Analysis Overview
Threat Level: Likely malicious
The file https://cdn.discordapp.com/attachments/1234488074650517647/1236728306167058523/SolaraBETA3.rar?ex=6639107d&is=6637befd&hm=7845e144435ab43fc88df64887db94747f800e593b11bd7441cb27ad37a6530c& was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Themida packer
Checks BIOS information in registry
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-05 17:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-05 17:47
Reported
2024-05-05 17:49
Platform
win10v2004-20240226-en
Max time kernel
88s
Max time network
94s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\has-symbols\test\shams\get-own-property-symbols.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\safe-buffer\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\editor\editor.main.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\language\json\jsonmode.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\array-flatten\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\object-inspect\test\fn.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\safe-buffer\index.d.ts | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\basic-languages\ecl\ecl.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\express\History.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\object-inspect\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\object-inspect\test\number.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\object-inspect\test\values.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\qs\test\utils.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\call-bind\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\inherits\inherits_browser.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\side-channel\.eslintrc | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\depd\package.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\iconv-lite\lib\bom-handling.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\qs\.eslintrc | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\toidentifier\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\unpipe\HISTORY.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\content-type\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\es-errors\eval.d.ts | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\qs\test\stringify.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\safe-buffer\README.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\type-is\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\basic-languages\freemarker2\freemarker2.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\basic-languages\pgsql\pgsql.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\define-data-property\.github\FUNDING.yml | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\content-disposition\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\es-errors\range.d.ts | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\has-symbols\.github\FUNDING.yml | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\has-symbols\README.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\set-function-length\README.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\base\common\worker\simpleWorker.nls.ru.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\basic-languages\less\less.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\body-parser\lib\types\json.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\basic-languages\objective-c\objective-c.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\es-errors\test\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\es-errors\type.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\proxy-addr\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\basic-languages\liquid\liquid.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\min\vs\basic-languages\wgsl\wgsl.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\debug\karma.conf.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\has-proto\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\iconv-lite\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\media-typer\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\qs\lib\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\basic-languages\solidity\solidity.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\call-bind\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\language\css\cssmode.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\es-errors\ref.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\bytes\index.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\mime\package.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\object-inspect\test\lowbyte.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\path-to-regexp\package.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Microsoft.Web.WebView2.Core.dll | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\debug\.travis.yml | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\forwarded\package.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\iconv-lite\lib\index.d.ts | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\range-parser\HISTORY.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\vs\base\worker\workermain.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\cookie\SECURITY.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\SolaraBETA3\Monaco\fileaccess\node_modules\body-parser\SECURITY.md | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/1234488074650517647/1236728306167058523/SolaraBETA3.rar?ex=6639107d&is=6637befd&hm=7845e144435ab43fc88df64887db94747f800e593b11bd7441cb27ad37a6530c&
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4952 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4980 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3460 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --no-appcompat-clear --mojo-platform-channel-handle=3740 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3512 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=6184 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6496 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5372 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --mojo-platform-channel-handle=6688 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6868 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x424 0x500
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=4740 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=5556 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=7312 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=5940 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6880 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4840 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap307:84:7zEvent6972
C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe
"C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --lang=en-US --accept-lang=en-US --mojo-named-platform-channel-pipe=5568.5784.11725382935567090689
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=122.0.2365.52 --initial-client-data=0x178,0x17c,0x180,0x154,0x18c,0x7ffce2632e98,0x7ffce2632ea4,0x7ffce2632eb0
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1752,i,551833744699186091,1561044969220530676,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --no-appcompat-clear --mojo-platform-channel-handle=2132 --field-trial-handle=1752,i,551833744699186091,1561044969220530676,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --no-appcompat-clear --mojo-platform-channel-handle=2128 --field-trial-handle=1752,i,551833744699186091,1561044969220530676,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=3684 --field-trial-handle=1752,i,551833744699186091,1561044969220530676,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.130.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| NL | 104.97.14.73:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.57.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 104.208.16.94:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 94.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.200.42:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
Files
C:\Users\Admin\Downloads\SolaraBETA3\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\Downloads\SolaraBETA3\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\Downloads\SolaraBETA3\Monaco\fileaccess\node_modules\hasown\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
C:\Users\Admin\Downloads\SolaraBETA3\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\Downloads\SolaraBETA3\workspace\.tests\isfile.txt
| MD5 | 260ca9dd8a4577fc00b7bd5810298076 |
| SHA1 | 53a5687cb26dc41f2ab4033e97e13adefd3740d6 |
| SHA256 | aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 |
| SHA512 | 51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7 |
C:\Users\Admin\Downloads\SolaraBETA3\Solara.exe
| MD5 | 91f3d54d71a0751d55fc066d7831f356 |
| SHA1 | 990c18b063c78cecfac1ae3d870058e5f1619613 |
| SHA256 | 5b459f91fab604c2630768e0423c7d0004aab701978154e1a1ce8d2460ab945f |
| SHA512 | e40818039bc0855b108d4e4cb703a399ccbdb86c1df577b81cb9e7a07fd588a18e31f3d805af01d3d8e37ecc4a87d819641408526b7ae12a13e981d351528551 |
memory/5568-1468-0x00007FFCE6933000-0x00007FFCE6935000-memory.dmp
memory/5568-1469-0x000002A88EC90000-0x000002A88ED56000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\bdfe1398330148c085d9bc6215bd335b\WebView2Loader.dll
| MD5 | a0bd0d1a66e7c7f1d97aedecdafb933f |
| SHA1 | dd109ac34beb8289030e4ec0a026297b793f64a3 |
| SHA256 | 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36 |
| SHA512 | 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50 |
memory/5568-1475-0x00007FFCE6930000-0x00007FFCE73F1000-memory.dmp
memory/5568-1476-0x000002A88F160000-0x000002A88F176000-memory.dmp
C:\Users\Admin\Downloads\SolaraBETA3\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/5568-1478-0x000002A8A9A50000-0x000002A8A9F8C000-memory.dmp
memory/5568-1479-0x000002A8A9600000-0x000002A8A96BA000-memory.dmp
C:\Users\Admin\Downloads\SolaraBETA3\Microsoft.Web.WebView2.Wpf.dll
| MD5 | 9dc64e263f13ea91d91c82f8b8d49566 |
| SHA1 | 4f9a5c3e82d8d65f950f188d66881427b6c85105 |
| SHA256 | ea6e6875dc3783743d1cfdfaa7f67529cfd05fa74c2ca388435e9bcb9c9be674 |
| SHA512 | 0612e2a0ec23852ce4d887ad6411ccb88a44d9b6aa8f702bb9dff350fdbe661213c652d59027edb40f0f2a85747f7d72ceff6920d1c344f6f0d58cc73ce9a119 |
memory/5568-1481-0x000002A8A91F0000-0x000002A8A91FC000-memory.dmp
memory/5568-1483-0x000002A8A98C0000-0x000002A8A98F0000-memory.dmp
C:\Users\Admin\Downloads\SolaraBETA3\Microsoft.Web.WebView2.Core.dll
| MD5 | 5aa9881f82850a619545d02f193c932d |
| SHA1 | 54d704e857e2f5a53e2fe910bff52aa88cb60398 |
| SHA256 | b98024a78f475933d8fd12cb41b577e470ffd612dd1fed88d70f2588eb4d5a97 |
| SHA512 | 51baef9fa3ddbff1bfde2e7b473e5dcc51a2323c46a7fd3ce5f565d20250a683d17ef1137a5e5d73fd782be6563e97c8f78243ca61b904b5dc3068020432a01c |
memory/5568-1484-0x000002A8A98F0000-0x000002A8A98F8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\EBWebView\Crashpad\throttle_store.dat
| MD5 | 9e4e94633b73f4a7680240a0ffd6cd2c |
| SHA1 | e68e02453ce22736169a56fdb59043d33668368f |
| SHA256 | 41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304 |
| SHA512 | 193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337 |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Crashpad\settings.dat
| MD5 | c8b2e46de387d1c5b196122b15384080 |
| SHA1 | e7e5f51f2a7dcce87e04f7a15c086008ae657113 |
| SHA256 | bdf27b415ca9c4b5abe824371de6187efcf664489e795d9eb72f4f57d54d5cc7 |
| SHA512 | 0834c6c7f1bc28ba5f813ef82651d7715aa6686ba38916c7ef06365d22205fe7258d8d1614323b67498144d54c80feab699bb0ba27e0c7e27f8eca645c3fb512 |
memory/5568-1494-0x000002A8ADB00000-0x000002A8ADB38000-memory.dmp
memory/5568-1495-0x000002A8ADAD0000-0x000002A8ADADE000-memory.dmp
memory/6068-1515-0x00007FFD07940000-0x00007FFD07941000-memory.dmp
\??\pipe\crashpad_5788_NUSTAAGLLIZYWARP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\Site Characteristics Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Crashpad\settings.dat
| MD5 | 5b0554669d097bda95b1600633069238 |
| SHA1 | 668e502cf398ecd1b5551d4a8a1bcaf135ea2ca9 |
| SHA256 | 615570db2c71f88d095be64a13d621475caadf85852180a2da39805500f4a03c |
| SHA512 | a2d6fdcff76972de84edc41cecd3bb51d8123341c66d463646867c52ebe8688de185da7697d725e3ab32cc982239cb0a7e2fe7ea7d3f8216ec1f3dbf213f5c3a |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Local State~RFe593714.TMP
| MD5 | 75461cc6e16540bbf87869b4c1b35056 |
| SHA1 | ae7250fbcb90cea3eaf562a753e37ae82309d756 |
| SHA256 | 2808141d07dbd31ba3986c74a8fc01c9621001f91cc765e916b88db57d166709 |
| SHA512 | e3990e50d645213fc92f704ceac139528316ee46aadc9fdfbffed97f4ea4a455c090287ec9e2b002210c454dc6ef746418d5a390606709791d69968a44c93d01 |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Local State
| MD5 | 6467ada121eb98bb5cab60a68370cf90 |
| SHA1 | 6af0aa68e72c5570d332ed227f418a4e86747c06 |
| SHA256 | 00e844bf4835cfd958a9f037ff13aef88b666c5b7723729a7a1c4f862309b96d |
| SHA512 | 5b9e840caabb7a1b24a2bb52cb9b7cb52d89fe7b4eb5396d5c106888911a3e1433e7ba69a2b47a5f74c51c6bbd4cb26d2564ee898f13c9110c8a83e80260d3b6 |
memory/3604-1551-0x00007FFD06050000-0x00007FFD06051000-memory.dmp
memory/3604-1550-0x00007FFD07C40000-0x00007FFD07C41000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\EBWebView\Local State
| MD5 | 07e850ccba8a33b734a4b25d3d4b1ff8 |
| SHA1 | 3c8e4f273c91f9ac1a5a2eac9d84e639031a49f7 |
| SHA256 | c076edca308b2f7c9a5c89ce1aa81022342a8b2d91c02825422ee6ab78a5dd70 |
| SHA512 | 44e0175667b2c7d8d45158af2a76385a700c773474f98e5687b3c088beaaddc8e2bb02cc3acb656d12e00ff186eeefe668911acf611ed16fa46b148e0a54b214 |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
memory/3852-1620-0x00007FFD07940000-0x00007FFD07941000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\DawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Temp\EBWebView\Default\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\Downloads\SolaraBETA3\libcurl.dll
| MD5 | e31f5136d91bad0fcbce053aac798a30 |
| SHA1 | ee785d2546aec4803bcae08cdebfd5d168c42337 |
| SHA256 | ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671 |
| SHA512 | a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6 |
C:\Users\Admin\Downloads\SolaraBETA3\vcruntime140.dll
| MD5 | 7a2b8cfcd543f6e4ebca43162b67d610 |
| SHA1 | c1c45a326249bf0ccd2be2fbd412f1a62fb67024 |
| SHA256 | 7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f |
| SHA512 | e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8 |
C:\Users\Admin\Downloads\SolaraBETA3\Solara.dll
| MD5 | 7b70852490ba6ebbd3f93f6585ca22c3 |
| SHA1 | f078b55d9973befbada9844d6dacb390cf183f33 |
| SHA256 | 1abe8a754648b2a868b32763e47c6f34d85d4a68649b097d2433171a742246c9 |
| SHA512 | 434968c75263f54d31a5d4bc3b40eb54528fd5d0435ffd3a1bd169de45d177b6eaa030187f5595121f104c5d91505075372b969c03fa77ea1ec40dbb29aa795d |
C:\Users\Admin\Downloads\SolaraBETA3\zlib1.dll
| MD5 | 75365924730b0b2c1a6ee9028ef07685 |
| SHA1 | a10687c37deb2ce5422140b541a64ac15534250f |
| SHA256 | 945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b |
| SHA512 | c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1 |
memory/5568-1638-0x0000000180000000-0x0000000180FF1000-memory.dmp
C:\Users\Admin\Downloads\SolaraBETA3\msvcp140.dll
| MD5 | 7b92a6cb5d2cad407c457ab12d2b211d |
| SHA1 | e04020b3448fc6084fa31b7f791f22ff15e31328 |
| SHA256 | 3c6a772319fff3ee56d4cedbe332bb5c0c2f394714cf473c6cdf933754114784 |
| SHA512 | b28740c1aca4f0f60a9e4a9ab5a0561af774d977ab6d42a7eea70c9e560c77c50be5d9d869f05d0435e2923f4f600219335d22425807ab23cbbcda75442c4b42 |
memory/5568-1653-0x0000000180000000-0x0000000180FF1000-memory.dmp
memory/5568-1655-0x0000000180000000-0x0000000180FF1000-memory.dmp
memory/5568-1654-0x0000000180000000-0x0000000180FF1000-memory.dmp