hxxps://github[.]com/quivings/Solara/raw/main/Files/SolaraB[.]zip

Analysis

max time kernel
1799s
max time network
1790s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
23-05-2024 14:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/quivings/Solara/raw/main/Files/SolaraB.zip

Score

9^/10

evasion themida trojan

Malware Config

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
evasion

Query Registry
T1012

Virtualization/Sandbox Evasion
T1497

Processes:

XcHvYYrNa.exe

description ioc process

Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ XcHvYYrNa.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__	XcHvYYrNa.exe

Checks BIOS information in registry 2 TTPs 2 IoCs

BIOS information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

XcHvYYrNa.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion	XcHvYYrNa.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion	XcHvYYrNa.exe

Executes dropped EXE 1 IoCs

Processes:

XcHvYYrNa.exe

pid process

2032 XcHvYYrNa.exe
Loads dropped DLL 5 IoCs

Processes:

XcHvYYrNa.exe

pid process

2032 XcHvYYrNa.exe
2032 XcHvYYrNa.exe
2032 XcHvYYrNa.exe
2032 XcHvYYrNa.exe
2032 XcHvYYrNa.exe

pid	process
2032	XcHvYYrNa.exe

pid	process
2032	XcHvYYrNa.exe
2032	XcHvYYrNa.exe
2032	XcHvYYrNa.exe
2032	XcHvYYrNa.exe
2032	XcHvYYrNa.exe

Themida packer 7 IoCs

Detects Themida, an advanced Windows software protection system.

themida

Processes:

resource	yara_rule
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.dll	themida
behavioral1/memory/2032-1959-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida
behavioral1/memory/2032-1960-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida
behavioral1/memory/2032-1962-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida
behavioral1/memory/2032-1961-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida
behavioral1/memory/2032-2106-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida
behavioral1/memory/2032-2155-0x0000000180000000-0x0000000180ACA000-memory.dmp	themida

Checks whether UAC is enabled 1 TTPs 1 IoCs
evasion trojan

System Information Discovery
T1082

Processes:

XcHvYYrNa.exe

description ioc process

Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA XcHvYYrNa.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	XcHvYYrNa.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 12 IoCs

Web Service

T1102

Processes:

flow	ioc
2	raw.githubusercontent.com
6	raw.githubusercontent.com
10	raw.githubusercontent.com
293	raw.githubusercontent.com
299	raw.githubusercontent.com
311	raw.githubusercontent.com
3	raw.githubusercontent.com
11	raw.githubusercontent.com
43	raw.githubusercontent.com
302	raw.githubusercontent.com
303	raw.githubusercontent.com
345	raw.githubusercontent.com

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes:

XcHvYYrNa.exe

pid process

2032 XcHvYYrNa.exe

pid	process
2032	XcHvYYrNa.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exemsedgewebview2.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609474560341010"	chrome.exe

Modifies registry class 2 IoCs

Processes:

chrome.exeMiniSearchHost.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3062789476-783164490-2318012559-1000\{35713F3C-5429-4F25-94BD-61E8232ECC86}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3062789476-783164490-2318012559-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

NTFS ADS 1 IoCs

Processes:

chrome.exe

description ioc process

File opened for modification C:\Users\Admin\Downloads\SolaraB.zip:Zone.Identifier chrome.exe

description	ioc	process
File opened for modification	C:\Users\Admin\Downloads\SolaraB.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

Processes:

chrome.exemsedgewebview2.exemsedgewebview2.exeXcHvYYrNa.exechrome.exemsedgewebview2.exe

pid	process
4524	chrome.exe
4524	chrome.exe
2044	msedgewebview2.exe
2044	msedgewebview2.exe
3352	msedgewebview2.exe
3352	msedgewebview2.exe
2032	XcHvYYrNa.exe
2032	XcHvYYrNa.exe
3552	chrome.exe
3552	chrome.exe
228	msedgewebview2.exe
228	msedgewebview2.exe
228	msedgewebview2.exe
228	msedgewebview2.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

Processes:

chrome.exemsedgewebview2.exe

pid process

4524 chrome.exe
4524 chrome.exe
2132 msedgewebview2.exe
4524 chrome.exe
4524 chrome.exe
4524 chrome.exe
4524 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe
Token: SeShutdownPrivilege	4524	chrome.exe
Token: SeCreatePagefilePrivilege	4524	chrome.exe

Suspicious use of FindShellTrayWindow 42 IoCs

Processes:

chrome.exemsedgewebview2.exe

pid	process
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
2132	msedgewebview2.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe

Suspicious use of SendNotifyMessage 16 IoCs

Processes:

chrome.exe

pid	process
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe
4524	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

MiniSearchHost.exe

pid process

3868 MiniSearchHost.exe

pid	process
3868	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4524 wrote to memory of 904	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 904	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 4236	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3888	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3888	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe
PID 4524 wrote to memory of 3864	4524	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/quivings/Solara/raw/main/Files/SolaraB.zip
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff4e68ab58,0x7fff4e68ab68,0x7fff4e68ab78
2⤵
PID:904

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1496 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:2
2⤵
PID:4236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:3888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2144 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:3864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:3892

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:2228

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4356 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:1408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4276 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
- NTFS ADS
PID:3408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:4888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4320 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:2316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4892 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:672

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4936 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:2832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5076 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:4800

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:3140

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5224 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:1652

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3252 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:4672

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4000 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:1100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4024 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:1
2⤵
PID:1892

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5332 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:1872

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3300 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
- Modifies registry class
PID:2940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:8
2⤵
PID:5004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2472 --field-trial-handle=1808,i,15310240558864215867,5419172054317296010,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3552

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1888

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2032

C:\Users\Admin\Downloads\SolaraB\SolaraB\Solara\SolaraBootstrapper.exe
"C:\Users\Admin\Downloads\SolaraB\SolaraB\Solara\SolaraBootstrapper.exe"
1⤵
PID:2052

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe"
2⤵
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
- Checks BIOS information in registry
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
PID:2032

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=2032.4068.12914501038729024791
3⤵
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
PID:2132

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x1c4,0x7fff32e73cb8,0x7fff32e73cc8,0x7fff32e73cd8
4⤵
PID:4916

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
4⤵
PID:1416

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2104 /prefetch:3
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2044

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 /prefetch:8
4⤵
PID:1772

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
4⤵
PID:3124

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4516 /prefetch:8
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:3352

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=5064 /prefetch:8
4⤵
PID:1748

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5092 /prefetch:2
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:228

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1904,1094924291044928513,5661538934232275499,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView" --webview-exe-name=XcHvYYrNa.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2504 /prefetch:8
4⤵
PID:2792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1900

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
Filesize
87KB

MD5
3944ec974f9d57012447b02314e03231

SHA1
125677c1232fc7c771ad1ad7348820c252b87217

SHA256
fb9a3ce419e5466534c7338eabf1d80a9b05ef20cb76ccd429100c29b0a59be1

SHA512
4f4c97210e00d7ccf2f13f54572c15f8ae2a310e5c64a9ed8e3ea9fe2c54833f5745212e2f65e07da551ccb6981e7e0d19becd672485ee77499c271a5f9503b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
Filesize
48KB

MD5
21af9bc981d404957c6344aaff4b3e28

SHA1
e5569bc0876884ded0d9594432cc261effc66d47

SHA256
e9515acb1b0c8f7c1008358ed424d6563cae681f0e87c53547d0cb7b9f51b051

SHA512
fb42427a114a3cb5739c30f6235c4fe3102876b2063772665c82ecce483955d357dead930e6da185f2b27fb0e72b9837ee272c3271efa5b7e80f98edf4cfaae8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7
Filesize
51KB

MD5
588ee33c26fe83cb97ca65e3c66b2e87

SHA1
842429b803132c3e7827af42fe4dc7a66e736b37

SHA256
bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760

SHA512
6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08a228d108d0dbd3_0
Filesize
316B

MD5
7f252bfe608b82950953903d8c3aac4f

SHA1
1105b50792059d69a8d5977b2c385ffd80bb0af2

SHA256
572870fd4d4f28fbda161f0a779af399f4b64c6f96a462e1087f4572bc83767c

SHA512
2c3b88b8beacc4a62ae80162706fcdbd123eb2acba425880a7b7a1103db6d9f53e95e74a86271a4c60859057595a64d9f03e093e8fc99a359c1a216e993e54e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\529b6625a8b217e3_0
Filesize
128KB

MD5
e7748188e385a51a143e375bb3950b74

SHA1
c9987a64cd4727a8928bcb000b4954d66c6b696c

SHA256
b742347c070e64cedbea04962100ce1444bce6c6ebdde8b59f40c4e8f5fe9514

SHA512
9358c2985dce0bd37ea6b2e4eeacc4980f3ef75666156d16e102f19dc3adb839b90fef7cbd0b53b6c9cf8b548f9db100830f573c40009cc11246262ae506e256

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
Filesize
6KB

MD5
e89f6f05d262592718595751da0c433c

SHA1
d6128b7fee900340a5b9e8a04f7eea8cb9d207d5

SHA256
0413dbb273c59293b870cce0425f72d67c412a9cb2f8397f5c6ea9847fbcf625

SHA512
a0718209ef9292179228b61713faf7b3d2159f8f2e53d7c636ddf2bcae926c3599d75e2a4edd99954031096f3fa2b1c34447a712acbc4e5bbed5313c41380520

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
5KB

MD5
ac8c58d3483bb6a7f963bd9bcb78a6f8

SHA1
3f17f94f7839fd944fa159e679ef52a30437ddb5

SHA256
11d2fe47dd7ab701195b571b702eedf9c4b8293732d9219ba0e1cc3a87385a0e

SHA512
f9286e58a265122934cb37f4e036bd4f5e937bdbcab2af77add30d0735855f5ffbdd70c11ac148a486b3ade8786a5f24a42de45cd5d0f1e2f2ca840395fbfac6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
3KB

MD5
7fb250f61ab665a9d36fa3abb08e42c7

SHA1
db9b3773a0847e69351e15294c5ab70587cd789d

SHA256
67a36f95a547ccb39d2e33af659d8de0e1a844bc89613c825f13dea97c694a50

SHA512
008d1cc885f467843c7ebefea1b1775d127ccd7884fef425c5d5bbcd8a9777a637c311e8836e65d78a52d48f61b0e3f250be5fd364941a29dcd541301899697f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
Filesize
387B

MD5
b02d1401a9cf9661a25ae16567c456a2

SHA1
99ae66ffe329a7b9e94541292378c69bc53ccd1d

SHA256
5cec93a2f329ad87e657c28735afa7dd1ae0cd10154eafdabc178f2422501d30

SHA512
b325d6feda7dae22c8c3f6434b151e358d855cc8e559f8e605609454762932befdde942162102df2bcb109c5cd8f0834e242847ac869be968ef33f60744a47e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
Filesize
387B

MD5
8cb0362c45209ec1cc371c653625e353

SHA1
d278a7f9d73e0d573074a0edb26bc8470d4a76ca

SHA256
f8695fea250d22ffcac3f2ccd2aee4421ca56adb2fd81946bb802a07c3141e01

SHA512
a76b5c68660219ce0d840c5378a23542209aa7479a6d0c7972f80237b04a4873d6efe950d9f2f08883da469659e98794b8a75f5289822b59120b664a3898c8bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
Filesize
387B

MD5
9747001509f92a0b23cd52a10a7d9cc0

SHA1
769e75294de1832105539bfe578438264869f36c

SHA256
ee82882411866fc77b872f711a4481d345154939ba0c989c151d25e2ca569d22

SHA512
71f523b1e6aa6fc5489d49222e02738abba0232e8c750d1ff5c39aff12fcd0a3da5a2d43cd44580b9c4dbd4a9cc15a0277912056568f1cccde42ff84d2cfdde3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
Filesize
387B

MD5
23ab6188dff1de5d9f4036e97079dda7

SHA1
8250bfdba84e9d8741d2fee267b7695bf668dac1

SHA256
c9d40d97804677bc7f5c02ac263ddf63ab94d9a3fa74dc5520c236bcf11f2081

SHA512
71cb169848022441cc2347bd5407f893554fb59f1ae2e2ac944b196bab278c32c45986d9d4566b3d0dedab88890ccc077cdeb1eb2dccc8fc818fe77fcbe80872

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
Filesize
387B

MD5
0c4058c1b79c1648a8bb5d2656d7fc08

SHA1
fff70fb0956cf1a426d112adf75570aad7c91ae2

SHA256
ace2b684d31629e654dde1f2cb1ec7678e939a9f877fff42617eb3518ee86a3e

SHA512
1db488d79ac6b9e4eab8aba19be74fc443997e225ef423936ca0a608f084734432f49567557ffa104244b5253d5ff71ecf9bb43ce9d20d770c95422735d54fed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe59c3c3.TMP
Filesize
347B

MD5
578a3762ce8353033f566f1a1194b1f4

SHA1
e45387e335e328864b649316e4005bf8280df9ee

SHA256
4525472e677adc8da4ec2d8501458f7dc5f5c798556778161d6dcc36ed9984a8

SHA512
a477e8e467442dec9dbcab5780b3402a09fe73add70ee804a5ea71a67223ee26e363f4fc9bd118394aedd6de9e59a820a942c68b8bc62c21933945d5e8a2c99b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3a8ffe1d-201b-40ff-8f53-488eeaec674f.tmp
Filesize
8KB

MD5
d697f088380a50f454fa3f3824b5c232

SHA1
2b79d832e15600f81cbb1e21379eb2e85d3ffb22

SHA256
79c98e42db66daee28a4c28ab1782a44f2aa60abedaf176d477a667655ebc73a

SHA512
e8f4c33cec91a14d9d1488c26f1ef399039cd5669967b13e5fc7cfd2b52245335d777d2a09a875bfdcd31435c12ccf9f7c18979a53ee42cc701005f04a957aae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
4KB

MD5
3fd001621761ad6319fef33a5076e3a8

SHA1
00596bf0a068f9c239c42ae7514afb8a9f5f8f2b

SHA256
0b83a4d4a19b6a12a1652d9247acf700ee5714746ba9d0135cde0b0077fad109

SHA512
23b6cb5714c0d59537623ae4ee6d1af61f38983114427871419f9de50f04d6ef527c170e70e7077cf562e9d0c11baeecabe4fa030cc808c53642eb591bbcd5db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
10KB

MD5
1c943a379a419253d68c1901f66567e3

SHA1
aae831273f3016947daa854d84659955e2466996

SHA256
d56e51a54ea3e7f045cdc0ad98d8bd53f7acc6970acbbcf3bfd6395eaf13f490

SHA512
cf8a2084b03eb487462d77de057e93050a5497f1c2478b7455d2ced457dfdb9a9bb76ed8afb1a20ed5f6c022939dff847ac14c10e220e685bb1e983306ceea9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
a673a62e70a9fea780acbb066bc1b689

SHA1
e7ee12ff4642a291940ca5b7f9411a9c22978003

SHA256
c25e44373290df9a0daf59b24cd182bf946fe06fb0d2db150db58d4656d2f748

SHA512
c5c8464be99af1759e96a801036c5f91d907bd7fee047d45e42e2eb094a20ab3fb04f3c4e8ae3ad62748de15683fcd55d1ef45cc37e6a07bf32600a0f043c427

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
11KB

MD5
22c015424071663d5c61e0e5fbad5cc7

SHA1
bd304c617fb1a83a4f483b1e3fa9510fee96fdef

SHA256
3a6eebe35d68ee6be6d1303d02d7255f7cc5b4b98ca3edc9bf5e1e7583b10341

SHA512
b297fde93f7a4b1e63ba0eef3b84de3bd6c8ba9be89ae97e6ce91134d92174642f8bc54566a3cd94a0ce08e6393c30fc9dd1ef8c70041f1da531c9d7f7da4117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
e166f7ab6e7d58806836ef09f3e3f919

SHA1
ab2163fc4d76d67f125c1a0e67640825fe0b0e6a

SHA256
8c0408ab53290e6d5d69b858ab3e51760a210ce30f221679fbc463e05bb0a733

SHA512
4cc16799472a2d0c86135956deabb6af2f1b360cb501b7c7cdcfde8c673fecb7ceed0063342103e68fc927a6adec8bb9b5f089bfe9151728dc27456721c1c6bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
c9a06cd589b5c0709e9606abb2e415d5

SHA1
3bb6a5e325b084dd502ae9bf2297f84615506d52

SHA256
f0807d399ebd5b26c093340dff3cda158a59aeacc091aeda5b081d1552ef29b2

SHA512
adaefc404915e7e109839907a0cf2cd98efd6fe7cede8b9a1000d18c610341cb5b2ecb9a1b8d40173ee6d6605d2acb0a614af1dc6f08a7629b8865a351faf569

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
6fa6dc622150c97935b0b759eb45f40e

SHA1
ae23acc3020210d2fb79bcddcb109df6a92ea996

SHA256
1b709cbd2d272f41406605ddc927169b8ccffaff1ce81d3787af665c7b05dd34

SHA512
9856a42f1e69b02eec6517f8bd8914578280110a9cddf3a345bb4ba110ccc3044e20d3462ba183091f47ab22c8d5ca15ea7abb761c73c53527d98af88db49f99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
4KB

MD5
afeab5ea92920896c2aa1960defc01ab

SHA1
9aa68476e37d6037ad165440aa0ae8f9ba52da41

SHA256
8fd37d0891e753a01cd2fb7c6c77748edc157c0f61cbb9ca7d3781e353b0d97f

SHA512
be31ee08c5b8fe6cd080f45cdc2ca3d2186f9547310b3c624a7397d61f8b45ec664b4322836400507d558e4928ac72de3865d15092614162b43fd4d1179fba3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
4KB

MD5
eef84bf6381abb50f6eebe2ad7a47d87

SHA1
758ad8f4fd54f85baf0eb4851ce95cc3b2821ac1

SHA256
bd5099721e023db3540b95576d75ae808061b833eb0a8839447f25741baea7cc

SHA512
fc5b94ccca9fb7ddb50fbef17bc7448d35937dcbe396101a91031258943007d13c2f93769876659d0a51409b293023b2635826202dc339b5df96edb19fbe7ce6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
4KB

MD5
41309280a5617ef7f7ced6fb0075337a

SHA1
c55ae46d747d7cf0cf8ec9a7c2f9db71a76e034c

SHA256
245d12eff64182e0e9922ea14f128a5452edac8ab4c2bbc69f29a8fbcabe2273

SHA512
c8ae0374a4cd4848955ff277eb4da8ebd2ccaf2438af94bcef6ae68ba8a261601e9a46d2132c53b37b528f8bf267280f3f8cfd9be8ad011e58b005fc1c8d787f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
4KB

MD5
d9058a6718c632b53a4bc88e06b9e67d

SHA1
352bcc2e1d31043e5ffc3e18609d7165a35cb8a1

SHA256
48ce04d40af43a675359a17e403750664ad8cf5e2b54e5748b44ea3cd8ef1c57

SHA512
0e574f362585a100d92275c6e2aa2431e82d1c7ef3da10c2efbe74bbf8a80868a3404892ae91447a6b0154216231110957773a871cc3ed5929951b549943f5b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
010e7dcbe6000af784702d998c0638de

SHA1
c06e4077fa1d9990ec43528c165741aace0c1643

SHA256
d911d64fde3bf5d5654bea01144e0895f8ac77aed1999f5e1fa96cf7240c08e4

SHA512
e9f78a7415f9e9c21e3d62bb5e8cc16f52d2644246e637b2c6f9486a2f298d28b6d94ab96bb21633d678619eae8cf90d4c3b4d1fc22c5de103533a933d7e8a25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
090ce060fa8b160ede7d0cf64f0df58f

SHA1
a82abe703fe6cc4dd6d229751e4fecdb92a5576b

SHA256
66e868bc505edaa216530da246c91dd2f91d464f22c49d732363beabd9d3f11c

SHA512
4ef1412e77e5a48a37fcff2e815bf55cfaa41dd8e0dc9f478ffed4002a4749c3ee3208c56fa94f9afc7731e1e315bc0194d62f49ab0e0b25112323dc74e6b0c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
77a8e42e7b48e06fdff315dff0513de6

SHA1
0582ae05c7b76001f45dcad170ba22542e862e4e

SHA256
aa326efe0bae158e647677aa7f52b983e737b261ce08825aace1fbff1308ea9f

SHA512
6b3c5b9a0ccab453bc7c8c297f2350427ad0c7a1a5c8d95ec7767f40df47e6285d7fc6398b2228301a774794c6c9ad3074da0ba3edd829c6c58cab3cb84f0c0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
689B

MD5
086a01e02656bc400fa23a4586101c18

SHA1
e4461eaf02990a89babfb18f934d68f47a316bfe

SHA256
6996ed4f50b1f531134a41b838b630f902e7c8592f39476161022aca96f437ba

SHA512
6b421dc5d41a1ff221ed890a1cb57c76ae7f41826194dfef49d21f94eeaeb69217bd6bce749a836675b493da9dcb4b0c226e21f541c64e64440b4f81dc40436f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
6ab021b03e1ee110a65579a25a1f4960

SHA1
e296bb8243e172d168a4f9c2152014785a8bb4d9

SHA256
7ffcaa8a804a73998b3ce3666561e0a428e831d6a6f66e290e50b5cba8366dea

SHA512
7792436669f32490b90cce6e8dd405fefa035934681ee0b256a0abb6bc5abf86b86961fb93d9414d6ec802df673ef8bd8d8d9fa7789e80399001a2b9e1f49bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
cff118258b8b3379d0ae33b833c81a33

SHA1
32041c649fbe1048b9370a74e9f5b4f10d77044d

SHA256
47cc5ad08d54dedfdd93bee70139b457282625795b956ee69f70126cf8317130

SHA512
8038427e324ebbee4f785a08ad56e9521a940ca14ef56bc1b74265b4fdb971591cd0ef3336a74312a7d02c54168a100df8608044e6115a8fa4a620f9198ce7f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
ab1555e74644766756dd01d914ec914b

SHA1
7aa0219b0b8d6a02c2e4e3ba492b27e5b2688149

SHA256
f00f48979bfc81e709cf2312702427156f3ca6bee8cabaefe31663b33caf5376

SHA512
2b1f15ff480f353793fb4a85e48d7b0a10838dbe022dd717498b75f3ae5e9c98a11790e33d6b4819e2e7c73a793b9009dbdb0f7a71bea62adcd930fb0d7d9dec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
55adb4cdc2582ec0f09760755b873313

SHA1
ab6dbe04be2c0ce814a0161e64027f1876f27db2

SHA256
635b7f7d7639a5574884db74b76b23a44cafe583561381e19953125654f09012

SHA512
2298bda47a1c41655769930fa6b2e6f427b667cdfd2429e806fa5a5c02fd55228b623f38a1970b4b0c3a1b98ac30d0164e135cde629f0762d56e742cc1fc9724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
fa11a4cb47b2693fedc90c6a6b3d873f

SHA1
241edb11201ce2c19e2217fa3944760e9ed80675

SHA256
6b1d44c27d661963da0e08db1ae27b8e26e360654cf29b0c98ce090a27ef52e3

SHA512
47e1289c599f5da92530c6f82a1d31ad87817cfb35c8a5a48e32905266a2d60330cd579dc5d66f0298b21b0d12a038ea19083ad0aaad0bf1db430d344caa2644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
4KB

MD5
ae0879ed9c9e3bee77a26b73eb697b8e

SHA1
db835e0d323890d849b455705fd230ae4fd4aad6

SHA256
a62bed585e2cf5836c780fd94808cc898f7856cf4696f532bae575a77509c7b9

SHA512
9ae5889d52aa45c93c2d1ede231dbf67b00972ed17dc6ae06a34e30b9818683e8a6c99fcbca3aee03daaf5d8f0f1b289a51766699ebb17e313549a5a918d3943

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
9bfc69aed88cd6fe21b01a89f550114e

SHA1
e39655b7633373e84c99b5d43da1327e6cf11056

SHA256
806e8f18c674441149e863112907c4ff79f67a9c82a2c05a0bdf9cb517c6145f

SHA512
ef714910d5294f0a291200f56475a08d3546b7453c0b7b4fab0c4811b00e89b55a0d941c12a3db4e2d1de1fbf173a0405d76a7e7ec23b99cd27373a423721d9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
07196dcb712e8ecf5ad433f91e43ed48

SHA1
cb93ca8736c17c130e8213b7cb42bc2ef95c2ae0

SHA256
fef6cc52d35805b6d0f5e400826b7282e89ba4ec5d0c86a761b566ca0481765e

SHA512
2bb21bfe2d4589b64ec722a2a34a2984304e5d727b3acc089b9326654d88379112c2ebb90174d5e5b5fac708cd90f6786877040886dee11aa1a0cd9fe261f978

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
6925a2bd16e85180a12f4ee36cfc0826

SHA1
b994a33ec234e7b8f02b31c9bb1faa4c49a3af09

SHA256
f49690e6cc5f18dc4039d35656538a5827325fc6695aad5db824ea8fa76ace73

SHA512
8294a202ca4f8947e697a6fd1749fea98b45aabb041b57c4c3540641c2428679ca3b98f9bce98c9889d03d0aaa28e5a806fe01e1fe794b9b8fa83a9b984b81b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
813eb5e1b52dfd533fa63a902dabe1da

SHA1
1e1d49c06980e9b4b72626efc1d40e2b82a93a1f

SHA256
63c8214cea5d0b5b5b0ffd47a884ccd7195f7a51172d4a3f0308d161e1b672c1

SHA512
771ff4cd50e287f35b7bd3e44a8cf9509ba4c9fe83967267c74fa0a0de0d98391bdfc5f9f6292c622b2d81ce8f7eb703ed7f5b7b7b72f918e9513249f1246b48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
3f0ebf013848cb14b03e549d98468315

SHA1
5de33c92065a6dbeac6934f1364133fe93b91be5

SHA256
b1116e58c18885dfa90c4bbd8bf82c62c4e6740c991b112544bbf41899d7034c

SHA512
d76c1d75901e271aacbc04ae843c417633a03f8e47ed478f740922f3edf08cab0082969cc926e87a7bd74a827da374a7b778c7fe2d4b8f767ef014df7efa9be0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
8a6018515523f92d9dc212d257ba4a17

SHA1
f831c2044a15676ed8bca6478ecb04ea20b9ef43

SHA256
2879d372eeb8aa18b22ec8a0ba48aebf3ce8f561f95c7c82b819fdc991443e4f

SHA512
6c6156c723f18f5dacb111815f9cc6177b125a43a2d380351bd8768674a6d9d2ecb6f96511ace6cd2e74b7bdc4314f342d964107f8d2ddcfdccd6929ee97a692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
364f918219a4787719cc44842cbe8196

SHA1
e9f61c9f126a7d1fb10e4e290c1459e1a32a6be2

SHA256
7cdd9c8303d650f0916cc3612dee33187c8f61a40d168270c5aa38139aee71c1

SHA512
ecf6327dd846014e4fa4108b637c5da50e34d17c48045a3277ed43ae7f99838e477c95e0beb626378385551306949160dc8261263e03491a7dcd13c0e72eaef3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
f607b3b0c6cdc7c9382610d2bde14f58

SHA1
ea2a335762ebfbce2119112c1c882af23b353e35

SHA256
c041ff99dafa6ff84dce996641c83e153b3c76d23e071ab380c993729c765937

SHA512
1558a5a407368343afd4f74dc3f97ed421372c593fb61ba40d9ff05ced609b990862374e75b6d006c1c363c7cc7501743ed91e6bb71985c586d000fdbe6b0d01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
be59e44b8867a38581ed075480c960ca

SHA1
75cc9a285cf46efad359f0e28f324275aa5b2d83

SHA256
80473d16abd769816999852396b4d1327ea1842ccb6ad09decbc0b6057886ef0

SHA512
3352b9415b2b4093cf3de0fdfd5b59f5dfdd03a9ad5374d1692c351c979c1ccdf3004b236e60509bf5db615a93016a97d71847b41c9367bb0d898c503c9ad949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
b0ea71c017e7d3c2c738fc3694d56ca5

SHA1
2c615a62b1d060e4ec0bad7e83e2f44f638d760f

SHA256
e1cbcd71f79ff9c8f293cf8cc8e9855277a61fb2e4f7f69530635375b21886f0

SHA512
9a08ebe62b485538f5e0d5ec0097ee178e9148d79a7025c543039f76f9e7f27277a9fd6e59ac274e46a418aacecf6c2eacf870bfb9d2acf78f893ef467c0ff0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
ad3a50dab24f7d0eef07d01ef7eeff5f

SHA1
9bc8703c8cdba051730ecfa39b26a65a47a103ab

SHA256
35f0c1091b5980002a394bfbf2c9e7916ad2f2e9a09bfaa34e3d7765b420497b

SHA512
78a8e40511fa6bc06f7ab4b8627e1e1b9ac17891bc5389b7327f877ca0af6b4beeaa9d6b6bb3796a0aa97744fb40dfd8995ecceca6ae6601c132dacd3e43c96b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
8039927387526ebce132daeaa85b0e54

SHA1
a17ebb8d6a6919b2033c57a189db964925c6fcdc

SHA256
7a0c062ec424ea47d9f20b8df40d3c70d5741b46681f13c9bf7d39bc78a8ac53

SHA512
d378957a6c0d3a2bcf21c14e26ee5c69ce78e227b8afb9f8e3a69af119cfa4ba35aefcdc63addb39bd303cc37d1a46d834497ce5f3050fca5fde16185119b55a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
ec10c808dc0ab573979682b7a89209bc

SHA1
fb8eaf15cd984f748e5d3b6861e14a6cf4dddaec

SHA256
b8590cd7c19e574c1738276b212d7546a47b86a6d6ac3d4b38616589f756772f

SHA512
f1e4256b0e51d05e593224dc3e224864b054930be8727dab3d4862cd03c3bc02f1e4a04aeb9e2a2056221a2b6a7bde66979ab131411e75ee837f173d5734808e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
99962e4fad36060bcb50c6fec4f645f2

SHA1
6e3e1b5d2861c72c4117f4316b6f4807423303da

SHA256
f7916977decba18b56d3780bf0235fe4829b52076e24e7bcc1b2515b394af12b

SHA512
418b728decc1d4dcf98b9a6e0cec4c67ddf9dd821604f9e0613506fa12b7655e09e89c5f8e56a21ceb82baea370ea0578715e7f2d8ceb1d9f7cfc65e3fc85712

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
ede749c3e1043a91f0f8b5365ebc3290

SHA1
ee77c416582c0e346970baca394947f3c387c021

SHA256
b0b1b75b8844ee742d90170be9b4099aae929595b7ed495c102db1c442e7c233

SHA512
d44cc9f06d1fbc162d0009f14373948211fac9517c53603e422bc4207ab241b02bdfc142adaa71880953dd71e8b8834ba88164e17ea6bf8894cb8662a57ba6aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
75bbee4dc02623ce8a1ddc37fd681328

SHA1
8e68aead74b8a31a87d20de9721005b943690891

SHA256
25b46dcb5af169a86781f1f1087b13aae4e392876a9e0c59de91d871184d1baf

SHA512
6084359b6de231a6211488e7ddb019887f812a3fde60af16b866fefde6ff456baa40db6fd06c418d9014e99386fc2376935d623396a43fe7c94c034c3962d968

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
040c238395e0deeeee6ba3f5f0de2483

SHA1
7fceba57664d145becce14e51bd0475f81225bf6

SHA256
d0bb1268b33480eb1a2a1e0cf8f35d3015ff7b9f06e48e17e66563cb791b0908

SHA512
0b5c3bfa64d947f17b4264868ea2ab418da37e7b5cee82f447e34a4e0dc4f664bcdcc26ebbd39c3173e2484d05a95bcbea9e069aaddfbc73d946fddf797cec21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
157d29fe2303e2aebbd04a51b93a3267

SHA1
f981f2749f1ba276a56a179c59a80e6c3b134469

SHA256
ec8beae058f23cdbc873d5c7b65b6be1ab1f0ec222d1cf5d89ce131ae8f5877e

SHA512
76ba1d0f7ef507dcb9cfdb63e4594feb198c03d0b885a71d4e0c1a388f492d90e21d47b46850103a1c5d5911c6ecbdc488a2f466a5ff639ed752785ad17ee5b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
3bc6a6a7b1183b1c73514e7fec1ea3b0

SHA1
b492fdf98fa45a5d0db99f1e6a85b898344362ad

SHA256
da6e8bba9c27e4b484e4fe5c3a0aea9df52e85c5328d91cda415c686f9c0d43d

SHA512
c385bc8af292754f4b6a93bf7ab855b5008b612e8e09237332b22c6881ae4083aae80aa25697904d655ec16a7d57b33eb77d47fb9cca1794ce8ba783fa933877

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
03dcf30a8580e52bc2ecbd2b734e56d1

SHA1
588257b72469b39cd389b7bb2497c7e25702375b

SHA256
f500969b9fd4bd740a886beadf8ff954e3ad7a097e3b2d0804d45f7e8226ce2e

SHA512
5d7d5a56c1ffcb5297aed2d6837d3a27f6a7b43e93705998fbde47593c1348285e37f63ddf37d75a3c25c28bf8415c13bcfe513669f86363ae2a1c8d96f4ca74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
cca80e50705dae970c1604bc04662074

SHA1
18b646b1542c4e5a173ca8ee7a9fe015cea3336b

SHA256
2b44bd8760925952add3a4c3260e1049a3e45edde0b615041aecc139401e417a

SHA512
6bea5785483d22330b594afe58eddc553735d13da964dc5275db192811d90937faa7d7a63e39d1b97a4f160d84ccc0484f0eb1d954f559ce50787b0ddeeac025

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
294360223aae51dd10aac0d310b5cfb3

SHA1
f8def7c7dd970072e26bd0c3fc140ca2a76c4a0c

SHA256
e825d381eda8f0be5625f525f58eafce883ada41ae125803966d37f6c9b8e7d2

SHA512
12e49f7366ea31d844e3c30c086528b4c15213984462d4869f6da1cd94a4a131428a1c5c28775c4fccfec3ee804e3659227a4cedcc2f6e6176effa04c3c2495a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
858e945a682178b45909cd244d6603a5

SHA1
9db0b7bfd1ea9471eb3f5dbe81577159000915f0

SHA256
c2f3240a31b9c6767059bbdcbb9b8ee3fead34b58d5d59a4e706596148b9285b

SHA512
c82499388b378f93562d4cf88edbb546014bda90c649fc2e6469633a597bdacd12053468d4e12ac2c90524a36e8ab29eebca2c68e0bee6afedfbe5ef4c97312f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
8353f08a8044c67af8caf7bc89f44569

SHA1
5d14e9148c541e39c39468483d8e92bf719db9af

SHA256
b4beec61978c244266c0137366ffa288e5897d0823ec9b1f23283d910e1293a2

SHA512
581a0d707e1ad5d4e18331e94283f2e8a35b5456c850aec6ef2efb238a04f9962c77609f7024fe367693391d89f1b3f42b39b0872a72697150a9524571d645e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
501e323dccda6169d7c39f94b464f29f

SHA1
8a8273b6f974d76481bbfeb4edf0e9db2ba9754d

SHA256
9f57175bf27ba8302b401abfef3bb660d7045174fbb2e0b1efef3a6901506ca0

SHA512
64823cf68ba4f8fd3a6f9a379845e753f97ca409c8905d66560d7206e6f725d353abda7c3b3f45250a2d5d000eb37ff4bc7391f7d72fbe0578296d48f3f692a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
82f41e944654431c31457851e6a415a4

SHA1
482a7cf6d653294eb19c309bacd8319da9d7d6ca

SHA256
24c9cecf0dbf69c4c5cff7ddd68efd8e96f1bd8ed71105c26929ea3aa27e3af4

SHA512
bc62bb170308de4b71713f7c03c3debde161de7a0cff8a338cbd07d3a81d9ca7b6733d3268ff524361fdb6d382c7b04c8f191ab8219ca44fa8d26b3a12519531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
c2faec26d4004c97fc0cc6e1e118120d

SHA1
ae225fdc781d04489721d0985a88ddec4a7f3ce7

SHA256
daa4fd6ac228a61326f8dbe3f78c1a0841d3b1072e2fef5b864f3d4d152c5bc5

SHA512
cdacea2ed07f7606356d5a804650a376b01c0e4c2ffaab278d784fef730df621f8e47e7f667aa6596f647756b277a5ac117c479734c322aefee3a707014e0016

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
25e0b07fc0d1198d9ea227374034e6cf

SHA1
7f64de922e5696fa8840432f59a15bf3a7943dc3

SHA256
a0df69924572d2da40351fd15c0ba404358f96f6b87c18fb410f8c2562ceeb59

SHA512
d60da6eb7a0049a6d6b6556dc0dd6cca5e16e2b4098b0421c1a42014d418be272e9a0a04a27fc731da4bfdf037c0cdb6ec7b6d790edc409a3fe3d0b1488c30bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
5776aca65616d32458980b37b0a05646

SHA1
7b23550c04a69203ebd29814feed6302403ea3aa

SHA256
60556ac216025a4dae5f35fd8b19bcd7c6f40e51d414546c92a760efbfe43d20

SHA512
d8b82c2f90584a5af569a88158f49429760b37021d3f905b1c1bce0382828483decfec20782112735d12e3c28228a7b956cb95d23c41e9d802c3c07ada7a48d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
85eeb41534649ee07c7dd61e20f4ad31

SHA1
53b50efcccf6522b46832619daa3716906ad1b16

SHA256
735059ca30ce77ec55fcfa73f452637e5daa6a26b188aba90100f8a63b96bd1f

SHA512
6b77b829aa33865162c577d502a2b72900735abaabdd9b2cdb86c3e7e56524071d4e17e61905a4d922553ac173d826352da98135b75db5a537027516f17378c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
130KB

MD5
ba69e655a1044f96c38f7e5461cb8619

SHA1
905e5d3a2dae6455eaeb0dcdf04c2150877729ce

SHA256
3e88a0b51ce9d6f3fa2305e52f64c7260e221e29508bd8dd3a44ad77af84a10d

SHA512
e8de212bfd7e5c34f91492846221ec1761c33f69a842fdb822aa4079c5d4bdc05b795c84ec49b14771350be013582594b94b72276330bd356655ba163b2a4a88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
89KB

MD5
e8fdf9cb0d6139315095c2c982e16c60

SHA1
29e45964dc4794ad358bb4036f73c632d2ce2f7c

SHA256
7222ee4f8fc7ff0e7225e5dd993d074a23abd54106525dab47cab3ef8f9ae036

SHA512
f39e5fd8eaa9e7e558435718e0af1fd182c08e690455a3e94988bc8815951cdc559a958332b3e02dc9051601244027efa78f4eb3f0a3cd04d16f82e9c06aeaf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5903ee.TMP
Filesize
88KB

MD5
cefbdd193b22e5e6228eb8dd9801e57a

SHA1
0a7aa9f701f2517afbf30e82cac628ff3b9fe494

SHA256
0d9aaa99ec198c349cdb6226a2db5fa59f2b01beb683a05be92aaa83c2f96ead

SHA512
2f868c553a42d4d57a8577c0b06a1823c70390156fa0972aeb217475a693c63d7e8a99f498d7263dc36e46c7d279759323aa2951d81e7b0f5044310b36654e34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e16e070e-27e2-4b9e-85ab-a744bf8bfdf7.tmp
Filesize
130KB

MD5
bf603c8a784f7f819914ba2090ca27a6

SHA1
0ed649039477c969d7be5251df5aaa51e2984925

SHA256
2b85de628a45d621ebdbd350f64d985e56e6869e76fd2157454927061075fbfd

SHA512
04ae85ad12a741c13c455cd53b2582802c67f13eb4c742160520be6d5cd0d5385e770095d605bf01576c5cb2ebc6b85a4d8143dd29cc4937ab7f6df8781c5e7f

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
Filesize
10KB

MD5
2cb9e3f89741961748d38d15dfecc8fb

SHA1
11f89dfac73dfacb194fa01bf6e7fddb38c1f6d7

SHA256
e76dcf1390543fde2ae6fd8263e90df10923df9dfe78a5fb588a50654577fd13

SHA512
20557311d13320d2f7c8bfb99e49c8af30dbcbace0faaa5101f9ea893a017a55100bf2b3c466c9d9cfe4fa8a8affcef9223a870abbcf571492fa90abd0e748f2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll
Filesize
488KB

MD5
851fee9a41856b588847cf8272645f58

SHA1
ee185a1ff257c86eb19d30a191bf0695d5ac72a1

SHA256
5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca

SHA512
cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll
Filesize
43KB

MD5
34ec990ed346ec6a4f14841b12280c20

SHA1
6587164274a1ae7f47bdb9d71d066b83241576f0

SHA256
1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409

SHA512
b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
Filesize
139B

MD5
d0104f79f0b4f03bbcd3b287fa04cf8c

SHA1
54f9d7adf8943cb07f821435bb269eb4ba40ccc2

SHA256
997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a

SHA512
daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
Filesize
43B

MD5
c28b0fe9be6e306cc2ad30fe00e3db10

SHA1
af79c81bd61c9a937fca18425dd84cdf8317c8b9

SHA256
0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641

SHA512
e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
Filesize
216B

MD5
c2ab942102236f987048d0d84d73d960

SHA1
95462172699187ac02eaec6074024b26e6d71cff

SHA256
948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a

SHA512
e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
Filesize
1KB

MD5
13babc4f212ce635d68da544339c962b

SHA1
4881ad2ec8eb2470a7049421047c6d076f48f1de

SHA256
bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400

SHA512
40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll
Filesize
133KB

MD5
a0bd0d1a66e7c7f1d97aedecdafb933f

SHA1
dd109ac34beb8289030e4ec0a026297b793f64a3

SHA256
79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36

SHA512
2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll
Filesize
5.2MB

MD5
aead90ab96e2853f59be27c4ec1e4853

SHA1
43cdedde26488d3209e17efff9a51e1f944eb35f

SHA256
46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed

SHA512
f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.dll
Filesize
4.2MB

MD5
114498719219c2427758b1ad9a11a991

SHA1
742896c8ec63ddbf15bab5c1011eff512b9af722

SHA256
913059869dca00dfa49bcf2691b384eb9804739d9148e3671cf1d6b89c828c42

SHA512
4f36ea0c5e8af8087ecf92fa49e157dcc94a1cc68563fc97b3fe026b92c0abdbe640bf347c24a666f59b60380367f85daab1a15e2c4902921e63e1b741c01452

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe
Filesize
85KB

MD5
5e1bc1ad542dc2295d546d25142d9629

SHA1
dd697d1faceee724b5b6ae746116e228fe202d98

SHA256
9cc1a5b9fd49158f5cca4b28475a518cb60330e0cad98539d2a56d9930bdf9f9

SHA512
dc9dbecec37e47dd756cd00517f1bfe5b27832bd43c77f365defc649922cb7967eb7e5de76d79478b6ebfd99a1cc2e7e6b5119a05a42fd51a1c091b6f00f2456

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\BrowserMetrics-spare.pma
Filesize
1.2MB

MD5
3ea587d4e649dbf22e1a36f4e10b3270

SHA1
27816b6083377e9dbe0780e011fc660064b10bfe

SHA256
2f40ca6eed4996065397d4f9dd26f19070719b4de844408b9f743c2242cd2fd5

SHA512
128a5657632d6f5903907db960f49f69f294d80e8140f7c33378e54c23b85cc2bb3d95a6b9c597255c5ecded44a6da9e2e3a56e6202f5a209e2491e7e6c7dd5a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\manifest.fingerprint
Filesize
66B

MD5
33fc4bf1927352bc1845acdde3a6ba63

SHA1
63ac2f004ac10198e729e9ccf55f6ac4f7f3c622

SHA256
4ed04e713c9d8f5d80e83645b62f1be84ec0516d37f339b3d443d8f792dea113

SHA512
7e38e264713750baf58dd9ad779885a7aae5a6fcb825eaa44b3cf814dd09cd0bf8f95b5ab5db600d19a64b02ec2155b4c9a3bc2a86e9b18eece8b3100e8c2ff1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\manifest.json
Filesize
113B

MD5
b6911958067e8d96526537faed1bb9ef

SHA1
a47b5be4fe5bc13948f891d8f92917e3a11ebb6e

SHA256
341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648

SHA512
62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Crashpad\settings.dat
Filesize
152B

MD5
cf63f244383cd97068810dd0ef1defdc

SHA1
3874a846c1d7424036bc0a7ffbe69ba732414971

SHA256
e570370a2e2046cfb1103e8bc37de70b2ca837cfaf96514f9e9f9314ceb22591

SHA512
6c1c77407b574d36f1fe6e48b9caea84a23f5109a73b0bae7c15867ba626f6a196a8611124535bec494b8317226fb975d0bf9fd41f1dfc34e24c1fc74e1c92a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Crashpad\settings.dat
Filesize
152B

MD5
96c6c405212be78b5c5ae27739ecda96

SHA1
7f509908cd3c4ba5c7e50005658cdd328567cc83

SHA256
296c1b26327e2050b7b25911e47c37b5fc06f492b61a571f52fc81a3a45f1e2d

SHA512
a4220c1117bb165334c91694d9203fbfc16c7cd7f3c81f1de48d395fb3260ae7d1c2ccd03729966bc8e43c99f8c38a914277ac6cf1424fc989fcb592507a6e51

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Crashpad\settings.dat
Filesize
152B

MD5
a2de9a91dff719814f3d2fdbafcc0ee7

SHA1
46680cbada276db02dd0750eb75913df7ae053f3

SHA256
01d189691c76bfaa8f480cdc1300d49511eb2dbfacfaf5de53f1ea436fbf1caa

SHA512
741c17ace57b306b2c9999377f652454827d2cea18484813de704d6880f0a7eb2104656fa07a36cc1fd4a76328fcd2b9228f8d6536a3636398bf9e1a64b46275

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Crashpad\throttle_store.dat
Filesize
20B

MD5
9e4e94633b73f4a7680240a0ffd6cd2c

SHA1
e68e02453ce22736169a56fdb59043d33668368f

SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index
Filesize
48B

MD5
b204a104d000ec8c525839510d805a54

SHA1
142ad06632aeef4e925d46506bbec47016f9d4d9

SHA256
a8d3bb73121b22fbd84ca2c12e0dd8aee7821a5ced9ee288143c0317a1e39360

SHA512
3c93013a88afd14e3ad1cea0d9ad4436306285acc3780c4949de17b49e36045aac3e747657a0225f271599bfa63fdcfb5965e3cec43743078b343d9c654dba29

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Extension State\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Favicons
Filesize
20KB

MD5
f56e431b1d09b7ee9076ac27c118cd1e

SHA1
fd00bdd050f91f04e12091c5786438f7f9b0b28f

SHA256
0db6438854d1086c869c9bda01877547517cd155cc8336dc1838abe3458b4bf6

SHA512
54f7b298f2f7447fa071f58bdb1bb80acbdb1c0de4ea46760d391427649b8f255f040c650ab758700289ad5b35096ef8192eff77c4e3c47d72713148a4ad3714

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\History
Filesize
164KB

MD5
839f896db66463e5421c78159fb9d2c5

SHA1
2e95047afa9298384890bdb6a86f69057d3d8040

SHA256
14d19bd67c4d04e46f65a8411cac9c85e08f54019b1ac96c8b91eab814f723a9

SHA512
f58878ce48e6226fc5e651b404d54c9671f860dde7aac37d5a13495ba6060d7d0f8971447833e0835fd90d5c738df7d1d3348b532a14ef136f23b16f277cc77b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Local Storage\leveldb\LOG
Filesize
381B

MD5
594c971bc3d099ec65d6c5d24043e260

SHA1
c4ff92432425b86d52d964f710ed88e398a39826

SHA256
f08ce00721ebd67fa7b2e7e3b8a831c70802d52ca8f859fdcad4eee629563167

SHA512
d7ad689834fcb566482e060e5cbf3fd8154b0c6be70e1362ac7e4af50a367a139305122e7b285d020746564d3552ed2cd28535d4c545fff1f133607512555175

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Local Storage\leveldb\LOG.old
Filesize
343B

MD5
968fdec5a3c1cac6b56a8081595dee57

SHA1
2d04804a8051fae94c9eeef0a421b0c386486c9a

SHA256
1664d59c898ae0e89ca11a7486ad7d08780fe6c4e9349b017b2362d472c2f37e

SHA512
8543f97d22ac4efc225a8577dc4ba7caa279d8bb1afa2a1f3a5f35a7c58e910721cad3deb5441116b5c9266915d245e716c9e21cc1d3e523ab78ccd19b77b6c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Login Data
Filesize
42KB

MD5
5cdbe5fe7b39e0617a15efa1daca1f6b

SHA1
eace7b5e04c4d3fcb5a48baf00a9f1aa41ff7e13

SHA256
ee6731dd6cdae816e48422f6f77482460ec71446d7450e7d9c363bc4f76a0842

SHA512
8e85f436537d2a15fdbb1199af7f1df7eed3f31a9b8b1c2e299bfd6bb9c511279eace1dac6a3edb62b7be458d68e4c24e82e466dc2095bff5f6cfa8d844e6e42

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Network Persistent State~RFe592fc1.TMP
Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Preferences
Filesize
7KB

MD5
9750eae0482546759642068a56c3d763

SHA1
6e177c1459a6083630ebc2b69cd5551c83cdb31b

SHA256
ffb352c8abadc7a2842527cabb9ae7cdb1f625fcf65988e361294b39eacd14b9

SHA512
e5791f5e99265d42ff0086c77c1641957a8a128dcfb22f9e71e0bb1578fa8a9d81d52054eca35745fe1c90db6e4d09f841032d97cefef98455c0841582b800d0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Preferences
Filesize
8KB

MD5
2af7c2a9c2bca7e64ee98a3651fd03fa

SHA1
458d97ff8251fac11f8e399a22f136a15313c038

SHA256
cea2884f57d09074563f97b314cd76509c11fbb2037a9aaae700fe53154eee94

SHA512
b17e8b662339bf3cb6df625739979aeb2eb376974e5173c404cf5991f1954f695846091e673866f8df70a6f2049fe83c28e1874b60ab02e8413623594adc3ec0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Preferences
Filesize
8KB

MD5
f37fd43266f2f6407350772c3439b7d7

SHA1
c6378e77bba20de2e8589dd55137871f4ad1731f

SHA256
4886d44971e8ed6648754a8530e8dfa10f2e272b05c95c612f5dbf35a5e95eef

SHA512
9bf602ac1965581450105af641ed972df8252abf3a5e13fc0d9336fdb36676570aed5153a2af425c4220f746de4960056f40c07db67c04f115881500cbf6a486

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Secure Preferences
Filesize
6KB

MD5
5acee47fedc491bb4ce27a9bca3a5114

SHA1
330af470fd342e369b11610455740beebdf224aa

SHA256
701ea0da2428f1b4398ae03341a1f2f84d46cb01153df3cd9dfb8a7513a0c3d9

SHA512
7d2e62f06442ad1fceba1d8c103d1006eb4b0c6061fdf03f096eba27c2d2d3e7b3473f18e55882a412fa13731609a25d741420413f0ad2958d2ad667a97fea9f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Secure Preferences
Filesize
6KB

MD5
0fb5c3fad62002e8a88b4061bc87abe7

SHA1
21a3e0430cc2110ddb284b233ff7b2bc4793595a

SHA256
705d5cb2adf33acf2014a9ea8def0597d762285bc6efd0401f59dac9d3cebb7c

SHA512
6031de298ad42ea424071141c5644c517e522357c38c3b27bf6ff463968be8230dca9fc8b853b0f711c29ea9654ada4d380ce192fe61eddd536efd4501097392

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index
Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Site Characteristics Database\000003.log
Filesize
40B

MD5
148079685e25097536785f4536af014b

SHA1
c5ff5b1b69487a9dd4d244d11bbafa91708c1a41

SHA256
f096bc366a931fba656bdcd77b24af15a5f29fc53281a727c79f82c608ecfab8

SHA512
c2556034ea51abfbc172eb62ff11f5ac45c317f84f39d4b9e3ddbd0190da6ef7fa03fe63631b97ab806430442974a07f8e81b5f7dc52d9f2fcdc669adca8d91f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG
Filesize
400B

MD5
de97293873787743b952e2a339b41268

SHA1
edbd2d35a7cf84b24518892ba3adcbeaa427255d

SHA256
a315443b073f5bc7484ca4ba612de9a4b4243b14e20ac33058143cec3016bda5

SHA512
4add13d0ea5efa7eb4c5724656dfa81714bbd28b32bead16e74dfc2464a4a77e680a65b46f047d594d3a52cdd9c5c7ee4d3c7f9b1a83e5b05ed1bc44cbc2329f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG.old
Filesize
359B

MD5
477a0b0590dc7a632935543405533317

SHA1
7490cf78dc0733e382df61948a1a51f648e024b4

SHA256
3db6ec9362c109c7bde17c580ff20e9ebe8bb9b3da87fea88b460d88bf57f7b8

SHA512
3eef260fd3d6b1b6f8dc6691e8c8ebbe710dd463d24a399eb950307e0702fde566f59eb025d6e7cd6ca501946a036e9fba087399a9e6c91a626b934bbeb837dc

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\000003.log
Filesize
46B

MD5
90881c9c26f29fca29815a08ba858544

SHA1
06fee974987b91d82c2839a4bb12991fa99e1bdd

SHA256
a2ca52e34b6138624ac2dd20349cde28482143b837db40a7f0fbda023077c26a

SHA512
15f7f8197b4fc46c4c5c2570fb1f6dd73cb125f9ee53dfa67f5a0d944543c5347bdab5cce95e91dd6c948c9023e23c7f9d76cff990e623178c92f8d49150a625

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG
Filesize
376B

MD5
edab9de6a31417d8e220c35f6f7d55ef

SHA1
cc481322fa8352538bfc646461dc49be03b6c7dd

SHA256
60138b9870208b6f743973b0608112a48b1f13216359d42421cbe77988c3e2c7

SHA512
a01d6fc253190d85c2392a055887d4c1f50261083d950ce33ec9b9ae77ee3e3c020633d9a09f9e4e17a4fc5e7edaecbcd9201d137730db593a2698b60e915458

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG.old
Filesize
335B

MD5
e5917b68dc2900bb307ddb54d4b515c6

SHA1
63eb21e162bdbdb46d6da7bd1f5207f28dc793b7

SHA256
ff703be1250cfb7825f1df4fab4877f757cce971dec797dc870d9b7c924297dd

SHA512
5f7aec774914aedb5fdf028a98c56ff22397bc7f4b5ab7e44b69f3566a7f67c854fbfc064b9e8fd216ac41cc7951e2ef860c7a0988ae6a31c0fb5f3c4a9d09fe

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Visited Links
Filesize
128KB

MD5
7cde308e5674cf63befb362fa3c259c7

SHA1
eba8e24b26f2c79ddc661bbfe8d76f03e35a55cf

SHA256
f37346293637f0637d4974d7dbfc746c648073f92ec185b65bd5c429bdb2b34e

SHA512
6fbb089ce8145276beebf86258066dfa02ce0d52a1c87303d05fddd6683f72133fd0285ddd6d40a519d4659aa76bc4677a713783dbfd0f244fd3052985be6b05

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\Web Data
Filesize
218KB

MD5
b25e478bf9c16b2aeff527cdc5a8118b

SHA1
71cfca2372d51273795f8a15251caf1091731b80

SHA256
49e7938adf25e8a6c1d0f5050744baa58597bdb895bd7d3d8eefa52e5eab4a72

SHA512
0c96c4189002e841d11acd42e998c70d9229df0aa4897f9bc1f62f42e67762b100fdfc3f8c29df318248bfa35a48d8a9b394bd6ae9da1479876098d55601b09d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\a2084f9c-a6a8-4b07-a7e8-f2323ae66d79.tmp
Filesize
935B

MD5
c1cfa4ed122930f288f1e6a916b01cd6

SHA1
bdb408b090a1a8c48227defd19f47a479325dcb6

SHA256
7612cb8c1f3fb470c1dc92cabffee50569ab91aeb92a9967d939cbad7f46e47a

SHA512
5f75a5099f08eb0241ce2827bb2111e1f3d301d1460a9ffef479f931ef2a362521c59d391b4c277e57d72dc7279f09378bca145cc99dad2a628d857809694000

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_0
Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_1
Filesize
264KB

MD5
17bd7672040db656308d76d6e66a3095

SHA1
8ed1945d141244a8807a94d78f9150f4a311a31f

SHA256
73c89191d5808f65ddf660bff7827dd0aaa68747418749c5f2835bb824a0e665

SHA512
c3c8fdb9212f7187715454a64f4888f8cbe4805b8d0f754875fc11d623df27976c62eb58c64f35399d6e63d3094262ab9169c0255653d177feced62d8d6aa0b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_2
Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\GraphiteDawnCache\data_3
Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Last Version
Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
19KB

MD5
b14435a06a3006f7ff0f4065288b8daa

SHA1
f69dc497da1da8fab25c90401b45b8732380bd7e

SHA256
107744a3f703dbe52b177ff03437d6b5a8f19b876e1a4c6e70a22d270be217c1

SHA512
a712063c930972fd7612749e714a321c5add4af1d41e2385eb2d5dbc95fcb9d1d04cdb9ffd79200cb4b946f414371a2c7f5c4f12e7d843bce65f411aadc1a75a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
22KB

MD5
ae62509dad39d748793d2c9ca75b047b

SHA1
9d803b68c93613314eb425d461cf7de72f8bf2b4

SHA256
dea52a800be9b4c4fa1cf702334f9abd3374439fd3853e4885d964305030b4b5

SHA512
a35516e5718d19b3ecb5b2921cf661321642bf8c4a09a3dc79fe886c6120686ab40147153188cc7f9cfe5f01799b986a19a7a6db5a090231a5530eb67b4a823d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
23KB

MD5
a857163a0dcf201f4db8b2261295ce84

SHA1
1f6a275e7a0142e8a5fc5c82dc897eef6ba39d48

SHA256
49c1ffcfd2ae8bf459286f1daad6093e6b1d711544f6ec996c126da79e71d0a6

SHA512
6aa975d8124dafd9de394a6148a3e4113731f127a2770c30caa1c634317584143872361adf26387acc565b31ece7639bb088d124274e3e6b6d87676ef776d77a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
23KB

MD5
018f25c3228c74b3a45b53982c0935b5

SHA1
59dcb7eb3b60838c8c4dd230dca0ceb2f6fdbf40

SHA256
421863d4a47d3bf22cbb63472863aea8fce0b9c887e5be3ca5626d24bfdb38ad

SHA512
a0e15203d3891337b903caa7d874c16340cb0a07d3bd364d33bc84296e1c2a90294e5c78c6d0a6dea5e7c67732b14abf84cc0c627be98425236a69e6e437f04e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
23KB

MD5
3ae8699378b1df6ce1c6fa570bbe4e8e

SHA1
533cb6d0796942f70b1817bd5830304eb7a46f04

SHA256
fd3fa52c3bcad4c3869ae88cc3486203e2ed26f4650b47394a4a6249e8433db7

SHA512
c1ea3942a20e728588478cd54558e2217b703b3cfebf867434124c77c05d6610f781b70700912cdbea46213238d1b5249c06305d5c2ce1af8c93f6e78fb09a69

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Local State
Filesize
23KB

MD5
807e4f7511d633776eab268c647b3fb7

SHA1
d76721eca913b0524c98be82a5eb99ac6c0dd638

SHA256
76cf29ed1c32771834b6a3b977552c3c83d15bcd794b2ab5b6b4e733ec1d27a5

SHA512
ad231f0a5923bb43b138e46b8f213e4861ab4815247b7ccd2e883fcb79cece94bc24a3e42198289f93d6e20ff48e04ad4e82a8779a85f19ef0486c308ca990ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\OriginTrials\0.0.1.4\manifest.fingerprint
Filesize
66B

MD5
7ce55ac0d7683657fd051e573ad06e30

SHA1
3bc51fbc6155c4e9d1439587e1c739995054cc52

SHA256
138e2b36e4c8bec8b00180558843355037d7de99c389f46e6183c4fc5a34c790

SHA512
f269c5c2ee53ed836bfd1b928b40e1ddb2aaea00e5585c85fecfcb1add71130d4ecfe91d2f2527934ac472c8b432d3475ca02b8f808e7e6014cd49155529d9a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\OriginTrials\0.0.1.4\manifest.json
Filesize
43B

MD5
55cf847309615667a4165f3796268958

SHA1
097d7d123cb0658c6de187e42c653ad7d5bbf527

SHA256
54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877

SHA512
53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Speech Recognition\1.15.0.1\manifest.fingerprint
Filesize
66B

MD5
5bbd09242392aacbb5fac763f9e3bd4e

SHA1
14bb7b23b459ce30193742ed1901a17b4dcf9645

SHA256
22b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297

SHA512
541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Speech Recognition\1.15.0.1\manifest.json
Filesize
76B

MD5
ba25fcf816a017558d3434583e9746b8

SHA1
be05c87f7adf6b21273a4e94b3592618b6a4a624

SHA256
0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

SHA512
3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Subresource Filter\Indexed Rules\28\scoped_dir2132_778131613\LICENSE
Filesize
24KB

MD5
aad9405766b20014ab3beb08b99536de

SHA1
486a379bdfeecdc99ed3f4617f35ae65babe9d47

SHA256
ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

SHA512
bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\manifest.fingerprint
Filesize
66B

MD5
88ee70021dc7963e80800e95e2d84685

SHA1
faf1a82055b22ff87579413bf88ae61ff908f815

SHA256
4fddeb8ba4bd8533e08121c1fe7c6c976332f2d0d3b9347cdd636e4cf6520580

SHA512
83c9079f58b46fa0806ea1d26988adf410f76853609109ce936a6a4f734a808e42186da8e909c04928899f5b75ff1e5d0fb477ebf1aa5c06b191ff8589047efb

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\XcHvYYrNa.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\manifest.json
Filesize
116B

MD5
178174a0125d4ff3ed5211426f1ea113

SHA1
26f72c5a2f65c767c4edb04d8da62bdadc02e809

SHA256
64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f

SHA512
c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll
Filesize
522KB

MD5
e31f5136d91bad0fcbce053aac798a30

SHA1
ee785d2546aec4803bcae08cdebfd5d168c42337

SHA256
ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671

SHA512
a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\vcruntime140.dll
Filesize
99KB

MD5
7a2b8cfcd543f6e4ebca43162b67d610

SHA1
c1c45a326249bf0ccd2be2fbd412f1a62fb67024

SHA256
7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f

SHA512
e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll
Filesize
113KB

MD5
75365924730b0b2c1a6ee9028ef07685

SHA1
a10687c37deb2ce5422140b541a64ac15534250f

SHA256
945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b

SHA512
c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1

Download Submit
C:\Users\Admin\Downloads\SolaraB.zip:Zone.Identifier
Filesize
108B

MD5
63dacf6b95b547374e6c1f9b42b6e785

SHA1
42cb19febec56ac4454c87b1d12851266a8faac9

SHA256
0654da2800aeb5b4c9f7b561b3681c779e76b0db4dc244252b57e7cf79f42d48

SHA512
e0e7f0840a8290e76ad8b9684130ac2dfc0f2013df59487e74d8a06bf9c94311f28522b95a180e123b1cc4cd4e8c466ca7f30107683eb7084516be7a51175cbc

Download Submit
\??\pipe\crashpad_4524_GFNKMOBPOUDNPNIP
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1416-2759-0x00000184266E0000-0x0000018426A58000-memory.dmp

Filesize
3.5MB

Download
memory/1416-2127-0x00000184266E0000-0x0000018426A58000-memory.dmp

Filesize
3.5MB

Download
memory/1416-1997-0x00007FFF5BBA0000-0x00007FFF5BBA1000-memory.dmp

Filesize
4KB

Download
memory/1748-2829-0x00000159993A0000-0x0000015999718000-memory.dmp

Filesize
3.5MB

Download
memory/1772-2128-0x00000291131A0000-0x0000029113518000-memory.dmp

Filesize
3.5MB

Download
memory/2032-1959-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-1943-0x000002267DA30000-0x000002267DF6C000-memory.dmp

Filesize
5.2MB

Download
memory/2032-2152-0x000002267F9A0000-0x000002267FA52000-memory.dmp

Filesize
712KB

Download
memory/2032-1972-0x000002267D680000-0x000002267D688000-memory.dmp

Filesize
32KB

Download
memory/2032-2106-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-2107-0x00007FFF4D740000-0x00007FFF4D764000-memory.dmp

Filesize
144KB

Download
memory/2032-1974-0x000002267F310000-0x000002267F31E000-memory.dmp

Filesize
56KB

Download
memory/2032-1973-0x000002267F340000-0x000002267F378000-memory.dmp

Filesize
224KB

Download
memory/2032-1961-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-1962-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-1960-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-1940-0x000002267AEB0000-0x000002267AECA000-memory.dmp

Filesize
104KB

Download
memory/2032-1946-0x000002267D760000-0x000002267D7DE000-memory.dmp

Filesize
504KB

Download
memory/2032-1948-0x000002267D470000-0x000002267D47E000-memory.dmp

Filesize
56KB

Download
memory/2032-2155-0x0000000180000000-0x0000000180ACA000-memory.dmp

Filesize
10.8MB

Download
memory/2032-1944-0x000002267D6A0000-0x000002267D75A000-memory.dmp

Filesize
744KB

Download
memory/2032-2153-0x000002267F6E0000-0x000002267F702000-memory.dmp

Filesize
136KB

Download
memory/2052-1941-0x00000000748E0000-0x0000000075091000-memory.dmp

Filesize
7.7MB

Download
memory/2052-55-0x0000000005850000-0x000000000585A000-memory.dmp

Filesize
40KB

Download
memory/2052-58-0x0000000006360000-0x0000000006372000-memory.dmp

Filesize
72KB

Download
memory/2052-56-0x00000000748E0000-0x0000000075091000-memory.dmp

Filesize
7.7MB

Download
memory/2052-53-0x00000000748EE000-0x00000000748EF000-memory.dmp

Filesize
4KB

Download
memory/2052-54-0x0000000000E80000-0x0000000000E8A000-memory.dmp

Filesize
40KB

Download
memory/3124-2129-0x00000244C1F40000-0x00000244C22B8000-memory.dmp

Filesize
3.5MB

Download