Overview

overview

8

Static

static

1

URLScan

urlscan

https://www.202lat.c...

windows10-2004-x64

8

Resubmissions

22-05-2024 22:38

240522-2kc8gabf89 8

Analysis

  • max time kernel
    132s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.202lat.com

Score
8/10
spywarestealer

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 14 IoCs
  • Loads dropped DLL 11 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Enumerates connected drives 3 TTPs 8 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies system certificate store 2 TTPs 3 IoCs
    evasionspywaretrojan
  • NTFS ADS 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: LoadsDriver 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 21 IoCs
  • Suspicious use of FindShellTrayWindow 38 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.202lat.com
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4864
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb884446f8,0x7ffb88444708,0x7ffb88444718
      2⤵
        PID:4740
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
        2⤵
          PID:1004
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2776
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2568 /prefetch:8
          2⤵
            PID:2296
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
            2⤵
              PID:1100
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:4632
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
                2⤵
                  PID:2896
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
                  2⤵
                    PID:1624
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
                    2⤵
                      PID:4252
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:2396
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
                      2⤵
                        PID:1696
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
                        2⤵
                          PID:4208
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
                          2⤵
                            PID:228
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
                            2⤵
                              PID:1504
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
                              2⤵
                                PID:4736
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
                                2⤵
                                  PID:4496
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
                                  2⤵
                                    PID:2864
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
                                    2⤵
                                      PID:2504
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
                                      2⤵
                                        PID:432
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
                                        2⤵
                                          PID:3708
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
                                          2⤵
                                            PID:2276
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
                                            2⤵
                                              PID:3052
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
                                              2⤵
                                                PID:3428
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
                                                2⤵
                                                  PID:1360
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
                                                  2⤵
                                                    PID:4664
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
                                                    2⤵
                                                      PID:3384
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3380 /prefetch:8
                                                      2⤵
                                                        PID:1704
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
                                                        2⤵
                                                          PID:3476
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6808 /prefetch:8
                                                          2⤵
                                                            PID:2148
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7036 /prefetch:8
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:4508
                                                          • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                            "C:\Users\Admin\Downloads\OperaGXSetup.exe"
                                                            2⤵
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            • Enumerates connected drives
                                                            • NTFS ADS
                                                            PID:4820
                                                            • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                              C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=109.0.5097.98 --initial-client-data=0x2bc,0x2c0,0x2c4,0x298,0x2c8,0x756f4260,0x756f426c,0x756f4278
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:3732
                                                            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe
                                                              "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:1388
                                                          • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                            "C:\Users\Admin\Downloads\OperaGXSetup.exe"
                                                            2⤵
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            • Enumerates connected drives
                                                            • NTFS ADS
                                                            PID:2244
                                                            • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                              C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=109.0.5097.98 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x73854260,0x7385426c,0x73854278
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:4252
                                                            • C:\Users\Admin\.opera\Opera GX Installer Temp\OperaGXSetup.exe
                                                              "C:\Users\Admin\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:4308
                                                          • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                            "C:\Users\Admin\Downloads\OperaGXSetup.exe"
                                                            2⤵
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            • Enumerates connected drives
                                                            • Modifies system certificate store
                                                            • NTFS ADS
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:3152
                                                            • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                              C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=109.0.5097.98 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x72db4260,0x72db426c,0x72db4278
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:5060
                                                            • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\OperaGXSetup.exe
                                                              "C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:5000
                                                            • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                              "C:\Users\Admin\Downloads\OperaGXSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=3152 --package-dir-prefix="C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_20240522223937" --session-guid=79bde560-648a-4183-9df9-ef1f24ce851d --server-tracking-blob=MmJiMTkyY2NiMzk3NGY2YzUwODVlODNmYmYwZGFjMzYwOTg1NWY3ZWEwODFiNWNjNTNiYTUzMzNkYmRiMzVkODp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9VVlJfMzczNiZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTM3MzZfJnV0bV9pZD0xOTRjZGNmMGIxMDE0NjdhOTEzYzhkNDc2ZDBmYmI5MiZodHRwX3JlZmVycmVyPWh0dHBzJTNBJTJGJTJGd3d3Lm9wZXJhLmNvbSUyRmd4JTNGdXRtX3NvdXJjZSUzRFBXTmdhbWVzJTI2dXRtX21lZGl1bSUzRHBhJTI2dXRtX2NhbXBhaWduJTNEUFdOX0dCX1VWUl8zNzM2JTI2dXRtX2NvbnRlbnQlM0QzNzM2XyUyNnV0bV9pZCUzRDE5NGNkY2YwYjEwMTQ2N2E5MTNjOGQ0NzZkMGZiYjkyJTI2ZWRpdGlvbiUzRHN0ZC0yJnV0bV9zaXRlPW9wZXJhX2NvbSZ1dG1fbGFzdHBhZ2U9b3BlcmEuY29tJTJGJnV0bV9pZD0xOTRjZGNmMGIxMDE0NjdhOTEzYzhkNDc2ZDBmYmI5MiZkbF90b2tlbj0yNTY0MjQ3OSIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcxNjQxNzU0OC4wODQ3IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xMzEgU2FmYXJpLzUzNy4zNiBFZGcvOTIuMC45MDIuNjciLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fR0JfVVZSXzM3MzYiLCJjb250ZW50IjoiMzczNl8iLCJpZCI6IjE5NGNkY2YwYjEwMTQ2N2E5MTNjOGQ0NzZkMGZiYjkyIiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwibWVkaXVtIjoicGEiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImRjYTQ4YThhLTNlMTQtNDY4NC1iYjNhLTJhYjNmMGUwZmZlNSJ9 --desktopshortcut=1 --wait-for-package --initial-proc-handle=7009000000000000
                                                              3⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • Enumerates connected drives
                                                              PID:2724
                                                              • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                                C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=109.0.5097.98 --initial-client-data=0x2a4,0x2a8,0x2ac,0x274,0x2b0,0x72074260,0x7207426c,0x72074278
                                                                4⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                PID:2984
                                                            • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
                                                              "C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
                                                              3⤵
                                                              • Executes dropped EXE
                                                              PID:5336
                                                            • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\assistant_installer.exe
                                                              "C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\assistant_installer.exe" --version
                                                              3⤵
                                                              • Executes dropped EXE
                                                              PID:5416
                                                              • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\assistant_installer.exe
                                                                "C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x26c,0x270,0x274,0x250,0x278,0x884f48,0x884f58,0x884f64
                                                                4⤵
                                                                • Executes dropped EXE
                                                                PID:5440
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2252,9011109122426468049,10560051962946697861,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4984 /prefetch:2
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:5608
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:2772
                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                            1⤵
                                                              PID:1804

                                                            Network

                                                            MITRE ATT&CK Enterprise v15

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
                                                              Filesize

                                                              471B

                                                              MD5

                                                              a8cc22618e868e1ee10efdfa626e7721

                                                              SHA1

                                                              3ed13535d1494e2d7749769d341332dffaec6370

                                                              SHA256

                                                              246744cdc79a5585f68d95d6a98473ee12383c85471f6e4f7e0fcfcd655868f5

                                                              SHA512

                                                              18a3036d061558b11fee0d914904521d06970c3a9dd7fe65826b45f7037d463e538e40142647c9cd97c7a6c3346dc9745b80c35b48ab5c30df4fc73752ab5b94

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_9A347AC5A42F886F9F966873087C7F2E
                                                              Filesize

                                                              727B

                                                              MD5

                                                              2141d9b6ca4897a28a20ef1532583d24

                                                              SHA1

                                                              cc9c7a78686f33c3e6eaa311408eca505be5ac2e

                                                              SHA256

                                                              ee11569c8c349a2fd9f055050cfe5b67bbb4230c62c3d205abbdef277d479ab1

                                                              SHA512

                                                              b69d6846a35ee8a9e7c56308846f8012ddc6c042f1e2e060d963c1a3e5d742da6f01ef331b374fc8b221c6db059559ef70ce871f7c4c0c4ce8794fae860a199d

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
                                                              Filesize

                                                              727B

                                                              MD5

                                                              a90ff749a13166b81da25cdcbc82c54d

                                                              SHA1

                                                              a09692688b0a86d9e06b6a3697d2a1793f367961

                                                              SHA256

                                                              4b1553fdbeca127a257bed3bd232cad24df64166cd39a54159893d5c350ac742

                                                              SHA512

                                                              54dfe43bb1c88eac7d29e641171a27f72270bea50d3d989217f3a739943f4a3d751689dab68319ed7e800986cac1c5053305252a5f92fe14f1566f425f7994b6

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
                                                              Filesize

                                                              400B

                                                              MD5

                                                              0ec42e773b5e2148394a3fa21cc05f8f

                                                              SHA1

                                                              8dd564183fb240775c52a31bcdb7037f3605003f

                                                              SHA256

                                                              fffb620565419535d2555fb8bf7cfd6ec50f546261b45d6ffa40630a613dd9fa

                                                              SHA512

                                                              53b335647e4888c78ced2629358ebbe5b978f94681433031eb8337e9c4957e823df543f05c66caf8c1fb7a23ae626e23a90b1a3d87108e7fcafb200cfc2f3636

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                                                              Filesize

                                                              330B

                                                              MD5

                                                              1e5abc5bd1f9529bcc7e5669e0d1f21e

                                                              SHA1

                                                              5e79561fa7ebf97a918ff6f80575bbebabc05168

                                                              SHA256

                                                              2960bed6e27207f83f52375be88cfdb3cf4075f55c6e2306ab8e51899fee2de7

                                                              SHA512

                                                              93bdfc18d867096c041a229d715a3c3befcc36e1d28e9134bba7ee020cf4331ceec8c218dc77145eda650dde31b7caa06d585a751236a435540e2cc182eef804

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_9A347AC5A42F886F9F966873087C7F2E
                                                              Filesize

                                                              404B

                                                              MD5

                                                              e0f621c230816edd9ebe29f5274c02e2

                                                              SHA1

                                                              f3cb925ff9be74bef3bbcb43c8f2cda9bfc51da1

                                                              SHA256

                                                              7ac38ea52d0dea15aeb4b3c3d03bca4ac425e4acd21a76ba574324da939a9e2a

                                                              SHA512

                                                              457d9db61db2ca1a60eed5e49dbe4e87cdf59124f8651f800b9a65f4db4bffedbdcef1018dbba49c8d61f5dde92108ee91f085572c2c41b78757e54af0e7355b

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
                                                              Filesize

                                                              412B

                                                              MD5

                                                              614c0e370119d00ffdf924efc0384022

                                                              SHA1

                                                              1736cf4e771d5a2d8cdd818324850e58c06ab801

                                                              SHA256

                                                              1f5aae05c2d2f6f6aa0b44658b105e439c67c5ab81ab8ca38210ea0675ac13bb

                                                              SHA512

                                                              9828525b0214df57139190286df6eac860cca4d6cee5ebfbd6cba680adc29712f7abaabd0fa611997ea0e96cba43c3659de965f641ae0c44ee8790c7d77dfb5f

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                              Filesize

                                                              152B

                                                              MD5

                                                              56641592f6e69f5f5fb06f2319384490

                                                              SHA1

                                                              6a86be42e2c6d26b7830ad9f4e2627995fd91069

                                                              SHA256

                                                              02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

                                                              SHA512

                                                              c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                              Filesize

                                                              152B

                                                              MD5

                                                              612a6c4247ef652299b376221c984213

                                                              SHA1

                                                              d306f3b16bde39708aa862aee372345feb559750

                                                              SHA256

                                                              9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

                                                              SHA512

                                                              34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                              Filesize

                                                              1KB

                                                              MD5

                                                              13b9d56e83cdc8ac0706cebc536c996a

                                                              SHA1

                                                              a4f042f6586f5194267126bf3437d0eb2956f997

                                                              SHA256

                                                              d199b5a320cfb145aa9376ccee8ea374e0d548fb472588c6c4b6a55c098faeca

                                                              SHA512

                                                              4072a8624a77c817775cb066316789f1b19ad314e5bb54bffe538ca0feb0e40e3c1d921e7ceb13ef52d3a417c4caec253fe49e7f11fd5b8b6e7c691761e44dd4

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                              Filesize

                                                              5KB

                                                              MD5

                                                              e5629e8df93038155be9929eb4df7fb1

                                                              SHA1

                                                              5519c795572aedb599dfde8c49322d3c9241edfb

                                                              SHA256

                                                              58f66e7678d63506efd5029eda17df0420c0d05a054bdfe6b2014e82bf0d0cea

                                                              SHA512

                                                              ec8b216386570e1457f71d0de0d9995dc270690c42ce49534c9a9414319fa9ad9484f507faa55cd6eeb892b7a8c2ba383202fdf79ae4388aab3522809c8cc3d2

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              5KB

                                                              MD5

                                                              01e92c2daed266709419f0ed14bbf797

                                                              SHA1

                                                              2f559d084abefd900c8e421372a56bced844d801

                                                              SHA256

                                                              a2308d908e6cd03f6f91537612be78c80f18876951778480c7f0521824bf85ee

                                                              SHA512

                                                              fa6971df05e36308168491ae38e0621b93a660f4bbdef8108a4a517c3eed6d445f26fa2138796c34aa77a0e5911c4607e53e7d3691d32933fa9da9aa782d3750

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              6KB

                                                              MD5

                                                              ddc50a13346c9a5a13f6a5129436f601

                                                              SHA1

                                                              cfa28ffa7a04f61426c0783fdd16117702c51bb6

                                                              SHA256

                                                              b868062e43a71f478773e0cb72c78b12deff49f046a1040408d619213474d035

                                                              SHA512

                                                              78edef4ce08b4730b75f7b1f3eeaebb5f4cb78ecb4e648bb2c76554f3f416a6ae177894f611bdcf1c0ec2c7e7ccd57d9dd9de85269e44e12513306325d99b844

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              9KB

                                                              MD5

                                                              b040c8c92a38dff8f2220a37140d0dcf

                                                              SHA1

                                                              04528aeb02a4c4bd8332597073013d667ae86f50

                                                              SHA256

                                                              d804c0f1f6601a25b9a2b2ebd3df46094de9a27258d1a3d44e0e9662e82c319d

                                                              SHA512

                                                              732a13393cdf91490faf2ed1acc098a6f2374e4d83f0a634db297aa475b4382f792b4bea2af0557887b63a840c9ece1b1260ce56740521e2a02f699da23753b1

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                              Filesize

                                                              6KB

                                                              MD5

                                                              e7c068562125292b00f1db132b6796a9

                                                              SHA1

                                                              38ae03d3202982b6a790dda98b40b89497bde155

                                                              SHA256

                                                              8f9f027a0c4950ae1687d090eb97329e67cdc4aca8eeb6bc279c22b53303082a

                                                              SHA512

                                                              45dc9891153bd2f4c4dd77ff272c123760cac7f96970ea85c6c6e86b66993edf933499ef4b65b572a7082693e2b54188f8ffd23c6e0f649757242116966f5cd0

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                              Filesize

                                                              2KB

                                                              MD5

                                                              75a928f64ea305eabbf0d4c53c2c633b

                                                              SHA1

                                                              bd188eaabde221d588288b3f09225a8848b467bb

                                                              SHA256

                                                              27bd9d2834c2fe33c4c3313a48a69d57cb550455feb71fe82dc1fa2f41e3655b

                                                              SHA512

                                                              aa43b929a07b94a28a7d391d1b8cfe97ce0d8e2a1f49d927fb2faf0b3369d2866d9039ce9d9c2edda6488a3ea264400caa358d9e439654811676c8b348aa61ec

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                              Filesize

                                                              1KB

                                                              MD5

                                                              c1bf243cc675292557803cb574b34d8e

                                                              SHA1

                                                              499dbfce85da3217b1aed2544e3c7ac2fb813ebf

                                                              SHA256

                                                              b08556efab331643314800308c17d63a95eff4acd575bd9ab34aa2154e39a4da

                                                              SHA512

                                                              583b72cf00e93bb664343ece4de073b1c047944193a73554880d86460d341a9bd31da1e003b9139d47e3f64a02e154f435af38cac453d44aa87cb9085b12c0d8

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581846.TMP
                                                              Filesize

                                                              874B

                                                              MD5

                                                              73eac6c6aa732f4c5fd3b3eaf8cf789f

                                                              SHA1

                                                              6429fc7f34e157ade363f38d7a56e9a1fc228fe3

                                                              SHA256

                                                              bbcd70276a3348edf02115c4557fed3bcc123b93296b5aa004b2d54a6650112a

                                                              SHA512

                                                              3fe871c8fc9625839d3602fd5d51d2520428515c9b6251429e258f4a355c22b405298f70ac648e22c26bcbee327422fcc0363e70996dec7307dfca31e8c13078

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                              Filesize

                                                              16B

                                                              MD5

                                                              6752a1d65b201c13b62ea44016eb221f

                                                              SHA1

                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                              SHA256

                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                              SHA512

                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                              Filesize

                                                              11KB

                                                              MD5

                                                              2be7b703be375b8a4b2a2b0debb8b338

                                                              SHA1

                                                              648f8ece62897b7939a67bcc4fe10137f3cde66a

                                                              SHA256

                                                              b9c0c8a4e94919531fd933111070e66e7df5c7da287d86cd31d48e5dce238077

                                                              SHA512

                                                              aae19c165929be6cda3c81e4996b887945e1ebdffcf88b6f19ed7f804d22d24893b40477a15f58d59db83a8c34d14d420b4c59f1e70c5bd2af9dff8133cdb1aa

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                              Filesize

                                                              12KB

                                                              MD5

                                                              9c3cdc8da954e8ed234a254baf10b7f2

                                                              SHA1

                                                              0bcb88a05696fd25f4bac80747f4abdb9fc66255

                                                              SHA256

                                                              004af523ffa7032e059a00ea6e5d70f79b013556f3cee11c987e5da5095bedb7

                                                              SHA512

                                                              01f5ca8a9eb717a39879bc99ca08a68ec7bd43a3434c121d0131944e3dc2117e93f876bd97d33d55fb4b7a62cce3820f7d753720e87e00260ac9fd4df82d1a55

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2405222239344824820.dll
                                                              Filesize

                                                              5.2MB

                                                              MD5

                                                              b475e76899deb89d881b9cea475ff960

                                                              SHA1

                                                              840f53d36f18437b782b382e088e6d30dca627e1

                                                              SHA256

                                                              a3e9972d2e8213f71e742d3d1f2a0e738c99e3678e61a1262226d5d35e8819bf

                                                              SHA512

                                                              2ba854f1f272c26e476e0cd7507e48ad5c809be4529982d935749e5a620dfc1b3dca692820dc222acaebd01b1ffa67a7bd7471dc49662ecdfc498d9e01523865

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Local\Temp\opera_installer_ui.lck
                                                              Filesize

                                                              4B

                                                              MD5

                                                              2d5013255a77a5aa99fb2bc67aa0d778

                                                              SHA1

                                                              3a810de1164883e95b5252c612d4f7a843a69afc

                                                              SHA256

                                                              992fb61e6b6ce0af62670467812554f035f62c2b5cd3a6a1d30912b2a0a191e4

                                                              SHA512

                                                              bacfd09de15c69b72d75ceb88950204ff3725a892e5f3d3b42248aa51c9e30388f13fdf52549973f38cf5819916c331dd1dc5e9db92f4dd3a372e6698df40c6b

                                                              Download Submit

                                                            • C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat
                                                              Filesize

                                                              40B

                                                              MD5

                                                              e787db27bc020454722b0b84c542e14f

                                                              SHA1

                                                              82c73c803e07d7b94c2131ec476bc1637a440483

                                                              SHA256

                                                              a034da4f495b2125dca174d22d137fac04969076470bb762f5244e4359bd9d14

                                                              SHA512

                                                              1ec704257ef064468b1adb8dc1901b095f863bb32ac7a10edd3507b80d5c9fece533d0f3bd449c69aeb1a065b369fabc9260773720e2cd89576a649b9fd2183e

                                                              Download Submit

                                                            • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\additional_file0.tmp
                                                              Filesize

                                                              1.4MB

                                                              MD5

                                                              e9a2209b61f4be34f25069a6e54affea

                                                              SHA1

                                                              6368b0a81608c701b06b97aeff194ce88fd0e3c0

                                                              SHA256

                                                              e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f

                                                              SHA512

                                                              59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

                                                              Download Submit

                                                            • C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\opera_package_202405222239371\assistant\assistant_installer.exe
                                                              Filesize

                                                              1.8MB

                                                              MD5

                                                              4c8fbed0044da34ad25f781c3d117a66

                                                              SHA1

                                                              8dd93340e3d09de993c3bc12db82680a8e69d653

                                                              SHA256

                                                              afe569ce9e4f71c23ba5f6e8fd32be62ac9538e397cde8f2ecbe46faa721242a

                                                              SHA512

                                                              a04e6fd052d2d63a0737c83702c66a9af834f9df8423666508c42b3e1d8384300239c9ddacdc31c1e85140eb1193bcfac209f218750b40342492ffce6e9da481

                                                              Download Submit

                                                            • C:\Users\Admin\Downloads\OperaGXSetup.exe
                                                              Filesize

                                                              5.7MB

                                                              MD5

                                                              74357cf9a6d30411546a63ac621abdec

                                                              SHA1

                                                              edcaba548ac4a762c6b5b451b3b5d60781b984ba

                                                              SHA256

                                                              813b7646b6f9e6764a3b8a1393d93f0d9e026e973749038ee277430610b2b29b

                                                              SHA512

                                                              7f55e5705d4decb3ad8bcf8ab73c6427c5340d848d04710502a8fbc8d7ad93ec1f548d9a25f12cad83f41de014a7e75ee629a6e3cb8a004e5610e879a290db7e

                                                              Download Submit

                                                            • \??\pipe\LOCAL\crashpad_4864_SFDASMSKMGMAGRBJ
                                                              MD5

                                                              d41d8cd98f00b204e9800998ecf8427e

                                                              SHA1

                                                              da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                              SHA256

                                                              e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                              SHA512

                                                              cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                              Download Submit