6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Analysis

max time kernel
320s
max time network
329s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09-05-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

file01.ps1
Size

1B
MD5

c4ca4238a0b923820dcc509a6f75849b
SHA1

356a192b7913b04c54574d18c28d46e6395428ab
SHA256

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
SHA512

4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Score

9^/10

bootkit discovery evasion execution persistence ransomware

Malware Config

Signatures

Renames multiple (115) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Downloads MZ/PE file

Modifies Windows Firewall 2 TTPs 6 IoCs

evasion

Windows Service

T1543.003

Disable or Modify System Firewall

T1562.004

pid	Process
2004	Netsh.exe
2184	Netsh.exe
1464	Netsh.exe
1112	Netsh.exe
2664	Netsh.exe
2380	Netsh.exe

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation	cef_frame_render.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation	cef_frame_render.exe

Executes dropped EXE 13 IoCs

pid	Process
880	GLP_installer_900223086_market.exe
2112	Market.exe
1984	Tinst.exe
2436	QMEmulatorService.exe
2668	AppMarket.exe
1616	PcyybAssistant.exe
1656	wmpf_installer.exe
3056	syzs_dl_svr.exe
2936	cef_frame_render.exe
2988	cef_frame_render.exe
1692	cef_frame_render.exe
1804	cef_frame_render.exe
1788	cef_frame_render.exe

Loads dropped DLL 64 IoCs

pid	Process
880	GLP_installer_900223086_market.exe
880	GLP_installer_900223086_market.exe
880	GLP_installer_900223086_market.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
1984	Tinst.exe
1984	Tinst.exe
1984	Tinst.exe
880	GLP_installer_900223086_market.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 4 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\F:	GLP_installer_900223086_market.exe
File opened (read-only)	\??\F:	Tinst.exe
File opened (read-only)	\??\F:	QMEmulatorService.exe
File opened (read-only)	\??\F:	AppMarket.exe

Writes to the Master Boot Record (MBR) 1 TTPs 4 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	GLP_installer_900223086_market.exe
File opened for modification	\??\PhysicalDrive0	QMEmulatorService.exe
File opened for modification	\??\PhysicalDrive0	AppMarket.exe
File opened for modification	\??\PhysicalDrive0	PcyybAssistant.exe

Drops file in System32 directory 3 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\devmgmt.msc	mmc.exe
File opened for modification	C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\DeskUpdate\GlobalMgr.db	QMEmulatorService.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent\DeskUpdate\GlobalMgr.db	QMEmulatorService.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\gamemigrate\appdefault.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\Menu\menu_highlight.gft	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\normal\58.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\48.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AsyncTask.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\I18N\config-ko.xml	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\button\ae_disconnect_server_hover.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\hover\17.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\hover\2.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\locales\en-US.pak	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-yyb-pcgame-sdk.9dca9696.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\button\max_normal.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\DL\syzs_dl_svr.cfg	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\MgaQPlugin.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\TGVoiceBuddy\Res\button\feedback_hover.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\uires\window\close_normal.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-waterbear.3aef87b6.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\normal\13.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\PocoNet.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\TGVoiceBuddy\Res\window\bg.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\reactVendors.6c9e9b36.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\I18N\config-es.xml	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\gamemigrate\tip_install_btn.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\webctrl\loading\25.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\I18N\1031\StringBundle.xml	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\qimei.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\TGVoiceBuddy\Res\JoinGame\usage2.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-syzs-market-i18n.ac21e99b.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\hover\16.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\normal\49.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-syzs-login-sdk-v2.ac53bf12.js.LICENSE.txt	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\sqlite.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\WMPF\runtime\ilink_network.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-syzs-login-sdk.d8be13ea.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\hover\31.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\hover\6.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\62.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\locale\id.pak	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\QQApplet\api-ms-win-core-errorhandling-l1-1-0.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\I18N\1042\GFStringBundle.xml	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\hardwarecheck\progress.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\hover\18.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\api-ms-win-core-errorhandling-l1-1-0.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\AERequire\install_down.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\webctrl\loading\10.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\window\small_tab\gift_down.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\static\media\cdkey2.ff9babc0.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\static\media\logo-edu.5be32200.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\static\media\slick.woff	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\32.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\73.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-thumbplayer-h5.96ba0911.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\QQApplet\api-ms-win-core-console-l1-1-0.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\SSOLUIControl.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\update\loading_1.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\dbgeng.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\module\lib-syzs-react-activation.087a9ec5.js	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\api-ms-win-core-namedpipe-l1-1-0.dll	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\normal\79.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\13.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\5.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\AppMarket\Res\tvoice_entry\oversea\normal\53.png	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\pages\syzsweb\static\media\newback_video.9862b89c.webm	Tinst.exe
File created	\??\c:\program files\txgameassistant\appmarket\QQApplet\api-ms-win-crt-private-l1-1-0.dll	Tinst.exe

Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

Using powershell.exe command.

execution

PowerShell

T1059.001

pid	Process
2128	powershell.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 10 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	AppMarket.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVersion	AppMarket.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	AppMarket.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	AppMarket.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	AppMarket.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVendor	AppMarket.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSReleaseDate	AppMarket.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Gathers system information 1 TTPs 1 IoCs

Runs systeminfo.exe.

System Information Discovery

T1082

pid	Process
620	systeminfo.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Tencent\MobileGamePC	QMEmulatorService.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE	QMEmulatorService.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Tencent	QMEmulatorService.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Tencent\MobileGamePC\sf = "F:\\Temp\\TxGameDownload\\MobileGamePCShared"	QMEmulatorService.exe

Modifies registry class 26 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\URL Protocol = "C:\\Program Files\\TxGameAssistant\\AppMarket\\AppMarket.exe"	Tinst.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\.apk\ = "syzs.apk"	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\Software\Classes\syzs.apk\Shell\Open\Command	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\Shell\Open\Command	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\shell\open	Tinst.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\DefalutIcon\ = "C:\\Program Files\\TxGameAssistant\\AppMarket\\apk.ico"	GLP_installer_900223086_market.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\.xapk\ = "syzs.apk"	AppMarket.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant	Tinst.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\Shell\Open\Command\ = "C:\\Program Files\\TxGameAssistant\\AppMarket\\AppMarket.exe -localpkg %1 -from localapk"	AppMarket.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\shell	Tinst.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\shell\open\command\ = "\"C:\\Program Files\\TxGameAssistant\\AppMarket\\AppMarket.exe\" \"%1\""	Tinst.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\Shell\Open	GLP_installer_900223086_market.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\Shell\Open\Command\ = "C:\\Program Files\\TxGameAssistant\\AppMarket\\AppMarket.exe -localpkg %1 -from localapk"	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\Software\Classes\syzs.apk\DefalutIcon	AppMarket.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\DefalutIcon\ = "C:\\Program Files\\TxGameAssistant\\AppMarket\\apk.ico"	AppMarket.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\DefalutIcon	GLP_installer_900223086_market.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\ = "TMGAProtocol"	Tinst.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\DefaultIcon	Tinst.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\DefaultIcon\DefaultIcon = "C:\\Program Files\\TxGameAssistant\\AppMarket\\AppMarket.exe,1"	Tinst.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\.apk	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\Software\Classes\syzs.apk\DefalutIcon	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\syzs.apk\Shell	GLP_installer_900223086_market.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TencentMobileGameAssistant\shell\open\command	Tinst.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\.xapk	AppMarket.exe
Key created	\REGISTRY\MACHINE\Software\Classes\syzs.apk\Shell\Open\Command	AppMarket.exe

Suspicious behavior: EnumeratesProcesses 32 IoCs

pid	Process
2128	powershell.exe
2672	chrome.exe
2672	chrome.exe
880	GLP_installer_900223086_market.exe
1984	Tinst.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2436	QMEmulatorService.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2936	cef_frame_render.exe
2668	AppMarket.exe
2988	cef_frame_render.exe
1692	cef_frame_render.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
1804	cef_frame_render.exe
2668	AppMarket.exe
2668	AppMarket.exe
2668	AppMarket.exe
1788	cef_frame_render.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2356	mmc.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2128	powershell.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe
Token: SeShutdownPrivilege	2672	chrome.exe

Suspicious use of FindShellTrayWindow 45 IoCs

pid	Process
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2668	AppMarket.exe

Suspicious use of SendNotifyMessage 33 IoCs

pid	Process
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2672	chrome.exe
2668	AppMarket.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2356	mmc.exe
2356	mmc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2672 wrote to memory of 2688	2672	chrome.exe	30
PID 2672 wrote to memory of 2688	2672	chrome.exe	30
PID 2672 wrote to memory of 2688	2672	chrome.exe	30
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2460	2672	chrome.exe	32
PID 2672 wrote to memory of 2512	2672	chrome.exe	33
PID 2672 wrote to memory of 2512	2672	chrome.exe	33
PID 2672 wrote to memory of 2512	2672	chrome.exe	33
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34
PID 2672 wrote to memory of 628	2672	chrome.exe	34

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\file01.ps1
1⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2128

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6859758,0x7fef6859768,0x7fef6859778
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:2
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2240 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2248 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1336 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:2
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3212 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3432 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3592 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4008 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3220 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3832 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2812 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4276 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4256 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4184 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:2588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4136 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4120 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1760 --field-trial-handle=1200,i,15962308288581972948,13428213801099685745,131072 /prefetch:8
  2⤵
  PID:384

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:896

C:\Users\Admin\Desktop\GLP_installer_900223086_market.exe
"C:\Users\Admin\Desktop\GLP_installer_900223086_market.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
- Writes to the Master Boot Record (MBR)
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:880
- C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Market.exe
  "C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Market.exe"
  2⤵
  - Executes dropped EXE
  PID:2112
- C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\Tinst.exe
  "C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\Tinst.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Enumerates connected drives
  - Drops file in Program Files directory
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1984
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="AppMarket" dir=in program="c:\program files\txgameassistant\appmarket\AppMarket.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:2664
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="TInst" dir=in program="c:\program files\txgameassistant\appmarket\TInst.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:2380
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="bugreport" dir=in program="c:\program files\txgameassistant\appmarket\bugreport.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:2004
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="QQExternal" dir=in program="c:\program files\txgameassistant\appmarket\QQExternal.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:2184
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="GameDownload" dir=in program="c:\program files\txgameassistant\appmarket\GameDownload.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:1464
- - C:\Windows\SysWOW64\Netsh.exe
    "C:\Windows\system32\Netsh.exe" advfirewall firewall add rule name="TUpdate" dir=in program="c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe" action=allow
    3⤵
    - Modifies Windows Firewall
    PID:1112
- C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
  "C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe" -apksupplyid 900223086 -from TGBDownloader
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Enumerates connected drives
  - Writes to the Master Boot Record (MBR)
  - Enumerates system info in registry
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:2668
- - C:\Program Files\TxGameAssistant\AppMarket\PcyybAssistant.exe
    "C:\Program Files\TxGameAssistant\AppMarket\PcyybAssistant.exe"
    3⤵
    - Executes dropped EXE
    - Writes to the Master Boot Record (MBR)
    PID:1616
  - - C:\Windows\SysWOW64\Wbem\wmic.exe
      wmic path Win32_ComputerSystem get HypervisorPresent
      4⤵
      PID:2268
- - C:\Program Files\TxGameAssistant\AppMarket\wmpf_installer.exe
    wmpf_installer.exe --log-level=0 --product-id=1004 --wmpf-sdk-version=50056 --mojo-platform-channel-handle=972
    3⤵
    - Executes dropped EXE
    PID:1656
- - C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe
    "C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe" --conf-path="C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.cfg" --daemon --log="C:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.log" --rpc-secret=e6d8270dd6c99e9f71081f71453ca40c
    3⤵
    - Executes dropped EXE
    PID:3056
- - C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
    "C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe" --type=gpu-process --field-trial-handle=1856,12204683875732590257,8200228979997258110,131072 --disable-features=OutOfBlinkCors --no-sandbox --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 Tencent AppMarket/3.71.3146.81" --lang=en-US --gpu-preferences=KAAAAAAAAADgAAAgAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --service-request-channel-token=9733306020834616043 --mojo-platform-channel-handle=1864 /prefetch:2
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:2936
- - C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
    "C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe" --type=utility --field-trial-handle=1856,12204683875732590257,8200228979997258110,131072 --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 Tencent AppMarket/3.71.3146.81" --lang=en-US --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --service-request-channel-token=1561428374763282500 --mojo-platform-channel-handle=2280 /prefetch:8
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:2988
- - C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
    "C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-device-scale-factor=1.00 --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --field-trial-handle=1856,12204683875732590257,8200228979997258110,131072 --disable-features=OutOfBlinkCors --lang=en-US --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 Tencent AppMarket/3.71.3146.81" --disable-pdf-extension=1 --ppapi-flash-path="PepperFlash\pepflashplayer.dll" --ppapi-flash-version=18.0.0.209 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2509565203024793299 --renderer-client-id=3 --mojo-platform-channel-handle=2548 /prefetch:1
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:1692
- - C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
    "C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-device-scale-factor=1.00 --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --field-trial-handle=1856,12204683875732590257,8200228979997258110,131072 --disable-features=OutOfBlinkCors --disable-gpu-compositing --lang=en-US --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 Tencent AppMarket/3.71.3146.81" --disable-pdf-extension=1 --ppapi-flash-path="PepperFlash\pepflashplayer.dll" --ppapi-flash-version=18.0.0.209 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3727775798528047987 --renderer-client-id=5 --mojo-platform-channel-handle=2940 /prefetch:1
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:1804
- - C:\Windows\SysWOW64\systeminfo.exe
    systeminfo
    3⤵
    - Gathers system information
    PID:620
- - C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe
    "C:\Program Files\TxGameAssistant\AppMarket\cef_frame_render.exe" --type=gpu-process --field-trial-handle=1856,12204683875732590257,8200228979997258110,131072 --disable-features=OutOfBlinkCors --disable-gpu-sandbox --use-gl=disabled --no-sandbox --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36 Tencent AppMarket/3.71.3146.81" --lang=en-US --gpu-preferences=KAAAAAAAAADoAAAgAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files\TxGameAssistant\AppMarket\debug.log" --service-request-channel-token=2140086614613645673 --mojo-platform-channel-handle=2456 /prefetch:2
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:1788

C:\Windows\System32\control.exe
"C:\Windows\System32\control.exe" SYSTEM
1⤵
PID:2280

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:2372

C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc
1⤵
- Drops file in System32 directory
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356

C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
"C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
- Writes to the Master Boot Record (MBR)
- Drops file in System32 directory
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
PID:2436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Create or Modify System Process

T1543

Windows Service

T1543.003

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Create or Modify System Process

T1543

Windows Service

T1543.003

Defense Evasion

Impair Defenses

T1562

Disable or Modify System Firewall

T1562.004

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe

Filesize
6.4MB

MD5
b32964b1f283ce35a96e14fdf8f8f6fa

SHA1
5cf288aba9cfecea125bda66d2359a7266169404

SHA256
6068aea2fcf490fe6e2125a1eb50b7059424b6d3da5394bf4ab3245ba2f25cf3

SHA512
8856c6275f0f68e1eb203b925ad98267718f35673938ebd8f1ae1604467f2bddbc290d06f40631fc56eb7389a05029312c5750616789cf57b4621c8435ce2f7a

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\StringState.xml

Filesize
183B

MD5
bba8d8127e3eb9e91679885c5f42a8f8

SHA1
b7583827b29251253eb476d8553b78b8ec111725

SHA256
aee0cacdf2eb6d8f5a0168a0756f1834c21632cb5238fcb366763e93b7c5d011

SHA512
931d257f9a689e0fefaad5c7d3699fb998716638c03aa501575d9ad9dffff0d2bce3f485ac3dcbfa868380fda0bdbff84ac3a1e110c1ab0734f585c1a1dd5cd5

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-en.xml

Filesize
268B

MD5
1f8732c2fffb83b09abae916afa417ea

SHA1
26102b442325fcdc3e7f72f0855f03d353f2a55f

SHA256
e97f7ada887eb751c6e6927ab57b04f5121fd7c14eb266c45954abb72833327c

SHA512
1ac6c7ccf50e69489c8e7fbd8d825d1a5e9e32d9e8764bd54de58efc0def5fa0c935097aed921c8cc89638e02154962ab9e8265e10843e3aa0a3e8cbfb7f6491

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-id.xml

Filesize
269B

MD5
80c5d8008844619df82e2d5ad65b5da8

SHA1
03bfb95bcac5f2b52de056deb089e6495e7f9b30

SHA256
76994bea62ad8c19e2ac0c193d05f87b2acfd7a4387c5adfbc24cd5e2d3da29c

SHA512
d3ac11a03843383cb3496fe963df3665e879a5ef28a359bcbff3640ac084137aeb30d9bdf937c651762e6ba09d45b5722c4019290ba8e16d3f9f4a1f96548fcf

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-ko.xml

Filesize
269B

MD5
b96fa0a7ce5d7baf6467d17db4112338

SHA1
06ffdb34e6aabe8e52d9f5c44c56b611700abe75

SHA256
17e9689057e15cf5a4e51a4db9cf97524a07f3ce7acc2c9c1ced8dfab6fdc048

SHA512
5cb997230ec2552e881dd32f2732d5ce4920b2f56f58e54bb0cfe840bbce3973094958ed2a0f77110f2f6eff265091ad4a2ad6a3c3d48467611482ebee5f6100

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-pt.xml

Filesize
269B

MD5
051a004b05cb01bc4c7fa92ff498d390

SHA1
215c2f4dc6ab14fad406dfc287f7e134e783c5bb

SHA256
a418aac47f73420d812b9947229e9bab36b991629a3dd9a5f6c4649e8b02c955

SHA512
7d2f70e8e54199c8c0bbc784a65022a1239af6adb8498ee676ae1e2114692b273211b45bede99123a339e05d92f132d05d1b86f86ad5f4aa39408e4911d4003d

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-ru.xml

Filesize
269B

MD5
0910e48c7ef6ee3cacba63d19b1d81f4

SHA1
b9cf52f8ab64a5ac5095cd70a4c8d24873a486e4

SHA256
f15fd6d344c1f926c818b18104a463e345c74a17dfda688c4d6af3a8ce8eafba

SHA512
025437e36dc8f783afea950805b8cbc931677322985b98310fe86d9e1c96844193b9aa4bffa291d033e9e3513070a619695e037074cc48dc29fb961973aa7d0f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-th.xml

Filesize
269B

MD5
a737838e3c93e95f1f8555c83e19bdf8

SHA1
01a3c3427c5badbc38ab065913a0f1ecba81aed4

SHA256
a6d47646219f993a45eb8cb1b33625cfb357b1c2ecb69ec165fc6d62b91949ad

SHA512
1e2dcfc4a01a43f16c9f5f89fe372b31b0e4f35ed4d2f7670c9edf2fd55feaebc96a409b47bf02a9e5485a5b05b11878cfb4132a73ef024797de54d11620a877

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-tr.xml

Filesize
269B

MD5
d27fbebb5f581b0c9960d4cdaa093cbd

SHA1
aa6238139cc6a48b83f226667806e4ac009d31ac

SHA256
7f28d495375253347d1d947fb12a9d25082309b8288dd7af058f4cddb427245e

SHA512
e79fce5afe37b7d44dcb7b1aada2f5f07209723dd71c5e4195658f125b18d2c4be23123079e30f8a12a0bf5c52717b701d01bd892e8ce0579060da4080c70d92

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\I18N\config-vi.xml

Filesize
269B

MD5
a3cc17103e2f161042fa24dee1ebd243

SHA1
1e03ad708bc7b3c9878f367a4241bc9d83c02079

SHA256
6c071064476b4bed118072014abf8075046dd5fc2afd9b0c9527b3c2722bfc8b

SHA512
e4f71f4f2c6814a6ef50ce6260f22024a670c0768114ed048de38e1db62c8c3e105cd1f7f204f7dae03256ec5ee54d09b190a5f2cc1e851a61deb4a44890e0f0

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\AERequire\feedback_down.png

Filesize
123B

MD5
db1e630f6a2edbcbd4d6351de1e23178

SHA1
c4a9444c25207fca2f66108dea4d3e00af2f7f44

SHA256
766afb00a71210fd8a97331dc936aeb3bf5832da4011e0faf3de111479618604

SHA512
23732bf4a2c530fbd5bf3f85593b33ac0ce47cd45369f7772299613b301a5b2099baa47f63268e823f7ed8d87458980c4ca262aa5148a59bb6f14442e4fd7d52

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\close_down.png

Filesize
135B

MD5
ac8663eeb86f730ba61ea1eb7a305517

SHA1
ed84d55fba2870b06a05a0366c1bcea5a18a1d32

SHA256
3ad5369cf8b5e7c371c161dc222da9339da443d6f0d19192a75654a540211800

SHA512
00d3fc94e8a243b35a4317b32e0c8b98a7c68bce54eed73341247bfacdb3c20f5194edad99ac14c7e3664fb5bc54f574d87346557812d1a53f53337712644a78

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\close_hover.png

Filesize
134B

MD5
f63b0bcdefce2dc6c560ee6dafc8305f

SHA1
e01d7b5a99798e1b46d96a14daba6173cb51f428

SHA256
a04f3175fd7d6d26bf58c0dde03b6f6e8c9edee5c0eebf6aedaafde6a6b968aa

SHA512
1164aae024122600225649640079c49191b679d16b469ffadf806c9d0de1482032b235ec1ccfcde8b618393399b09c8115c20b45ccc9a0d68d7b2e2884f62ef8

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\close_normal.png

Filesize
135B

MD5
58d267466f6716c513d8867d361e42d3

SHA1
f1257787f3748c9298cf43ab435d2088b1e9fcaa

SHA256
bb7e6b43a8d86aee131a31d84ebf71f592b89f45f9ec26b194406f90510c54c9

SHA512
cd967beb40ebc0bf54630041296ed9cabe23472775474d6af5a350a1e39cccbb72d3cd38757115c7a86ee40d89975d076b4fcc3248639241b73cfb4345a1076f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\max_down.png

Filesize
111B

MD5
069a5181128070af374b7eacd0f1a9f2

SHA1
e08c6e8ff34edcb59bb3e067f3297b0cf29fc203

SHA256
28d44de3a3ed3039324730883b5ee7f36ecd77c351f0dd470f0addd3c90d7c46

SHA512
dee9c6bd584aba5049daed7e845f49d7485d311a0f8a431376a2ba09a802b9f24b1f9c6fd25fda250e76ad7998b72fb792e542a0a885c7c0a72ce87d08144a89

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\max_hover.png

Filesize
110B

MD5
19f33a66c1bbd4e8b1fc2208ebe8738e

SHA1
2a944bc87758f87877795716576594002bee0920

SHA256
8862c6c91917a10615bd4ef11d1afcdc4f5c03cd498b15be1f00c6c7fd9e704d

SHA512
92d4ceeb4500e5f183f3df4a1a8501945b16a8eff9f68273e89dc6d20711dc9931fca6153bc5c239d0f273aee43ebf2a824f5d9aaed25d1fad62fad2171197a3

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\max_normal.png

Filesize
111B

MD5
3979eb2a7f4f11cf739af806e55dcf24

SHA1
aea935b02b9eee4a6787ab40d1b66d06ba479827

SHA256
495df5662da43a916eef4451f046526697b518c796d529d7a4afa0c4f62adf0b

SHA512
2ef413d624c7d74daadb7e403aa34724597f395ffdb21cad5f65b38dceb44574e570cc8ff01885cba9212b1f4e8b1b9c114a45b3aaa5544f5890953823031485

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\min_down.png

Filesize
110B

MD5
ef106171918eb3ea4a60ee955f851fbb

SHA1
45052d56ee73fecba4816f4ebfb23e5c4a114fa4

SHA256
0651b1f15c33c959064acac84021bb92739dd0c36d59a4d37cd6e738257255b2

SHA512
67fd33d62ab89a37478b829449b3eb795fbed37c3e38e8dd33801a28d7ab9a8460f688747d1f48e5ddbcfed514cbb808517e1c035e00a66a6c3625711a5bae82

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\min_hover.png

Filesize
109B

MD5
a8963c9a7d5f4e262cff6d6a3b7063aa

SHA1
de2d4494bd44a8cf8f81944bf1966083102448af

SHA256
4909bf144b1e5641ca945ed9046f46d5c6eb3d01f43581a575df826399e6097d

SHA512
ddb78a911e297e84e67c5f3bc37034c27e7c8ca629da610d9b11df44f15fb40344024b4b847d1130df31107c406f694ac73daddf10e350d3ed93bd4f54260c9e

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\min_normal.png

Filesize
110B

MD5
19ab5e38c56c0859b8d18c1bb84903d6

SHA1
081319712069f6446a1ef792a287cb72845b4b37

SHA256
bbd72095f035e68f319040b538d7af46e23c7222d5ecaba6404a1c96d647cd71

SHA512
8c111d80ef37480ae7775c1fede09552708dab51b42c3481b658ea3a6640c555737b30fb50e64bbcb42cb412750d078f0f0e2b84b59f485c2427e81aaa640d56

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Res\button\retry_down.png

Filesize
112B

MD5
f0d939af0ddafaf08f9e4bf980796515

SHA1
ab2a9c979f419e342f7b0240cc29eb2ff092ac3e

SHA256
0b86dd63dc5087e6e5eaee29e08f32f866586f608263fb900262b065c28043fb

SHA512
cc8319c323d07cad1efaeedb362a644446c61688d0e897ecca305f6e460cda98817b002e4866c67b3f3c4bf49a7c48cd3e1b7378d798ce5afa9d1f20dcf56ba5

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\TBSCoreConfig.xml

Filesize
260B

MD5
12748b15d251c4708df86cbf00544929

SHA1
132f82c4570045b92e25f8e68e34c4a6a03605cf

SHA256
605161e8a540fc3c50381b7f25baad5bb5ea4a6ebd3efef31c41c4b8075615cd

SHA512
0fba6314e5664ec88251abcc292d40a31327dd0ff0ef9f7d9dd292964c4d90a7378999a21c49278d6fc655885b3a499026f7ea6fcb45a8c2fdbb45b04871ef4c

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\Theme.xml

Filesize
9KB

MD5
f340d3ff3bda959d8966bfbf56d34d8c

SHA1
2bb7e187be9f74fdc42e11e5e4e7abf52a1caf48

SHA256
1690526c13ed1ba0a8a3b811eb6358a09e145a2161a7fa0028c346388f866184

SHA512
a2c6d48bd95d16b1dc90c265202f74e02683448ba8ca203f74ab04b1e3957a0f7c694770ce107bfa3f8f5239290ffcc3331a37f00062bfbed3b616ee6c0d46a1

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\TypeDef\BasicTypeDef.xml

Filesize
965B

MD5
d1683ebfa9a9885a5319a11018ab795e

SHA1
bb581cb096504b8c502853acbf20a239028e1577

SHA256
2d34f1afda13d8eebb8fc1232f280214b27fa77196dd29a72bf175c44c5b3a1c

SHA512
1db13bc2272d34761154c822e3a717dbc46870e6428ce306e915e589c7b9194d9d320e5674cb1d2b1435f8f64908d20a38f785f69569ce699eade454e9288145

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\TypeDef\ExtraTypeDef.xml

Filesize
83KB

MD5
9725b213ac7129d7ea32be460cd85e41

SHA1
2d020148c5ab4d4cb523cca56d17cc255511e7b9

SHA256
ba32bf96a3ba1ddd301399160398319378386e229937b7fea8c2daf2fc3e01e1

SHA512
d8951bd3f79175274e309137bd6c69ce22e120c4379ca742033984e3f591740eb59c1ede24addc691f2d0aeaa337cbf1e3dd4554f89e2b13bfa861e996f6ddac

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\TypeDef\TBSCoreTypeDef.xml

Filesize
380B

MD5
98fa6d64788dce991ee9d308e58cc4e9

SHA1
5fa038f6cca6c3e4fc4f1e48673194c2bcb95e97

SHA256
0954e5e36d0f11e6cd6088b421844b21405c569565dfcdc1431ec849279ad56a

SHA512
71ea6c7f0154674a0e0b65b16ecce681f891e615b7f443117bd0bf4f69ea2e7f6e45fd1e964b2d9b54f4d0e19067b0174c4473ce52e93add74df02aaa3563401

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\common.xml

Filesize
9KB

MD5
c771097a1d490053e97638198f2f02d8

SHA1
f2d060f6e91688425e56e4b4f846f4ba4425f0ba

SHA256
175760389e292e7bbdc8ba697551dee44d9e3727e54df1d50a6bbbb3db6d503c

SHA512
28a70542fa4a2e1d6d434512bf46c92297a96266c40d46e54ce7e00a80bce438165d705e1828385dce434f59360b0e7135134e09da27eb4d72a5bbc7e26fc54d

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\AppMarket\gf-config.xml

Filesize
450B

MD5
f7b1bcf930a68845930ac056877658e1

SHA1
2b97e403cfe29f39f0b908404d293af077c47a3f

SHA256
9ce36b7d7b85d4c1b23b773cf78eb7c688ea3f0abe00a2bdbec30b6f9994b384

SHA512
bc5be9f320607a89d3c84c2c481cf12c046f132cbbcf0753a32aee94d0b3c3ac7f60eb13f21c218487461fb927645f2771d6457abb19ace1266865dc6e1e85f3

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\GF186\TUninstall.exe

Filesize
4.8MB

MD5
456b7f7a9706c0acfe82bb7ae88c3406

SHA1
264ea2a57626a314e8bdd5b6d923e7ee1329904a

SHA256
a53ab0e94c7c763b1dee2761d4fd66b38fc13c5a2b5906797146446e22d09866

SHA512
b8ae70f7e163254663efb667625fd8e9d3195e55a442eee290a221c988bc2657a49738309b67f07116a53a6ba678d25b62181b1fa6b9e7686830916d86c2f6bb

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe

Filesize
236KB

MD5
09edb5a9bf963d0020e7fdfda2d79c34

SHA1
f83bffeb58ec8b16340ff84ac25235252687b52c

SHA256
2a49f8f46f90097824952e58ed65cb4c76957d00e86a9c5d329e9e74bef1cf6e

SHA512
01d7af03cfe7fdb2a8ee8b9488c9e71518c4f09f11d10b3595498caf87cb6e709f2ccffc25d3ed7b71ec3eefef751d83a555c8265d18debc95e3d85fb1d6a10f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\TGVoiceBuddy\I18N\1028\StringBundle.xml

Filesize
1KB

MD5
ddfc333a5cf6c05dc44f45bcd729a42e

SHA1
cc452db43266b5cd6576af59c2393945d79b6aa3

SHA256
d1cf9e7d5c67d1fd4c12fb317813f4c4ad1d4a94d992d3758b0ca30d7ee513d2

SHA512
4988792ab971496a822615e2665f9c0653c02846a782af410e6b981f162b8e968426ade697ba835d357f5dfdfc62dd1041f6c25db2e5f240e0fac6c8b6c0fadc

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\aisee.html.old

Filesize
821KB

MD5
1d6aa4f0c1db1675696b845a1b0cb766

SHA1
e95212c56868fcab76b2ee9b3b8a93a9f5db83f4

SHA256
1d9a5ae40789be23effc6cfbdcbde2b07d442533370924240731e58484d7cf66

SHA512
57723570de8be3cef7d8a6470bfec40700615dda3febde73116b1073aaabaa33fa95ae8fb1ed7586cb47b4c512a85cc6b9c4041774218f56ebed3dc4148dc3f9

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\css\yunGameExitModel-6c103740.css.old

Filesize
2KB

MD5
5f74194a68213f713c8ea5b7dd723290

SHA1
4180649a737062633d565ef307d14542ea3fb4c4

SHA256
87d2d2efe41cbf51fe3bb18492e2818916336d43f8b021fed97863e5f14bc232

SHA512
6845b701b27b3967912fa57c815c430aef74cd91aa8ab1dbe0f0d87b749580d1dc6ea38ad34442219d636ba61d54fe79261184e73d6fe3d93f795e5488868a84

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\liveplayer.html.old

Filesize
3KB

MD5
00aa757ab13bc8b6b2910b0ae8533cf3

SHA1
f3bec91cc669e05527c7ac9094155e466c8cc721

SHA256
28d9fb50468ceb55f01cd44153aec920038589349e86097a9e5f61d534fe77fc

SHA512
a3fd92ad920ab61fc49e296d90d47d947fcab41b529961fa371afb4eb12bcb02f449c1d152ea3bb872d4ce96bb8c86f64366372406a7754df972e139b083f032

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\module\lib-syzs-login-sdk-v2.ac53bf12.js.LICENSE.txt

Filesize
808B

MD5
783f14fa45b10e088e68f98251448010

SHA1
cd522246a57b87ba54b1b6b92174b9091f70e983

SHA256
0d8f66cd4afb566cb5b7e1540c68f43b939d3eba12ace290f18abc4f4cb53ed0

SHA512
b7c82962cb44702c31572d8d4057561649bf47fe553441f54a9527c14f5b4f0fd747bc346e0ebd108879a9482f5afc3cf73229ac52143c5914139e108b8b58d3

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\recognizationMobileError.html

Filesize
80KB

MD5
f9057c1192a7f5b1d180816137f0e730

SHA1
9b4795815e73d7f3ff9949ecb8d22a42deb66315

SHA256
4f29fdcc65a006e9de11ecf94a82288ca73850271ca908214cbf1a167fe9127e

SHA512
c1bffb4a7aa116bddb502f6e8875674a76fc8a7f44cbad1bbb56c0b66c4f89e2e021033381059449dcfc0261744f7fb86cefb4a4699568c7e8ba1781aee37eaf

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\img\playzy-tip.png.old

Filesize
16KB

MD5
37a81c422383949c82ef3c87b87caf1c

SHA1
e1cc6af8c16d83eb2b7f0c3d68a989a569b2e45a

SHA256
266d447260366b3952638a4b579096bafcd4ce6b1eb36ea87de4040c595f42bf

SHA512
2bb80be95be71fbcf449111cc049cb70527ac5b3c082474fe69d3bc793603bd7a7796c4b4cb949dee95ae8749f1ccda0450dc45eb711b785ea45d250ee8cd8d6

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\libs\beacon_web.4.5.1.min.js.old

Filesize
73KB

MD5
59a39f95b189baa9b0d372ee20ab78ad

SHA1
1c7efdf40b467df9cf44c3ddde8797f0651d3df4

SHA256
022c34380f513aef1011bfade4f6d42aab457cc1656b93e0d1d7b30a4aefcf62

SHA512
f25dc8744bb5fd121b289ed5df4de424b0f39b70dce0964c1e684d883474023ac316c7969eaf655831f4312a6df0cdd4c1b70141171da0a171661e1c2e4ac4f6

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\libs\jquery-3.6.0.min.js.old

Filesize
159KB

MD5
1881464337728d17657b7c23c6d0ee02

SHA1
bfc5c3542c7b6f8e1fc28db3d1a0defe79ae539e

SHA256
1f20afe2298cb15bcefafbcaa7ac8f5d7253b7e47ea52601f6f4ca3ea62fbb3c

SHA512
701b7bb16b6e496f96cb037da0581d0c6f4d7d1c7e6e4d80217899faf24c34909ed90c83b649f4677dc543ea327ecd7d63feff5d6189d34632358275631fa1f1

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\libs\wx_sdk.js.old

Filesize
3KB

MD5
b319838dc55fa679d5ec38c671796b2d

SHA1
fe8f2bdc12b8d2a3371ca6ff02549f5a8fee0e7c

SHA256
a42306a21a0faa17b36e78a4f25503cf58f161082db4babc587ac2d15f8f7742

SHA512
5252192021fd2e1a97a9863d4403a827b0906c9ac677deb638fa49685d9dccc7fe8736ca589018205a08808b8bca7353c43b136dc6c8358c52314726c2235be0

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\libs\wxsdk.MD.old

Filesize
302B

MD5
8f021e0c7e6a699810382aa7b95d38cc

SHA1
11311156a5d230a07253b825ef594f994050258d

SHA256
4c8c5aa8d5fcd32db82cf6caf18ca52c144b5b559298ec6e4fd527c12d7fd9ec

SHA512
2e532d62780eca764c4fa8238dd09724b188d27fcacd04fa5cec8b647a264bd79770e0fab67eb7644528a21683379ca3e179d43fca420064a802a8cc5e12e950

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\Close.224ea384.png.old

Filesize
441B

MD5
224ea384d24029ce8ca8c0e44803bb88

SHA1
432ca47e034a0c6096528e69f93fce022989b7af

SHA256
f535ecab5f2bf5d797da60caee9438d097389f91c49fbf2a8414f97fc326b6dd

SHA512
f4f0343be8bbc983a434f0b3f3085073cacbad3fa0896c97f4d53094206b0049ed81e6eaba334aa84aef8b029a288839974e8f410889bc8a1c7b666abc05e4d9

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\Close_hover.374e4045.png.old

Filesize
389B

MD5
374e40458924d7ef173d117fdf71a844

SHA1
920eb76babe7004cde1cb0b7bf70df8ea1c15c54

SHA256
92164990579dd866f0882e7679f78df8eaf3006346ae7cb3ae8fe8e4ac86b054

SHA512
bec29a1764469821ce6d49668b7123403f904d28b6c0d2a8278eb8bd1cae96175292fde613dac157fda32df6c34c5e1c3a0c699641e499c8d3748c0632efab4b

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\DINMedium.ttf.old

Filesize
43KB

MD5
902d51bb5dfdc3a3b8c11af3cc56f901

SHA1
14df878f65df7447c14e690f1041da6968d4c4b9

SHA256
39cddb576e0e62f6b9f9553dac9be7a5d41565907546f3c30e5af49cc62ad832

SHA512
6be27b65fd5b50f78b07d5d91215ab094216e81b06a11541045f406b95ec4c512165484707b652ae8b07ec1610e73a9cc77a4dcc39d43c4fdc6f01678c591969

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\FontsFree-Net-D-DINCondensed-Bold.ttf.old

Filesize
38KB

MD5
5846f45b4c6987e591316047f0840020

SHA1
a241a05ce8c9e8102af34050527e233365dfe732

SHA256
954d998202722eadeb5d1174457d25723f2add665f0448d2f23e8c42fe344002

SHA512
0cfbca843fa5e7ef498ea3561775aac5d8affc657a547c399eb03c8956f339c2174b9cf1a1195490de6b53e5375ca1ce4f25828057085db476cc67a3f0389b63

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\GP.cad24f18.svg.old

Filesize
18KB

MD5
cad24f189ae96628318a697e7b37305d

SHA1
9a2db8961a31a37cb4797874829bfe95fdd8b00e

SHA256
c21264af4db3b76c28b6f74d6ff10f6d69342faf0033f18911fb6a85e1e240f7

SHA512
f81c711b141c4a4d7e49097708c94ed33947795067f2cd95b273496aeb4c8142b5eef6f64ae7146e3323cca4f8e84fb4089d8b6a67019c1d473999be7483c398

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\Logo.339f6000.svg.old

Filesize
8KB

MD5
339f6000254daedc8773ae6efcc89acb

SHA1
91b0e63eff58249d4ae4c6ddf56aef19c4ef087d

SHA256
e3e59e4b32af5cda6073e7c39b77ae1e0fc0405fba4323813644cb5ed2f5a0af

SHA512
6ce330b2e67b2b07cc45dfaa306c6725a6c1aa1a66d6652b2ff088a4cd46d42632f46ca235de59f217eb6ba3e811f10181f86c50926a2d8cf1c2eccc86bf7b90

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\SourceHanSansCN-Normal.ttf.old

Filesize
7.8MB

MD5
1def9981faa460e4e4529d4656f28ff8

SHA1
1b9c02984a79104c455f25835d75a70825a885b3

SHA256
cd1c5b9c6740c570ab7289402d1af2f39437c5e095e83baf81c74d80e56a75ba

SHA512
cb6f798014b05bbe8f822063d309df9d1539232919346e1ed521cc5b9441b26917b61cd6ef51af638a11da8012f1fc2877449977153d1166fceddd61d6ec20ce

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\TENGXZTB.ttf.old

Filesize
2KB

MD5
b02e269889ca9a96bff1afeab2b3eb86

SHA1
b47ac993cef945659fb9e8b2d75186eaa7b5780f

SHA256
9e8b81fce344100ba628b33aaaf4e797998211e770e2e82985cbe2f5673538d6

SHA512
7e079c9139902e50b6f4e68840d268d05996d7a741c0dbf6d30c2ecf1c84e5bc53b4b06e1dd75b93136ceb2c8de9163d6806aab6aac6f7f161871d4002cf05c3

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\WelfareIcon.bb215fa8.png.old

Filesize
16KB

MD5
bb215fa807270e76f1b10875419994f8

SHA1
fc7449af0833fded4f50a662f48205319c4674d6

SHA256
b5f03327bd8ce54057730f4241b3eb12609f27c3376f24c18958e44b5c6d1329

SHA512
341c2cdf93fc7545d7eb652e3441192ee999df5061684b5ed6384428806d2d660809d221c8401c7df5140e249abbbd22aaa37f0f53d931a4e18573ab9ec8ff42

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\about-logo-oversea.1db3cb82.png.old

Filesize
54KB

MD5
1db3cb826f48df2106114a6afd3a4e4a

SHA1
e4fe155f291af39f509aff9f42ab115690159108

SHA256
2131c1444334e92a949c668c768e9f13a10ceb153a421ce15f71aa6f538ebc3a

SHA512
14689f7f1eea5c5a96bd19cdcb1ed8f03905b5515146c8271e0a66e9ab04b67e6ff1f9d51115e58c7d7d910d8b695dc9a97d6153d3cd70bf8badeace67d1bfdc

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\about-logo-uptodown.f4b36feb.png.old

Filesize
23KB

MD5
f4b36feb94fcf2dff1c704c05ebc9865

SHA1
946e0a8be7651959fe19f9c34e63934c40c48e17

SHA256
7dea199c961b22190fb00f27a30a6393a7457668d0303b7a982abc8b8af99edb

SHA512
bcd1d8b36b9e2aa9c99f57db92d91775c43cc41f553ab5786cb27e013a2b69617f4b5b2f86fedec14e0675c27036d6e1a6b3e4d7fe0d9364ce41db453fd264bc

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\about-logo.37448401.png.old

Filesize
14KB

MD5
37448401493d55bf36cab8a2cb988561

SHA1
0b734bcda25744769c1349465a230e039ed9a34c

SHA256
b4ec90ac64403b00799d8d4ec872c5e2c45ad74597ffc4587de2f6550df43fbf

SHA512
68bee5298e26ae244f060a2c76a998ad5b62cb8526ddc979879cd396d29ade09f1a28580552b5cedb525aaeb4a92f72a4ce34b60b9a4574ed54b9666a6fa9bce

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\aboutBg.c2ec7658.png.old

Filesize
72KB

MD5
c2ec7658a58a6befbc5dbe99a7ec31cf

SHA1
15ff3e5c77f430f894c766c66f8663edc66902da

SHA256
f46308e39efabb1df8216c12abd9fcd982372f741d609c19ab17070cf27d1746

SHA512
b87dacdf8b1f928784d4eeda964a6907c88cba3d105e18785af52919455ef579e4ab525076993499200d12109d98f5a4f57d98d4ad6d3eb82a092c536ad67108

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\ajax-loader.c5cd7f53.gif.old

Filesize
4KB

MD5
c5cd7f5300576ab4c88202b42f6ded62

SHA1
7a1aa43614396382bb15e5fde574d9cdcd21698f

SHA256
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

SHA512
f0d7ada22a3eb3b2758198a71472fb240c74ce4ca09028076e23690c70b2339c6b2a40f9158dd71c52d953ef27bbcc0105b061bdc74fbb0ad0b304c7c6a04a38

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\android.03fe0024.png.old

Filesize
18KB

MD5
03fe002464016d9ef2bb8cacabe08ba7

SHA1
315d7c6caa6b85be2b394436d171f66743cfc114

SHA256
3f623c66ba79b46c29cd687e2176ba8c14654cb837373826d30c1ad74fe731c0

SHA512
2e470b27cc28dc0ea1ed7dc9a609e2f113a63cb5690a8df7963fc853a7e5d8a03f9656671e96300d31188433fdbb630a1ce8e5d41e3664efe88a4c58a1eef81a

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\background.2f301ae6.png.old

Filesize
8KB

MD5
2f301ae6176f39b0bfa7d295ab15a005

SHA1
bac9a8324c7cb531100e8334447e6fdd2f542016

SHA256
398c7d9731e7ca31bb2321d1a2d4b94dc756624a370e5077a98e62cfcdad9b14

SHA512
994578788290215518488dff1b7989ddf75d723facd5655b926883c17598600ab1b81e52b7acf22be2f425f3d598c185d5f00823febd5edc61145d3484fb46b5

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\battlePass.6c1d0bb1.TTF.old

Filesize
1.3MB

MD5
6c1d0bb14fbebcc2c6ccc6c9dd21d97f

SHA1
3fdc7436086bb15718f0cfc99f8d16aa029bdcb6

SHA256
00aaeeba5b3887173248f050beeb8bd7c05ec9063dd9d9f2452ffa2132cbc53c

SHA512
f14e19f8f1d4e07ecd84182735400235e41b9942a86b6d0e4d09dc1e1d2b4f56c5abe52052821d0d1d6e22566d17b2f00d383dcc5321824e2d35b0c44db1722b

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg-large.1a662cff.png.old

Filesize
115KB

MD5
1a662cff1d69a71a3aef1f55140d356b

SHA1
399ccdd1f09da09c1172554e0b79753246692628

SHA256
4b7158efb66fc15ad7453392073a9e8b06e15dd3c77b92513e79d98d86f68b1f

SHA512
21fb57eb9df8caa3d71c048c39c7928951c5909eea42f474eff3628bb09f214779ba9604c93cc489c084c0211e5b98cb9a9df1c7a5a4ddd83f673198e4c0dda6

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg.3ea671d3.png.old

Filesize
167KB

MD5
3ea671d3314c837be2470038c5d1a95f

SHA1
a45ec699e606b0b4f4850e9416151aea6a5ad58d

SHA256
8210ecb596defb0467db7fe3dc4300ff48742e8fc81921f134ebe5ed52e531e9

SHA512
ae2487b042a6a5b04d92f887050fc41083bff9362189dde5878b7814460813072757877624610afe2dfb4d5095855930178292fe9e1b6524d01dc007c99afa91

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg.81b1dbdc.png.old

Filesize
94KB

MD5
81b1dbdc26501410a580168f457e6205

SHA1
f35803940af60e1e731375b9d2815cacbff5b766

SHA256
135bddf4cb6e42f0616875b1d519753edde1720adf9b13abe2910db9db917655

SHA512
1ab9a4e5f739adc81ad4a0435431adb423ad15475c06ca96036de61a6e99a14ca4b74397dbfaae83f36e17b6a61a0818d6e42c7e37c4308d7b4ad2193a19f7a2

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg.846d4ca3.png.old

Filesize
978KB

MD5
846d4ca3038fddf01b726a2f4d04f806

SHA1
06b09d8122d02178455f35925d6c3c6274111bc1

SHA256
c365916c4287643bf3c88722adc88dc40ca8e59ea1dd34f4f58b23ac22e6aa63

SHA512
a9b5e01b19d45d4227527f08a209f6c0f455e0b9d0f0b505a3ec0bdc6dd22accd0e90d1d90f0a5b18340dfff97c0e8c151f332a9f270a8b4b2d5cf7382210908

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg_complete_task.321f45c1.png.old

Filesize
14KB

MD5
321f45c1db908621755c98db87db9bc2

SHA1
33fcb9c82716a7181783ef5035f424a23630bdfc

SHA256
4b1119d8b1934648fcecae567a79c0b90ecbc874512a046664d504f09443bdcc

SHA512
91624217e967ae29c876160662c24cea04681faaa6edc40f6193c9324f1e150f3b907bda217c1aca881322194dd098e6ff0fd4aadf5b2f895979792d027f6f80

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg_gradient.2eddd6d2.png.old

Filesize
10KB

MD5
2eddd6d278303fe831ede70a0450171a

SHA1
dd4d6cd7cc3603d11c2c69684611ffa2126570fc

SHA256
2b07e1d82a6134ce498bc15ced4b101d2cf141b8b3a55a9412867b2e2a8f5976

SHA512
21510105f816e389b76bca0f28d6306e1854198097713783176e2fb76d04b578f25f6647af8384d3b21d9c68bc5c0da29a64c270f011fbf3ebf8b37150b902cc

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\bg_incomplete_task.48285349.png.old

Filesize
12KB

MD5
48285349595126daed523546a64a3c22

SHA1
a287e0358127f9d87981f5f807d97c81a1039cd0

SHA256
8ed80645f298cd85f66bbfd2cccfcf1502cf15f05f9828cde6c63851f6b11996

SHA512
2cf426688bf1972e0d1bff8e12981ba8642b1c65080b67977d96a829e403770d5f61bae242d5923efa66e1b45b81f6c851bf3f9d020340d3421e82b01f3fdd6b

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\cdkey1.9fa025f0.png.old

Filesize
4KB

MD5
9fa025f054f4e904fd9958de830d03d6

SHA1
462a39d9d9048279c841904168a862536511972c

SHA256
e3779114edfee021b64f62be5640ae23482914c09b31b4e1af154cab88c9573c

SHA512
f2849d79a7934958251936c6a89fbc35dca525a2b44409c7161ff139c7f02e97844cabe4a32ef981219b1b832243195d1c330bf20c14c4f2514f41fd8923f46b

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\cdkey2.ff9babc0.png.old

Filesize
4KB

MD5
ff9babc0fa823abc0c2c3a1345db0f5c

SHA1
8a33dc2e17f1060faa02ab4a6363a471ee8d8aab

SHA256
26e15bf243bf369595c68af14f68d2072ee41ce99cf148ca72ff45aa493bc1f3

SHA512
3bc5dc3e30261a5ca7d52f7a2e71851b79746032a90b80bba6ed8ce33eaf0bd2dfa5be3a974801d7d76126ce58f96f9c5d8ce5e27611d1590043da9d837f6196

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\checked.05568521.png.old

Filesize
5KB

MD5
055685219fddc93d79f4e4c1abf87721

SHA1
3b3dc06171ad57dfb80ee1de4c21f751d7973f53

SHA256
f1de84602dd322f99138c47603bb6788289fb92b0c471a6c0ab2f34ef012e533

SHA512
e3a25436c9ac81601abce2a40a1964770ff47a0187fa788644247045e4644c1ed23d93cee71ee165496a3cd972c00cf3045c9840433586311ffd69d5cfb01a39

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\default-icon.d631fb1f.png.old

Filesize
10KB

MD5
d631fb1f9f72cf20e77193470f343c7c

SHA1
2e9690acdb2a5b52ee1c5266c161c220b266fa6b

SHA256
0e8db8ae2e31b531d54acdef59279b3d3ca16230ebfb41dfbfa7d7d790cc6905

SHA512
e00b5276811089c0f051243c2057bf03b4ff5087392bfeafa933a59b6e3fff4e553ffb36af2aab27bc953c29eee26fb1acc60be6fa811fb992b3325ee7620267

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\defaultIcon.e78c301e.png.old

Filesize
17KB

MD5
e78c301ecd617da8a85093937423258e

SHA1
2a0432e05fa7d526016a1077a51718fc80a4d061

SHA256
36400e4a9d7f9fa7715ad4033c9d886e7febba1782077b8abd57cba6e3716427

SHA512
f6d00fc24f4364e2936644bd9356be5cc4c614917e297620a82a3fec1041d26e659b367cffc2329024bc7b3b29bdfdfd850966e3b418ac21cf3070340ba1d81b

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\defaultIcon_oversea.a16bcae9.png.old

Filesize
4KB

MD5
a16bcae99f0a1079b8f0981faf8fc71e

SHA1
65230e816fd67a442bba3cfa4119dc2a2be3baf7

SHA256
3d8f64b763a0793bcebc22cf79201e85bf4663794ede991d1c5ce0a7edced67c

SHA512
f0776e1116af5119ee07509ad494cc09ee993558fa2722d3e3e688255c9e70b555cc71653df222f2d3d7e20124b19e42a3df8ca980efc68a61e287e903be7877

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\description-yyb-logo.c4a4b824.svg.old

Filesize
9KB

MD5
c4a4b8243dce83fc395e680dbb1f9e64

SHA1
a0dab4ee176b6c2525c5c27f1647650447ae244c

SHA256
e5b8aa8eb288ddad07d3de21cf779579677b7704d8f74a3f623f6aa2bdfeef1b

SHA512
12969a9066b91ab6aeca838332a8832a455c3511d0f91a2b29ea6f510cd4b529b0ecff3f622e5b37eb1ca0fc8f4389e050f5248fb423f1272d87d4e2e7f85503

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\dot.7a96dfea.png.old

Filesize
6KB

MD5
7a96dfea8357864d3c63cda0a3875862

SHA1
de89315c7b37223280e6c00383144cc58a74bcb7

SHA256
7655a4a2b66c09e7fcec1ca3f544fa19d3e27c9ecfec98f28171504be0cfa77e

SHA512
c6a01afd7776a1cb000a1f3d3bc4fc895215a8f4b73b290f4a2aef8f16c18316fd35561aaaa32d7d23313cb5d80a7de786944a49c282560ce6973588a2c48b72

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\entry-bg.1edd25de.png.old

Filesize
53KB

MD5
1edd25de5f4defe501f810e0f0eaf685

SHA1
b8bfaccdcb3221304a680611222a0e11323e6909

SHA256
f6f27e5cde105db9b33321a6de48aba13bc809a9285d963a02bdc37f86e1af4c

SHA512
61b9473551b4fc2806885cee2dc8c21595b83677b245275916f4dedfa9de8c0201bfa92dcb14dc8c6c6904144b1e40ce9b27a60a6879505f5da9497ffa550e87

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\gift-loading.ae16e16f.webm.old

Filesize
29KB

MD5
ae16e16feac614bcf99706ed40d0e734

SHA1
0f99a0c744d56b6643ac5d774fde1175df85228f

SHA256
cc7714c6ef444133d5ac345d54e09ad7eda0ff7ee59797037f75bf45d677c038

SHA512
379733e0a71de74a0025ab6b1c3d82ee9a13bc1c914466bbdf0988738c54a323f7df2cc224a703fac1f5e42db3ea7d7c9a8b8ef55606b7d2c5c864208b4f771f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\gift_bg_normal.13d51e4a.png.old

Filesize
4KB

MD5
13d51e4a0b8277905e442b1d900df92f

SHA1
c7a1decaf878126e719f622ca792976df26bc1bc

SHA256
18c7c0ba6001ee43b464ecb3554d151fdbdb8eb2c4c9a1fa0772fb0d46ef7d57

SHA512
7c3b875299865a399aee55475186c066eff7857e29c0254e68d3d59bd0fc39041c64571db1055fd21160e6feeb0d949ae32bf50aea3fa6e28c5d52bf410fd5f7

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\gift_bg_vip.0b211d75.png.old

Filesize
7KB

MD5
0b211d759807a65a50e8f257a0f2420e

SHA1
0fac404b29629b85b20fcf4fb3fa7ebf658a8c6b

SHA256
6d83712a89d88b53ebeae370ce10fc85a8fe08e98639b1bc45ea0251ade548aa

SHA512
75c7af5ac59989e72285b8e0ddcc375422088ca7e89c4b2067173248bf9235729568003b45f87f3f112e81f81700d91d648e409ff8dbd8eafcd2eb0712abfeac

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\gp.d1ba99a1.svg.old

Filesize
52KB

MD5
d1ba99a111e4dc36190e276f11895a14

SHA1
e93c50fdef20e18d60d354dca92bcbe468154747

SHA256
d62aa275af6642f9f3e544d80321cc97bf9dc92690566a4bd8c22d9e7e149df9

SHA512
f58554847939749f8e4e20cbee623a16538672575088689800962f47becdb214d18b9bab663a2acd0f03cf3b835b50772cfe279ecf7dbef5765c749361dd02e1

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\guideTips.1c0529b0.png.old

Filesize
154KB

MD5
1c0529b0bd785b4cdba37dda169be707

SHA1
d9b7fdc7c23a8d278222a1bc4481c4c0a955e7b6

SHA256
473aa04a2f6d997093de710493a4487084b6caec0029f1859e8c81adb027198d

SHA512
ff929aeab03f0a53afc28ae5bebfb93199d519447ff963ffce4a229954bf411592a57eedaff4b87ce4a18edf3cdd4cfaa4bb5252d3a8dab088ee648785931a30

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\icon_normal.c6e1e1e3.png.old

Filesize
7KB

MD5
c6e1e1e314c4f61a520bd0b50376977f

SHA1
aa5fe9597f8cd0792b18490c45c00a2d026cf9b0

SHA256
649f982820d9caf4540ffac713cdc8c4d3a31bb12ddc11b6cb075c1052c0de92

SHA512
670f434c6b015d8c154c3e8a89ea756cfb02cfbc7b9f483caa9ac574cc89f700d7f0898bd0778f6feb11fc9c444520a49b4ef77e09599dbe5a65ba57a1bc95b4

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\icon_vip.c3df2d09.png.old

Filesize
9KB

MD5
c3df2d090aa216ba942fe0f20c958ee2

SHA1
6cc19ad7dffdecce1681b1f792f9dfe20ec96d3c

SHA256
024e468cd79a2a77e8ab3b9324dac9d1374ce89c703d7c693c675f417e39821d

SHA512
32f36584fc061d87b567b3bad33ff630887f2e14f4e42062936cb222e30addbddd04d01c32ccd4a67c59bd102821394ad91cd1975e479f2a9fe989c4119c6194

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\liner.9b9d79a5.png.old

Filesize
4KB

MD5
9b9d79a585e51be94bcd58e42d655e89

SHA1
235f1d5f8d8a5bd4f9f2c9f5e3654505d3cd340e

SHA256
df1d1e1693f395313fb9e4eb5c46e67d8c6bfe45386eedcc2626f658992883d9

SHA512
038977f338b521e644d641c1170987679af94977132db476eb986374cd145560c7a2c225c9de99c9d38d713252875fe66525f9e94bc065e77b2b5b69985b04c4

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\loading-oversea.54e4db97.png.old

Filesize
18KB

MD5
54e4db97aa581c72ada118ea8e3116ef

SHA1
2e77533d7d9936ec05b22d42815bace937b71af8

SHA256
064508290665a3110f129d0127e747ae80c59ba2ba995f33083b08160c76f527

SHA512
d4756f629e74c45e6dc0aea84bbefee7c637a5b90ba66c98076aea7199b4e710ef6bf8437a79a98d9a954e37e18b7e30dd82928b01805629c921e2ac0e2b4bdf

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\loading-uptodown.b3670225.png.old

Filesize
22KB

MD5
b36702255ed6173a67d31166dd30e60b

SHA1
ab832cb4c3a77172b91dd9340003804db3ff7ea0

SHA256
6112fce1e01f1f31b841bc1496d1fbdfbc1c2b97be73d15f4c6a0d912e71b70c

SHA512
d595e7387db012d27215b85f64e0f627d7b2f6d3f1c7480dd575d8d98fa3a75c6a4fd3249032abf8546dc6148f42d592ecb3e343df74449b04b0b9ab2704d715

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\loading.60bf42e6.png.old

Filesize
19KB

MD5
60bf42e6f8472eb824f7c215c816f155

SHA1
16eb6612822f18d720593edaffdb4883a0e62e02

SHA256
3f5fa7afd7acc5e3d73de74bf0252d2edcd9864b65da7369263d0a0eeefa1bbd

SHA512
755af12fc80c812973cc14d4cdc3cb79657f8f7c0cec365dc2a0715e0f25c012b07ba86ea783b6a3ef5ca649cc6925ed499bd6ec59a7ec7606026c0296035213

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo-about-edu.f4e07ec5.png.old

Filesize
19KB

MD5
f4e07ec53f000456714d80faafe4adf8

SHA1
52fb187eb1afa18333cc34688d0476e06bc12411

SHA256
a61f72bf2c583974d5b8c76376dfc5cfb8f6d0b229565988a884f43a10583e6a

SHA512
456a78835b2965ac33337789eca67a1eafdff61607f16513cc9945bfa7859a779db53948087232d48d02b67daeed2e12b2fc1c120cc461dfd796c51491dabf95

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo-edu.5be32200.png.old

Filesize
6KB

MD5
5be3220076a14a19f5fde9d25907356e

SHA1
bf0e942b43f981b624b12728883ed6d784fe4bd2

SHA256
e80ffeed1a6779335ca28906da1072849b662223c0f776dae3bc9e4ce1de69f9

SHA512
de49f581a7c3d88add885132bc03da96e51c2ef7ab65eb43919a7bf1350297f42eaebe9f438fc303bffcb3faa47cfcb73c2ad55e221679763122b65bb904e12f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo-oversea.1aa2bd26.png.old

Filesize
35KB

MD5
1aa2bd2627782333c51277d3827b5b22

SHA1
0e0fbefd4cc5d8a229dc7d029cea1fc0bbc4cfda

SHA256
8bbb0cef40176b111c96ac0bd4a3cac0447a730166c8f6c23bdad60ddb1f9697

SHA512
ad2af46ec78a6928b9eef4149362749a9a5b473d4cc1f8821f294cc4e264113c423bbb68faf17f9ce01c68c175bfe25deb1e55761994a1c3a386e54cfcd5aeca

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo-uptodown-simple.b218277c.png

Filesize
10KB

MD5
b218277c112ffe9b6f1f1fe57c064e25

SHA1
d007a13ecfc40d5567706234b9b70206f065182e

SHA256
b2ad11221f75608e311561fc6fd05993e328a3b86e839eba9a80cfa2b522dbf1

SHA512
5650a31d28d8a22925d9e3eff289473258ccea5d18e57489d633a7ec46da3dfa8d6375eaf55e287749c1dae95d7c81e785c40ae1e368eadf2710de3efa61f980

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo.2d57816e.svg.old

Filesize
8KB

MD5
2d57816ed75556725280ac1daac08338

SHA1
1755de38f7533603437ba7fe34d78fcbca423208

SHA256
e5eafc50188ec4bbefc1da8aaccded19820988cd466eebf5dcb2ea2786ea99ac

SHA512
ce26da1df642d4fcb0bd5e1958fcfea5df74f5cafcd64a560a8bc099819a5051d06eb0168761e4b7cbfe5a0b464b2874d145fc50699461ebd15539d2bed6a30f

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo.679094ed.png.old

Filesize
6KB

MD5
679094ed9828e0ccd83b45e21fb19e01

SHA1
319fb461b200fdf75a63160a9edae60581ca6748

SHA256
bb4fb444b33c46d797e4124060175b79ae704390359a4829feb847451536b621

SHA512
c1d7140ab2da5eded8884991fa4fa1c46391795f553b8a0e77accb480fdb1a24264872231a7b74424c3750135c997d37b1252c3a26a8f684c6d7027197013e7a

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo.a0435d4b.png.old

Filesize
901B

MD5
a0435d4b592b6bce4203d7a833047a7c

SHA1
3c71058e8995b04649988741d907d3150ba94daf

SHA256
3b6f429e5209d988a297e288a74c096688c1c1e71daa6217ddbde80de110b29a

SHA512
1d4bfe2207e3c56fb6b0a098c2394cb52e6fd851c71e950d1469c7bb489dc864a2dca93ef4868dcd80e33183acdb0e1607c23364a87a7386a33bdd18e5c47a86

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo_oversea.53b6f88b.png.old

Filesize
8KB

MD5
53b6f88bd4375ece1b5cc9ad14bb42b8

SHA1
820381965071a44fd41327c965a8d8788dfe25ce

SHA256
3bbd6f3853d5556de52e6300ab3cdb839e7f66d2e36a976f1eb7022e6e1e931e

SHA512
09e9bc0af6a3c5aa8e01a7673adb7fd894e066cd0443091d7134d43dd5326a68e9b17a06bbf23b7866947ff5710eacbdc093c164eccc68c179fda86104288637

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\logo_uptodown.1d1ea0f2.png.old

Filesize
4KB

MD5
1d1ea0f2536afe5ca163c6bdebd2901a

SHA1
fce00df759304e57915c53accc9936ef38b06cc5

SHA256
6cf731340cd9e8cb99fa1f6144cafb9b5d282ec0ffba5fd81b5b11bda1267c76

SHA512
abbd3c155d6dc41c3deab2f5264c85486352bfb8c8ce2c4f2bc73bb2015691ab0c15aba4dfc3819930d688871be368117432f0ecb1262fa58be559e08094ccaa

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\modal-tip.f838f7c7.png.old

Filesize
10KB

MD5
f838f7c72f1731b4eb1ec991e0c671b1

SHA1
25b9e6052bb770eb1102c52e584581eea92d1aed

SHA256
9bfdce32cf916a2b220564966ad75b72e52a3320bd73ce42dfcda8b91574bf71

SHA512
f7c40190174426de9241c5d5484bed575fe3cb73af032b1d4630a09f05b2280d4056feb33bcb13694c1d7f13693e9c0aeeeb0a12f84b2b0f81c618e7b8af18b5

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\model_normal.72e6cb29.png.old

Filesize
37KB

MD5
72e6cb29365c8f5f83c18040095cd228

SHA1
8101b1e35664f70126f247934f25ec1cf2075739

SHA256
2db41802f5d6dc78cf35f6c6f75b09cbc9a9f152f01ac9fbc4cb556278b04626

SHA512
a9843525b570ef7b51d28fb5c9624d6d117dd9dc3e88c470d9c0b70b3549890d0151b5a6fc2caccffa188464831ca748ebe309de5da6afacca9b0df39d1b7bae

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\model_vip.44ace2d2.png.old

Filesize
100KB

MD5
44ace2d22c6ad86c0913e3d05c9c3f74

SHA1
08ae15f4c6d299ad765357f8f428ecbcaab0b659

SHA256
7775e50a8fb564c3d17b8e3276d033d3852e52dfede0ab3fb8291a621ead40c9

SHA512
0fe365cfb1f2338078496d77dc958f001003b8cd301574e74969ac5e859e75ba808bd84f7078c7bf59f4245aae20ca7ffcb01d8ccc73f959cead04fbccf4ac54

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\newback_video.9862b89c.webm.old

Filesize
25KB

MD5
9862b89c97560057f2e4783159e5e82e

SHA1
ea2c23d16ef3d6b0345e65e21b49b218d4bee260

SHA256
f362dd87dde5fe132ea6d91b6a382dba788a8bb1667400b50bbb4bb34966fe8f

SHA512
1d7fdfd8ba8565eb674367e5aeb8b25bfb4e2268d2cd99405d76f75261ce10ac74a56b70262f59a8dfea22ebd12f2bdf00ea27571ed32c709237123dc3c0bd17

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\noResult.0220faa8.png.old

Filesize
168KB

MD5
0220faa8381e473a302d60eea06babe1

SHA1
3958ab249d6759942a3dfa1d534055dd7edb5c9e

SHA256
ee91fae5ef6c4d018d01b67a2845e4f2899390f27cb4ed1f38ff700e376beda4

SHA512
5ad4cb4d15050e55da1105425748958cdbf215de8544bdd3d2babede79c780d1e8bbc3d32c1f88efcc2f158d254b62fa4b1c38881792ccd9a25e84957e2053f4

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\page-common-background.43681e74.svg.old

Filesize
5KB

MD5
43681e74ebd51767600d2fc57637b4f1

SHA1
ac9ea81eca17aa1499181e2482aefbd6a77f6ec8

SHA256
4e8c66811f416c7a237d4ea590be4d6c4a6771754a673b06ca792f50871e59bd

SHA512
29770cb3b47b70e359510a56cbf1f532a0bd8d07f4c1bf000b8087854d34a1c0ac0c33b543f5aec40a2cbce748f505ee690ac20218780e28197400066039039a

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\scrollTopSprites.abc41cc5.png.old

Filesize
20KB

MD5
abc41cc5ed9921bfdcd57b13013fe18f

SHA1
2e142b09621abb064be80e33a557c9a1384eb1a5

SHA256
129fd569cc6a8116fcaa5f7512a62c3273d362fda3e9b4e9a78b3eea1337a821

SHA512
bcf0a774ee32a2a344f94c5d49b75f080c93cd49f5aaa29f4f89c31bc4e5de4f3d550413063ad72b2a6ab20379b36d9e5398d241b96d7fcad8623a80aaae467e

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\skeleton.7f8f861c.png.old

Filesize
158KB

MD5
7f8f861c6c2d91f0f49cb26d0a6cfed7

SHA1
b7f004cb202222bee586cc449f0c5a4be246bd6f

SHA256
00a69a3b5ce25a7eedf88bce0619ed8da7607618de85cb7f8f2c132a4a0081bd

SHA512
334d085a2ebb1b2288a75a50f35f0f2bf82cf80ff05d1a61d3a157599373a5dd822d984fde146bb1def856cba4bec55fe585b99d428364dcb85ac2ef55576ef0

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\slick.eot.old

Filesize
2KB

MD5
ced611daf7709cc778da928fec876475

SHA1
2dff0768f4c0a53228761eab917e2c65556042d4

SHA256
06d80cf01250132fd1068701108453feee68854b750d22c344ffc0de395e1dcb

SHA512
715e81b2e85cd3de2c31001a08a84647e4b222c674aa60e3cbe80032043b2d5cec7b364e8cdc24b7fe29e373ad2ca66c2ee5d22b327adc349d576951104c8f51

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\slick.ttf.old

Filesize
1KB

MD5
d41f55a78e6f49a5512878df1737e58a

SHA1
3331eebdd4ba348ef25abe00c39ffbe867d46575

SHA256
37bc99cfdbbc046193a26396787374d00e7b10d3a758a36045c07bd8886360d2

SHA512
29b8e7b7b2f6a81c1e6ccee7c8b816485c6b7b0831a641ec7204b2cc9486b4258f2819a144b122e57f74c3ac13ae41c2cded4154044e5094048e4e74277a88eb

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\slick.woff.old

Filesize
1KB

MD5
b7c9e1e479de3b53f1e4e30ebac2403a

SHA1
af91c12f0f406a4f801aeb3b398768fe41d8f864

SHA256
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

SHA512
976f6e9d65859b1a5e3bbd426441e6885d1912f5694f40e2897b10f46b3bd0c7d940f7917a6050d6bb8cdeaaa5e5f0332391d3d398f6c21ce27299dfc7036911

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\title.09b1666e.svg.old

Filesize
8KB

MD5
09b1666e426c82e32b94cb44947d9f6b

SHA1
1f16641097deeccd6b6b5b63dbf9ecdb3070edae

SHA256
459dfea3665da172a442f5973f40f0fd10061e787634866117cb6d5971ef6d84

SHA512
f039eaa233c30b84cbcaf2710ee794d9f7a1cc7e15a47c1be21031d3033db22a173334df7d29baa3a4f81002934ef598d24af13dda2e07b4d07a15ac08633638

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\title.4f8ea11f.png.old

Filesize
86KB

MD5
4f8ea11f15166ff6eca18aafe067355e

SHA1
27bd450402187a135aa417e7a76eec29a3aab65c

SHA256
458bbd7488a244bf0b843c13a16791924f5e3e6fd88b2d470313dad515732d83

SHA512
1d9b84209697e2a6c49125d24e4191264de569e3c9130432bc531e84a884bfecfa74d06899979487aedd751597fb34c4b299f4ff4bf7c560fab53cd22b00c5c1

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\toast-loading.de809d29.gif.old

Filesize
14KB

MD5
de809d29d49e3c49ec37b45fd6512f21

SHA1
04b434b12b92f98905e09b33ba5ef53d8b580ffa

SHA256
b2e70655375661b93b4b76928fdabd83c4bc18f13952419501e8e81e1d70beb4

SHA512
2babaf81eb131456f1de28266d2fa07ae09f36a9aae336ea786ca2dad2b84d51affbff6d68531564328dc39dc57e67fd948d4dccd204a8299a77c8ffc99c8cea

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\video-error.e06059f9.png.old

Filesize
232KB

MD5
e06059f9d6e1242728db97927b0cadda

SHA1
989f3590e32673eb0d33f6bcf032317f798faafe

SHA256
bf8349d7095eb91a6be53e12af5fa8527fe847f268eb1ac0a2183df9c44c9edd

SHA512
ab6a936cecd473d2e8bafa61a48efd6123c6cbe16df58f9bd9b174aa159dee0bac15162e9c3dcb33b4a12d8cb96d4a1d73b8a819d233536193a5a1d0eb9c4eb1

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\wx-auth-tip.cb1fbc2f.png.old

Filesize
49KB

MD5
cb1fbc2ff2ec4248ef2eaee3f2a93e4b

SHA1
92359d458b00f023d99d5663bedfd2a9d6e7d27a

SHA256
2fb903a9b875102c10f8af54894a8d778e6c3907ef36df6343c29266dbdbd51a

SHA512
0d520dd6d2ccb3d2d80642bf556f415a627081ceb0b6166f1b8d8dfe3dd17d01139a4c6cfeac84d6955d85100f4e8a824b4f83af5851f05e330e4fac78d285b2

Download Submit
C:\Program Files\TxGameAssistant\AppMarket\pages\syzsweb\static\media\wx-logined.dc457fa5.png.old

Filesize
10KB

MD5
dc457fa52fc4908ffb82107366a37e3e

SHA1
79615ae081508f146b81a0fd17cd8f01f88f60d5

SHA256
c4917c3bd3b9c202f0e8d118284083e4dccbf960806e115cbbcf624c84c63683

SHA512
38eba7f804940b7cd3fabd9b9627c01f872090c3d6e76ad7c2b7b5c66e6d5dd8417ba8d1955f9ab9a7cb11ef5cb2eaed94227f01c62ef18d58c58a2c60e9ea3b

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\AECommonDll.dll

Filesize
527KB

MD5
b58c94617df43430d2342a66eaa0a554

SHA1
f8eb3f773a9851652bd594cde56ec97c4e58c5db

SHA256
74c2288b4ff073c5c947f96b0c79a01c587981a8b9440290a9ff33aa14f06e6d

SHA512
b312043f96b739eb02c4352fbd4b773c52e04964bd04a9eb8e8cbad1fddb00c683c2001224e264a9220e75c41dc6de0163210a3e372220736eba24ef3524e6db

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\AndrowsInstaller.exe

Filesize
6.4MB

MD5
0238214ff5f8a40a66d535e1795fed50

SHA1
4bae3cc8981968d9ef13232ad731407de7af5f0a

SHA256
8e91ebe57ad70a58866abdbaa5a406a3b036e519e9c4463e5abebe3986001792

SHA512
07b2061b6955e74e3e77ed23707bb7f619deb1b96bef639ddd8fed5cff470d60e0bd55cbf5312790170ddfb590690651e02709ec9210c8043c3d418f464b8c96

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\AowGame.xml

Filesize
292KB

MD5
5fd0b9f7612369bca18996d8aaa9f62c

SHA1
316f119b126302e20a9eee501614a7a9feeeb3a1

SHA256
9937addc0f2eea66ef456a53b21f93e8ae2732cb83f3e0e08e94e763f0150537

SHA512
b1020ce74032d033ecec93edecb987a0d9c266b8b022c397e73965c4b89b7d2f873a96aafe193b77774407a6738b0476ca5a5ed13342ab39d377f57ac3545e83

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\AppMarket\Res\webctrl\loading\10.png

Filesize
8KB

MD5
74a1a84cf7dcd03933a27e414ea1e354

SHA1
da891deea2b1b8dd1cd15f97dc41abd6cec7c901

SHA256
101ecd4b2fe8076a437a4ce1ed4d5c6f92acd6db0f2bb79db64a40bc8cbabe55

SHA512
5eed2d9c7b426b681703ca1a26671e5dc984de39e6c71b0fc7f8bf0aa27f2154a907a05ce25fae6da25e53220f8a46d31acb7cfccdce33b79acdf9e1a5e5be69

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\Config.ini

Filesize
7KB

MD5
ba50063cd1a85f562d5c6a92f28fc062

SHA1
41d01f5bc2c800424277dc39ddfb4a70bdbaf00e

SHA256
1d02987a9b23cb3c11ad6c8123446efcd8e43c0069a616ff09dfc80426a82861

SHA512
2fe0aa3e2b6dd171f25d792991328737a15905d290a3d32c4fbe6bc452976c6cd88e157b98a032f1348e53d26e4eeae9928d430e700849baa95e9c73207079b3

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\TGVoiceBuddy\I18N\1033\GFStringBundle.xml

Filesize
3KB

MD5
fc8ce34f4a62b9303302c1bca236af54

SHA1
98e924ac192dcf6d76a5e9db51252ffeec16e183

SHA256
1568009a2e2b87fd2c80bd1238773e11bb096f7db0165c9cb0124a913dc4bbc2

SHA512
8be121cdf463dd207d436abb758a07f89f83ee73127428fc868eff927c9b14afacf6685bb1e27b681c50eff1eee6f417c403aa4513960c5268a471388f40bbd0

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\TGVoiceBuddy\I18N\1055\GFStringBundle.xml

Filesize
4KB

MD5
57b3a79c8d67544148b4a3a931755da1

SHA1
7f4806fec0ca2cbc41f1344e1717ac4e627b5ab7

SHA256
d6e1a0b5b8be7703ba735fa33d6f95b24d798e965809558dad356933a32f0838

SHA512
b5dfca652097cc27d4539212ea526e2fbd6c3db2b8cd33d07822396f2a3d5358a57d462333e6ed4f668554475f8a478f1c8d438c61f1d6b5179fa6ad87d9831a

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\TGVoiceBuddy\I18N\config-zh_CN.xml

Filesize
268B

MD5
c620fd72f8c0dcdfe1ca656da4321d84

SHA1
84da1abb07d9225e32f1f1cc8dca5e5713f1e2ec

SHA256
581f1f16ec516fcefe8b940bd38f936022616d7c0e0665918981f4769e1dec1d

SHA512
5677644550cbbaf4c136ae04a3ccfb4f4330dc120b561bc0fbc36bc3d311feb58b5a99cc4dddf106720f8e9f0b9f605add92fac5fbfcb07c17ab5b9b40484f03

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\Tinst.exe

Filesize
655KB

MD5
3250be17f84e19a44c9a484f54c760e3

SHA1
4253ef01c20c63a692065ee9a74d4abe1eea3b74

SHA256
e090e0cbf39243c8a4625b6f281530cc55609dbcfcfc249300765acfef1105c6

SHA512
170a6702a1ad1c034973b76c60f3df3dc72646fbae1e8c1767d6803528c7b68041a76f27494b2347ca3f9bfbe0a92a622bcef0b6db4b3e1ef6f56a6d86172ce8

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\WXFace\WX_default_face.png

Filesize
1KB

MD5
254e845033d51419f8770acf35c931a2

SHA1
9e267cf86c136d738eb13ce9ccebca95234cce63

SHA256
7ca81ae30b2b7e92a40b1fbd30dae53344cac06dfeb633915b6407c8731e4727

SHA512
5dccaa119fc1d7c8cf17bde8201313c2cf00784bd85542ae8f02dd2a46cca748e38c9d94a8d56f4ba9d805bf3d16b2882314bea0f37c22b7be6a2443a5ac0af4

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\androws_logo.png

Filesize
103KB

MD5
022fc5c29d8cf5ec7abe4eae57e5e311

SHA1
4a44c9a91d636bd6aadaf787f83e215a0c690311

SHA256
88dccc3165b30052117c4fb9a17d8bd08ae014c8d6ec65366331fc078abb54ac

SHA512
223a4d990462770a365bef618d287e84e097a1ea7cfb50043a063105326604296e63246c8f3ad89e1a611c178526e57d55d422caf8620ddb0ec9381cf031a0a7

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\aowgameex2.dat

Filesize
1KB

MD5
c99bcca61c47433e0df19b4a7668eb56

SHA1
009882353bad84d3cb5ef15a4bce629cbab731d5

SHA256
010c86cac8101a693c2f35f798c40162fdc510cf809fa2604d42ef2b929a0062

SHA512
9ea53f7f2aeb5ba9a65482694f8fa0becfed2b3abec1918453cc630122e7a9f089e625a736e5f109119aee2f4dd3a40defc2e8a24cce1619dc66a16f3d3136fb

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-console-l1-1-0.dll

Filesize
18KB

MD5
11e55839fcb3a53bdfed2a27fb7d5e80

SHA1
e585a1ed88696cd310c12f91ffa27f17f354b4f4

SHA256
f6bdc8ffd172b44f4d169707d9a457aeef619872661229b8629ee4f15eefff0d

SHA512
bec9419e35de03cc145b3c974833f73f1a5082d886de4739351b93bb4cc6c0234efd0e35ad845faba83fa600c4a7d5343eaae949a837d00d5528e6db79438ee4

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-datetime-l1-1-0.dll

Filesize
18KB

MD5
9f3cf9f22836c32d988d7c7e0a977e1b

SHA1
1e7bbd6175bdb04826e60de07aa496493c9b3a3b

SHA256
7d588a5a958e32875d7bd346d1371e6ebfd9d5d2ede47755942badfc9c74e207

SHA512
16c98e6aec67ffe4558c6d3f881301490be5d8a714c1adc6735005613251adb8e1c2cb9b1c0d2504a9a99c61a06b0e30c944ca603fc00fbb18cd20ba1c9bd697

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-debug-l1-1-0.dll

Filesize
18KB

MD5
64978e199a7239d2c911876447a7f05b

SHA1
0048ce6724db08c64441ce6e573676bc8ae94bf9

SHA256
92b947f1d6236f86ed7e105cff19e23c13d1968861426511b775905e1d26b47a

SHA512
9c64211895473ffc7162b56b0b8e732dec54cf03ea9b9b36fe3cc3339c35fc71fc7173d4e146989db399cb1bcb063079378bb6f778f7d2591cd545550038397c

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-errorhandling-l1-1-0.dll

Filesize
18KB

MD5
9d74d89f2679c0c5ddb35a1ef30bd182

SHA1
22eaed07a6e477a4001f9467b5462cf4cc15cc16

SHA256
e207ffc6fef144e5d393e79de75f8f20d223f1ac33a011eeb822d30fa2031046

SHA512
725626e961d32398ea5aa120ac0339deeb493fc02ee7ef4d8e586173fdbf768b5cbb1f16f093ae4ecfee87e661170f8f832777640a353df5d651af4a62a2d819

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-file-l1-1-0.dll

Filesize
21KB

MD5
d826d27c73d9f2420fb39fbe0745c7f0

SHA1
6e68e239f1a58185c7dad0fcfaac9ecfd2e5726c

SHA256
c0e5d482bd93bf71a73c01d0c1ec0722ea3260eba1f4c87e797bae334b5e9870

SHA512
c49843eb10e4e54c66e0e194dbd29ceab9094bdfe745b6a858cb03e34d73a6326f54804e5e5505deacc87146cbdfba17a0f02e62e76c685bce0cd1ff41962ff4

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-file-l1-2-0.dll

Filesize
18KB

MD5
ec4f2cb68dcf7e96516eb284003be8bb

SHA1
fb9237719b5e21b9db176e41bdf125e6e7c01b11

SHA256
3816bbb7dd76d8fc6a7b83a0ed2f61b23dd5fc0843d3308ee077cb725d5c9088

SHA512
6cbda80c476a9fcf46458cac45229c96dc9df251230531e25088e834cd954db9ff4561e744f76495f9c57a4068b7635c72c6f9ff838436c54142297ee310b236

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-file-l1-2-1.dll

Filesize
18KB

MD5
a32230b9bfdb8813e94d095222aafa11

SHA1
04b9d7d2a3f92a0054af2547fb6176385cc9738b

SHA256
7068d2b8aea252294e6b5c3bf3630475d0a91e11877f11a04e8ed1f91196410f

SHA512
6484c7c7fe574d797c74c285353040dfa364b9a9425cbfa4a4c8bba698176656c78e228a33c9eeae39a97caf2ab192f1f02dba472824f8a5757db5f14c76e2b0

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-file-l2-1-0.dll

Filesize
18KB

MD5
b9287eb7bcbfdcec2e8d4198fd266509

SHA1
1375b6ff6121ec140668881f4a0b02f0c517f6c7

SHA256
096409422ecd1894e4d6289fd2d1c7490bd83daff0c1e3d16c36c78bd477b895

SHA512
b86348d3f42d0ff465066a14c281088c73ec5e03efacdaabe27a410b054a8a81b438d7e5d030b0d95f53b07783911b8b8200581d4e0b6f1b3cc79f4aae1d67df

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-handle-l1-1-0.dll

Filesize
18KB

MD5
6a35a52d536e34ba060a19d06b1dac80

SHA1
0494a9cbf898e5babb6e697fc2de04a128d2fc35

SHA256
a369ef130749bf8cd9f67055179e6f537f200c060af47493d49473912a95021e

SHA512
a8aeb58bcf4b314212c2ab5a8fd3c2edeb97e680f774171d4a79390aa23bb62a414aef0ecd5286ffb68b7ed8f6e713ff1892d6d4cc2cbb67de916c6062e762d9

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-heap-l1-1-0.dll

Filesize
18KB

MD5
ee5c2fb7bc23bfd06ff32556cc7c3b4d

SHA1
5d60ebf016219bbec340d353a4fa541fff596d3f

SHA256
efc9f0e32bce971900ddf66a1a9e68daa3bfb2099a1ba9f24c6ee82da2cbd6e8

SHA512
5d1b8a130c27d8eb63ca0c836bdf63e76afb311de26ed4f25b073bda843ebfa25e136849e3882822257e3783058f30af818a96764d60821a40329cff4e1badac

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-interlocked-l1-1-0.dll

Filesize
18KB

MD5
48a5e206d92f3102256ec65e8d570ee0

SHA1
76024fad398dfa4734afce0cc2e5ac117f090ba6

SHA256
a272ae4fc60e511f48950b08f106fcdd3bc86831df908ee78d630f1ae921880c

SHA512
65407da566b571e050c25448be6042e84b0c1c7248422cba00b543af9de425a723b0c7c54c4eb6f534e42b1679a058562d500875ddc4f2b52e6b8e6107b1b575

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-libraryloader-l1-1-0.dll

Filesize
18KB

MD5
e33f52e89dfc376eaf7aa655f260ca76

SHA1
b66e1f934f491544190714966031b6dfd2e349ec

SHA256
0bd03e89a539aaa3100e2f7d9a058964730320e55aee1f85be8fd243eea7017a

SHA512
95cb889599801ba7fa225b633d0fe25fdcc8b495dee5eba05b15a6e53a8a3643b5defe1a881236c40f4fa4365d6775ece067dbb526afdf2015f4d1355c9dfc57

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
dbb81fcc74c59490008ee59bffff5a6d

SHA1
edbb465ab3bea3a4df3f05e5a4e816edbe195c3b

SHA256
f33e6ac5d3e1c4f1d89564fb6aeeac170486c073b67694380755049dbc48eec1

SHA512
2847a73e952bd5f2448264e0bfc8dc1dcd37f8b02d6d6f525ef0cb69c8e634fdcc4637876361b22c53244659039ed305c015435834b61eea15015fed45e9c374

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-memory-l1-1-0.dll

Filesize
18KB

MD5
0ee9e0c830a7534dcfc9be72146796f9

SHA1
cecc860b494135482ae693f8e252301073a98578

SHA256
8f3f0fd765a37f48162f0bd00c3047e79b4eda355223bfcbed4d35b51349cfcc

SHA512
47161e02f4478464ab45c1e3bf9d244d34613e0e68ebe48511a9a0c4e7f8ddb0c1dfd59707c6968c5d76d5027cd19ef748d1235bf74b976410ea6672a6a4bcaf

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-namedpipe-l1-1-0.dll

Filesize
18KB

MD5
1557093add722d1c5a97c359bfcd0d77

SHA1
a8ce995f00a12a81a13d3ef47ce0834178ed69a4

SHA256
3a20635a223e68418c22858413e8c603aac25723de1cb0f54dd675349ec3213d

SHA512
b7acd6882b4d36b52f1e49e4b61ddd025de8503f765b72c94ec5a0d85b6ced513c348f7c4898675728c851a2632ad71c78937cdec9dff994b7b27ed2d85cdddd

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-processenvironment-l1-1-0.dll

Filesize
19KB

MD5
2a61e4e21bf255107884b6520af5bbcc

SHA1
884eb1a835bcde4e7fd98134f0be797229f4239a

SHA256
64742ee0729cbe72555247b0165fae03bea7a6b0147869253dae3bb0072173e8

SHA512
d0ca104904352586bbd3da654125b3df9355fe250938a465e8e900d135cec397f1118fdf54829b076df82b8e45fcd7656c2c7aa33ad3c0af5189f7a55e43f498

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-processthreads-l1-1-0.dll

Filesize
20KB

MD5
d5c4b8f7260563f72150a84fe884ee31

SHA1
dae1185359ed25a4974504cd1ceaacde28d4318e

SHA256
02839f3b2bdf6adfc89d2f800cc8acda59a40c3e7ce14ef3026f4c72e202297d

SHA512
09ca23413eecf1df94aa36e53fc6fff0f402f21eda2ef79be6aa087818a5bb82ed98db790a2b5cf4ef91a8f70d8e27f56313bc2054a26872d2cad611c472f0b7

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
f61b9ecb79cd20fc2e8fce87286cfe43

SHA1
7a48accbe43e156f886f1f2836f74e1043feec59

SHA256
bfa24f94ba095174b82d3657f8ecc689eab8ff380c69b1c9a7e311eb70d66386

SHA512
42ab62087bbc9fc9c9003ae96ebb9e9bbfa3db4eb74bd6746da035d53d1002015d8482ecb92620ec65c42b8b2b41d9b0a7793e105b0cf8cb6f713a2bc03241db

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-profile-l1-1-0.dll

Filesize
17KB

MD5
a472bd416bdc12668523670360650910

SHA1
831d930ef9917e0dccacd8e7f7fd6f3d90082441

SHA256
48dceeea29558966c391cda34e5755386c2e7e252ea0a03d8d1f21e3cb370c5b

SHA512
166134e6c3403f4437e10afb514a55677481d3b03f7cfdf17917a0bb6fa1f387feae58d7dd5dfbc375eae66d24f10c3163ba5958c22beb6978c0b778c2883b6f

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-rtlsupport-l1-1-0.dll

Filesize
17KB

MD5
525a156e0ff61306fd44bf7937cacfae

SHA1
6a9a88317a55c939c0cb9f77256f5c3f961d0562

SHA256
41c69b545d931045a280f83b2f5fbe0ea18c35ac42dfca54b661b42fe8e4f982

SHA512
c99147eba45e9561b7a2802b0c15a2df2ac886ce95a95f2980f8bf4d1dff92a69b94f11cd17383b577303f24295b1b7e52b8c80ad26c0bb08862c726b9cd8841

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-string-l1-1-0.dll

Filesize
18KB

MD5
e57ec98e69961e45cc7a4e0666d26b7d

SHA1
70462a1d68bf49908fcb7186743a47a1affc5d7d

SHA256
52c9b061c4c74eeb70019edde2b690c7e9d9744979a3b718d6687b3a83f00def

SHA512
4a450bcbce0eb3f98f78af07673227a55cdf8e7840fa892196cbb8d0f90551b32731f70f171644f8097fda97d57caa4b7430023671b19881764613231a20cdc9

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-synch-l1-1-0.dll

Filesize
20KB

MD5
99572ae21d1c8afe3d02f1124979e911

SHA1
5b17addc80b1406a3eaa615f5e37d92e953a0bb7

SHA256
e7d39dcb79d739ec030e9a4e2165b264a24c400566056e1fda267fdd1a8b36bd

SHA512
27ca8149d1f0c625de90a3f4cd4a4930ab0c1362ee10a7131ebfd2a88065c2a34c8ad7fb6d95ce33072146b9309488cbfe122984606d631b99d925e3fc42fcff

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-synch-l1-2-0.dll

Filesize
18KB

MD5
e4110aa5c8a32b63de2c85e0bc297c54

SHA1
6039680f47750cf56d0c9a1768de815a44b83de7

SHA256
01bb32d692b86ebb39a76893125e0f3aaf957c6e4bd682fb46eac32f6fb65be7

SHA512
0631ea8224403ca113dff9b17852e92c1fcb2820e4f335b668b12689d2a8f058ba33905692f2fd0f4897f8f766db816747ec95478d854b75a0803d2c899e6d98

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-sysinfo-l1-1-0.dll

Filesize
19KB

MD5
a13048905fc64cd2103094c871c6d826

SHA1
cebb1a74bd5196a3fe174a20543335074a1b7397

SHA256
fb23439a5982e723e8e4ae1a5a35f9bbbfba1e76feb4596668f57093b231da6b

SHA512
e23effc6c17177d07f43955cc8ffa17ed05cc2c0a6430078b37de8536170dc3cb4f8970eba1049b10a789ab5acb423745f9d842dac4d63d5714751186a3f071d

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
00b548bf3eab7a6debce296ee5e877de

SHA1
ae18022eb78c192ac3baee32664b9eb011194772

SHA256
d592b91a087c001f9ea38dc5912a90c78fad3a368879d04fd7e5650ed374c8dc

SHA512
3ba15d9a0f1680c2b182cf04fbbfcb0d4f1b607519c161c590928930ad1b3eba8bd417575a51305b9552f0abf0064c74267336ec09cea709aed9228e4eac799e

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-core-util-l1-1-0.dll

Filesize
18KB

MD5
96d9965ea02eefeadf1f122dfa724449

SHA1
c6f9eb1babe64b30fb1ff6b74e93db8ac41d1294

SHA256
4f31b2888ca82bd1ff40d71e2d11500456b99940dd469bfb097fcd304676fa38

SHA512
4018eae1e00899a5bd392c9b4f25561cf03292011f52387edd77058f49bd1b7456570f0108338088e5711bf5d6ba33aeb2c7bcd5d24d2744b173ff75bba0347b

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\api-ms-win-crt-conio-l1-1-0.dll

Filesize
19KB

MD5
032a139ea3cc41f2bb801cd580759a75

SHA1
4d88e10bcc4e75edc83bca578510d53fc827aa1a

SHA256
905f86530c56c9b453dd8bd9770440de0f6f35aa84b171de747a04d112e35aad

SHA512
4f574dfe92e90c7d6f162c0b69dd56c96031790abe15e52121c7e44980bbab86914ee06fc153fa5f3a77c4f1c6e4c24d7044507880a80b587872477708506a50

Download Submit
C:\Temp\TxGameDownload\Component\AppMarket\1d218714941abf910cf39c6d4f265e7d\Setup\uires\window\logo-oversea.png

Filesize
2KB

MD5
1af13060d206bd8c2d07035be2c88ce7

SHA1
def54fe95fb4109f41c307d809e27311362e93fa

SHA256
b45cd60fb9b2659f6b177c63abd3a4eb663912fb9531c97f1942baa36bb2d298

SHA512
0bddcc1edf3b87d50235af479297ab16d0f9d7d5bde4d5503c5b4607961f416ec4ca67d24f9f4f454c24152a70673045df66351b2590c11f4d93794c159cb3a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\62dee743-3eb0-40ea-9a46-bef57d5ffbc6.tmp

Filesize
266KB

MD5
09922ac2cda4267974e4e00e340ead7d

SHA1
9eab252fea9d1d2a7602940faf5f884a5cf2b84a

SHA256
5b9abc747ec008059932a0f9b4550d62efbb68da848e00550502ecf4e4dd356d

SHA512
499a754eeac5f7c7c92259980105a755b405afb42960a63c3d5c08fcd4ef23768c17219171e7db4fbc9d97c43029ce8d6f6ae457e99d912457788bc528c3125a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.gameloop.com_0.indexeddb.leveldb\CURRENT~RFf76a5f0.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
174fd9a84847e3d81e1638ecea513898

SHA1
e638c1429577e97df18fe28d609e58670c035ef3

SHA256
26785c99944d52ab251bba080ef86430c36d6aef1c75ac1107e2d2362fdfe6a2

SHA512
3e1df6f30479002dcde0b7f819c23ae1741dd27b52091ed56090f4cb44a1ded8bc086bd443fa26ec69bc8ae3e15561de3098f1f4c2ea4f63d323b1f56331362a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1196142c1dee6d05da544491fd10db6d

SHA1
9129729859be81b4e608597b2820300f36f7138d

SHA256
3734694e8f3b3c48c87fd76cae0f87c627f852af523dc717676b380183f3e0d2

SHA512
98a46d6f6337854cbd21179d8536f0816de42aecfb073cb4f1f2c8adb2275e521e943bd742241bf7630ecac82e379c4e4a13f80787be98789a64eeca4b2be34e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3fd442166c1e6cc62a8e3c9dffd6eeea

SHA1
d33175d563a835138e1c64164bd526dc6f2aa9db

SHA256
e4895a6f5edfa6e79faecd0d628cf14fb0d21f4c10aa28f8356497512182d923

SHA512
8937dd5de9cb047107d7bbac457e6b99dc01cb9cbf90e095138c1840102605a42fe51e20b3d9dac852a741b08b08a4eb74c0623cf6a6af98506d0387c601f5bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c710b74634a6d520faf7fcc9a2f29168

SHA1
4ff023deeb760398a343c5bae0bb6c8689247f9f

SHA256
8da132a68ed084fa1ca6e80c08506725023b70f8693d9c6e80bf4b348ace5fd9

SHA512
68f2ee47f91acf843d1077bdc8b7bd458e20cc460352edc9e1fe3a5a859ae1b7b0929f315c7276748a2fbd4914e52e5e421f6d9011d956f890936b10d27b6623

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
266KB

MD5
c17050b1755160b701457f63ee531f1c

SHA1
d726c4a6cf56bb8d833b27bb41ae35d264a46160

SHA256
330b3cdb7535ec835d22dbe25f487b0f0edc8b2ba5517b392ce632e1266e5244

SHA512
eaadba7c696a0abbd92798bd8dc1c6f90d85c1d5bbf177f9444cef6472708336c4006d879c3051d9c51af1f8a95ab9c225bbb77e4e5889a0959b18ae13509379

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
266KB

MD5
beacdfebceff6741a7fe3433c01d6d95

SHA1
d496d25f3059709ddfefdfd649091f868d50e041

SHA256
451f67096ee18a95a98794484eb4c07cbe799ff56b403894965b9f13751229d8

SHA512
a56e46ddf8a0cd1abe10883ff9d554b030aa48e615f711486e4bc36f7b534afc3c5d8cd6df2ebace428ac2ddc9dc34c66b67efe7d689ee0a39f0ee5e259e1c51

Download Submit
C:\Users\Admin\AppData\Local\Temp\AowGame.xml

Filesize
299KB

MD5
023278b1ce04a96d8bc0778115e15b3b

SHA1
40ffcb2058b1965f3d378fcbb57c57f6a3611c3d

SHA256
b7a04eb456c31d9e28f843ced908ffe68d2079642536c873b19ead35110dcb8b

SHA512
fcb66cd57c4a5a8c63f2ec5e571b98db3fc7f49a2e0c5458e4ee97b8362775599a9e8a40a0b9974263698afa6b407f39792fe337af92e6e0b93dac73e7ea3ddc

Download Submit
C:\Users\Admin\AppData\Local\Temp\market_page_17152485070x3fb6\module\lib-halo-downloader.e9ec24df.js.LICENSE.txt

Filesize
832B

MD5
b23d7a495722fec387cea56b861b816c

SHA1
21d9593760be18f0097dadde05824aa52851a086

SHA256
86701d478c8b5cd2981db0c9715b0c27b1d76e1b0bd10dd7447a35b90cb14728

SHA512
08f2397203a34ceeabdb9581b07dd65e28e3775b4ae13010bee3d4ca8963a996da93018e92d8713e7a4d8f83d573600678677da916f68d1cf9819284c04d99cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\market_page_17152485070x3fb6\module\lib-halo-utils.776c5c7a.js.LICENSE.txt

Filesize
449B

MD5
bd995e27eac3745ca6d4ad4022fcb917

SHA1
469bf7519e238d7987af6a804a6857f91b9e026f

SHA256
90fdd6754a69086abae5c1d02782ddc4c82d179682b2b66c51a21e4c1edce6a7

SHA512
ef9e1848ed9b58fa6f9bfa711254488dd8c04d76eaf00b6e49c89869a4cce2fabbe9057a72326d166d9fb73946e8b28a6aeebd12395c154aeaabc376a0cd8320

Download Submit
C:\Users\Admin\AppData\Local\Temp\market_page_17152485070x3fb6\module\reactVendors.6c9e9b36.js.LICENSE.txt

Filesize
1KB

MD5
008037d1673d08e24a5e325889d17d3c

SHA1
a53f9798365405ff49a4ec7200ada0fda816a874

SHA256
65c975feb9646a852151f33fca761891752ebfd24a2268b8eb63120e04191a7e

SHA512
a34a2787dbb6c8e4dcf132c28fe989d11b77b5364ffbb45439ea1d4ed60c02be863a85d1583a74ce7dbedaed48e21582bdfa641c7d6be9f94f9a0d3de43e9e4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\market_page_17152485070x3fb6\module\yunGameExitModel.fd097226.js

Filesize
263KB

MD5
fd2a71bb696b6a256656cfd37e48364f

SHA1
da0e81c840e26b1ad67ab4fb58eea2502c68312a

SHA256
ee734919a31890d2c588ccbd47d6d8cb6586b165bf150c419f7575cc24915aa9

SHA512
2c47fdebbbcc448c2a63dbd1ee29ca9aae591d20923104c22a1a3f7b77f645d306f6c6867aae6f025cfdd379b526ae0793c33d4e7c137637be505078a95f8580

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\MobileGamePC\WebkitCache\AppMarket4\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
e73e2166ecc2fbe1c02298bed3213837

SHA1
9d49714e0f976b9e0ab519dd86bb52b59d815a33

SHA256
5d3b2a32860fe5abec59bfceeac645a4e3368b0e2b3cad955ef686b27b0a56ae

SHA512
5233d273ba0df76796dc6c7c7221e17a3650c5454177b2a46877668ad15f1212e4560ab460e2c4eeef4624864bef61e8ba1d001eaee76dddfff9acf35d46404c

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\MobileGamePC\WebkitCache\AppMarket4\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
2912172085830881dd9f37885e6ddb2b

SHA1
02423958704607470650392f04537b966c22df82

SHA256
05386aac4a46310759ca15dfb9e3ec0803cdf405afa499431611b5396e0c7b2c

SHA512
bdb4cbdf8fcde66eba5224c7b8316e67a3d6a1884d7cb087ed7c081bae7b9bf7e9eb9d5c39eb72dfc5a55d3ee843f11a242d4d652385a62e3e593b2e3fb380e8

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\MobileGamePC\WebkitCache\AppMarket4\Network Persistent State

Filesize
497B

MD5
d9fcbfdbbbdfbca002819b16bd6652ee

SHA1
e4dae574b270a27e9f375f5949db762c27dabf51

SHA256
3c9569a1a39783a8f1bdcad9750df16f31971ce7044d2a1621270f6ab5509a1c

SHA512
f700a07ffd76196206ebcb4131038c9b464f18cca9812281abd7eee0c6b4d90614641a5a30aca432e8879147632c1bcaca096571ef546c8e005fd4d37963cc53

Download Submit
C:\Users\Admin\AppData\Roaming\Tencent\MobileGamePC\WebkitCache\AppMarket4\Session Storage\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\Desktop\GameLoop.lnk

Filesize
997B

MD5
c56a5c3c97ab6484758cd6727fad9ac9

SHA1
4116d6fc115d3a5398533886a9890366c5f57201

SHA256
2d8a88383d43fe60c1bfee6e867c17603a05d1e7912a0e0d00d75673107ec65d

SHA512
625739ed52f4aec4e77c2272ffd2de4ade567a3e032be136554aa61cf8251a582d723b3bcc19a680991f9443bc72222f26827d2d0f8f9f18d7f95cf0fb1127c3

Download Submit
C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe

Filesize
3.7MB

MD5
503a84464431d9fb77fff5c76b9181dc

SHA1
622114e85462b0814c787d30efe11983e3497d33

SHA256
d34ef58261364124c05b91d7874e26e251f64b6ea8c2390a378edbaa4bc9c689

SHA512
947c7974886de6a43df2ebd1543ec6844739e6bb28cf0229a117dcb3f3c115c85293c2e780d1072b65660a49a31650611dc2187bf1d0ea5478a660995644a1fa

Download Submit
\Users\Admin\AppData\Local\Tencent\TxGameAssistant\TGBDownloader\dr.dll

Filesize
74KB

MD5
2814acbd607ba47bdbcdf6ac3076ee95

SHA1
50ab892071bed2bb2365ca1d4bf5594e71c6b13b

SHA256
5904a7e4d97eeac939662c3638a0e145f64ff3dd0198f895c4bf0337595c6a67

SHA512
34c73014ffc8d38d6dd29f4f84c8f4f9ea971bc131f665f65b277f453504d5efc2d483a792cdea610c5e0544bf3997b132dcdbe37224912c5234c15cdb89d498

Download Submit
memory/880-373-0x00000000001F0000-0x00000000001FA000-memory.dmp

Filesize
40KB

Download
memory/880-372-0x00000000001F0000-0x00000000001FA000-memory.dmp

Filesize
40KB

Download
memory/880-365-0x00000000001F0000-0x00000000001FA000-memory.dmp

Filesize
40KB

Download
memory/880-366-0x00000000001F0000-0x00000000001FA000-memory.dmp

Filesize
40KB

Download
memory/2128-11-0x000007FEF5480000-0x000007FEF5E1D000-memory.dmp

Filesize
9.6MB

Download
memory/2128-9-0x000007FEF5480000-0x000007FEF5E1D000-memory.dmp

Filesize
9.6MB

Download
memory/2128-5-0x000000001B6D0000-0x000000001B9B2000-memory.dmp

Filesize
2.9MB

Download
memory/2128-8-0x000007FEF5480000-0x000007FEF5E1D000-memory.dmp

Filesize
9.6MB

Download
memory/2128-4-0x000007FEF573E000-0x000007FEF573F000-memory.dmp

Filesize
4KB

Download
memory/2128-6-0x0000000002230000-0x0000000002238000-memory.dmp

Filesize
32KB

Download
memory/2128-10-0x000007FEF5480000-0x000007FEF5E1D000-memory.dmp

Filesize
9.6MB

Download
memory/2128-7-0x000007FEF5480000-0x000007FEF5E1D000-memory.dmp

Filesize
9.6MB

Download
memory/2356-371-0x000007FEF5B00000-0x000007FEF5B3A000-memory.dmp

Filesize
232KB

Download
memory/2668-4380-0x0000000000BA0000-0x0000000000CA0000-memory.dmp

Filesize
1024KB

Download
memory/2668-4495-0x0000000075FB0000-0x000000007610C000-memory.dmp

Filesize
1.4MB

Download
memory/2668-4494-0x0000000075250000-0x00000000752ED000-memory.dmp

Filesize
628KB

Download
memory/2668-4557-0x0000000075FB0000-0x000000007610C000-memory.dmp

Filesize
1.4MB

Download
memory/2668-4432-0x00000000025B0000-0x00000000025BD000-memory.dmp

Filesize
52KB

Download
memory/2668-4379-0x0000000000BA0000-0x0000000000CA0000-memory.dmp

Filesize
1024KB

Download
memory/2668-4431-0x00000000699F0000-0x0000000069A00000-memory.dmp

Filesize
64KB

Download
memory/3056-4496-0x0000000000400000-0x00000000008DB000-memory.dmp

Filesize
4.9MB

Download