\7a\7a5bd3f8d091a924c4f649e8354cca8c9998a653.tlauncherdownload
| MD5 | d208150524c6f8f1c1b57a6a4cb1bd16 |
| SHA1 | 7a5bd3f8d091a924c4f649e8354cca8c9998a653 |
| SHA256 | 08f190ce89355880fce912791bb5dabf1927f32925ae79a9121e9d9036e15e89 |
| SHA512 | 9e265d28f4734bc1066285f77b60eed54a04e74a60ad85f52ce8c926b71d0448a3f227b89766df688e4b046522344588f9929af3a36e1ba3195d735a3d2e5992 |
C:\Users\Admin\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.2\commons-logging-1.2.jar
| MD5 | 040b4b4d8eac886f6b4a2a3bd2f31b00 |
| SHA1 | 4bfc12adfe4842bf07b657f0369c4cb522955686 |
| SHA256 | daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636 |
| SHA512 | ed00dbfabd9ae00efa26dd400983601d076fe36408b7d6520084b447e5d1fa527ce65bd6afdcb58506c3a808323d28e88f26cb99c6f5db9ff64f6525ecdfa557 |
C:\Users\Admin\AppData\Roaming\.minecraft\libraries\com\google\guava\failureaccess\1.0.1\failureaccess-1.0.1.jar
| MD5 | 091883993ef5bfa91da01dcc8fc52236 |
| SHA1 | 1dcf1de382a0bf95a3d8b0849546c88bac1292c9 |
| SHA256 | a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26 |
| SHA512 | f8d59b808d6ba617252305b66d5590937da9b2b843d492d06b8d0b1b1f397e39f360d5817707797b979a5bf20bf21987b35333e7a15c44ed7401fea2d2119cae |
C:\Users\Admin\AppData\Roaming\.minecraft\libraries\com\mojang\patchy\2.2.10\patchy-2.2.10.jar.tlauncherdownload
| MD5 | ff905bf0aacf501149a13880a2d6742d |
| SHA1 | da05971b07cbb379d002cf7eaec6a2048211fefc |
| SHA256 | 16d70e7968b45caffc81576268eb000f473fb60bf257182d3447dea8ec919d5a |
| SHA512 | 5d66d948fc5e4be401ce6800f36ae896b9315abbb63cc0c0d489ac10651392522c9e52d2a42bdeba095b713917f41ff04121d34675c504da716bafa55355e171 |
C:\Users\Admin\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\5.0.4\jopt-simple-5.0.4.jar
| MD5 | eb0d9dffe9b0eddead68fe678be76c49 |
| SHA1 | 4fdac2fbe92dfad86aa6e9301736f6b4342a3f5c |
| SHA256 | df26cc58f235f477db07f753ba5a3ab243ebe5789d9f89ecf68dd62ea9a66c28 |
| SHA512 | cbc27e0b6da6ae4b6245353d6626d2e3c171c3026a555fa21e8ef61b30714e286db85086d1a57c167016e8a7f07be2a243e34b3ab504b1877806f3bcec5df986 |
C:\Users\Admin\AppData\Roaming\.minecraft\libraries\v1\objects\fd19469fed4a4b4c15b2d5133985f0e3e7816a8a\client.jar
| MD5 | f7477a4e542bf5ba480fdacf0e249da9 |
| SHA1 | fd19469fed4a4b4c15b2d5133985f0e3e7816a8a |
| SHA256 | 9221ab461a491bf9661cd8e773a5e662aaa43d600fa7970b8c12bbfb0431b838 |
| SHA512 | 2fc775ec4a55027550590d63e927a9afa695b03c3a66694ccd9a5d27720810879879774ef6efd941caec7bbbf2a91c41a8445d7d6e0d8384a92c15f71b8204ec |