Analysis Overview
SHA256
fd1f253b7e560ca0a80e4645be97f6529eb21080d6b68c7ccb34c0855a99648d
Threat Level: Shows suspicious behavior
The file myfirstluagame-worm.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped DLL
UPX packed file
Legitimate hosting services abused for malware hosting/C2
Detects Pyinstaller
Unsigned PE
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 15:53
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 15:52
Reported
2024-06-06 15:56
Platform
win7-20240221-en
Max time kernel
77s
Max time network
151s
Command Line
Signatures
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe
"C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe"
C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe
"C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7369758,0x7fef7369768,0x7fef7369778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2284 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2300 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1712 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2804 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:1
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3572 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3688 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3804 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3904 --field-trial-handle=1196,i,13067084568906712591,15635319060246158332,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI20242\python312.dll
| MD5 | fb8bedf8440eb432c9f3587b8114abc0 |
| SHA1 | 136bb4dd38a7f6cb3e2613910607131c97674f7c |
| SHA256 | cb627a3c89de8e114c95bda70e9e75c73310eb8af6cf3a937b1e3678c8f525b6 |
| SHA512 | b632235d5f60370efa23f8c50170a8ac569ba3705ec3d515efcad14009e0641649ab0f2139f06868024d929defffffefb352bd2516e8cd084e11557b31e95a63 |
memory/2072-1061-0x000007FEF5C10000-0x000007FEF62D5000-memory.dmp
\??\pipe\crashpad_1488_HBYWFUIPBEMYKGAH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 967dd602b12036869c84f2d9493733fa |
| SHA1 | 2f33e93b6f38f3b0d5f1ab0bb4cf32cf7f56349c |
| SHA256 | 4e45e14f6945dc2ad64bb1dd87d314b5423c8cffa5c8c5b584ac5dcaad3a5822 |
| SHA512 | 3062673627e222cb651912f12497332a8f8cba529f8129ef05c760d0dee1d5b342184666142236e2cf2cd9d4ff963ec2ec692e5da6e73a4be1e106df9f298fe8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 14bf5f01b691b7643b6c0290bc50404c |
| SHA1 | 61ec2dea571ab5b9b973193f79ceb183edfdcbc0 |
| SHA256 | 3ed3934a7df5327b66ab38a167b0232a696dcd05e36bf3d6daf898bee0861baf |
| SHA512 | 38071095461f6eb6f9a9f31bc89d94020c67321363e055c86316398b3f2adb551c5fefcc42a0a41136559c3c3ffae466da0a2c313d45290e67f90f27cf4bb47c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 20480e3cf8d9dbb301293f156adbf116 |
| SHA1 | f181dffac98886d88e3ca436d60318953944197e |
| SHA256 | 9b5fe343f6228316f4f1bbffecbae71b1da833a069382de807c5f7fd992b82f4 |
| SHA512 | 5c32118770114f74b8afdecc8f9742ce10c687004eed6f77e8e4208f5af5808313ed2fde36e3aba26490b75cd2e8fa80b62e925cf4a764d7b075a0cff8338c8f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 15:52
Reported
2024-06-06 15:56
Platform
win10v2004-20240508-en
Max time kernel
129s
Max time network
106s
Command Line
Signatures
Loads dropped DLL
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2928 wrote to memory of 4356 | N/A | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe |
| PID 2928 wrote to memory of 4356 | N/A | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe | C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe
"C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe"
C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe
"C:\Users\Admin\AppData\Local\Temp\myfirstluagame-worm.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| N/A | 127.0.0.1:59386 | tcp | |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| BE | 2.17.107.107:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 107.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 233.143.123.92.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI29282\python312.dll
| MD5 | fb8bedf8440eb432c9f3587b8114abc0 |
| SHA1 | 136bb4dd38a7f6cb3e2613910607131c97674f7c |
| SHA256 | cb627a3c89de8e114c95bda70e9e75c73310eb8af6cf3a937b1e3678c8f525b6 |
| SHA512 | b632235d5f60370efa23f8c50170a8ac569ba3705ec3d515efcad14009e0641649ab0f2139f06868024d929defffffefb352bd2516e8cd084e11557b31e95a63 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\VCRUNTIME140.dll
| MD5 | be8dbe2dc77ebe7f88f910c61aec691a |
| SHA1 | a19f08bb2b1c1de5bb61daf9f2304531321e0e40 |
| SHA256 | 4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83 |
| SHA512 | 0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655 |
memory/4356-1063-0x00007FFA03640000-0x00007FFA03D05000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_ctypes.pyd
| MD5 | a8cb7698a8282defd6143536ed821ec9 |
| SHA1 | 3d1b476b9c042d066de16308d99f1633393a497a |
| SHA256 | 40d53a382a78b305064a4f4df50543d2227679313030c9edf5ee82af23bf8f4a |
| SHA512 | 1445ae7dc7146afbe391e131baff456445d7e96a3618bfef36dc39af978dd305e3a294acd62ee91a050812c321a9ec298085c7ad4eb9b81e2e40e23c5a85f2cc |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\python3.DLL
| MD5 | 79b02450d6ca4852165036c8d4eaed1f |
| SHA1 | ce9ff1b302426d4c94a2d3ea81531d3cb9e583e4 |
| SHA256 | d2e348e615a5d3b08b0bac29b91f79b32f0c1d0be48976450042462466b51123 |
| SHA512 | 47044d18db3a4dd58a93b43034f4fafa66821d157dcfefb85fca2122795f4591dc69a82eb2e0ebd9183075184368850e4caf9c9fea0cfe6f766c73a60ffdf416 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libffi-8.dll
| MD5 | 08b000c3d990bc018fcb91a1e175e06e |
| SHA1 | bd0ce09bb3414d11c91316113c2becfff0862d0d |
| SHA256 | 135c772b42ba6353757a4d076ce03dbf792456143b42d25a62066da46144fece |
| SHA512 | 8820d297aeda5a5ebe1306e7664f7a95421751db60d71dc20da251bcdfdc73f3fd0b22546bd62e62d7aa44dfe702e4032fe78802fb16ee6c2583d65abc891cbf |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_bz2.pyd
| MD5 | 980eff7e635ad373ecc39885a03fbdc3 |
| SHA1 | 9a3e9b13b6f32b207b065f5fcf140aecfd11b691 |
| SHA256 | b4411706afc8b40a25e638a59fe1789fa87e1ce54109ba7b5bd84c09c86804e1 |
| SHA512 | 241f9d3e25e219c7b9d12784ab525ab5ded58ca623bc950027b271c8dfb7c19e13536f0caf937702f767413a6d775bed41b06902b778e4bad2946917e16ad4ef |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_lzma.pyd
| MD5 | 05adb189d4cfdcacb799178081d8ebcb |
| SHA1 | 657382ad2c02b42499e399bfb7be4706343cecab |
| SHA256 | 87b7bae6b4f22d7d161aefae54bc523d9c976ea2aef17ee9c3cf8fe958487618 |
| SHA512 | 13fc9204d6f16a6b815addf95c31ea5c543bf8608bfcc5d222c7075dd789551a202ae442fddc92ea5919ecf58ba91383a0f499182b330b98b240152e3aa868c5 |
memory/4356-1078-0x00007FFA18320000-0x00007FFA1833A000-memory.dmp
memory/4356-1079-0x00007FFA12BF0000-0x00007FFA12C1D000-memory.dmp
memory/4356-1074-0x00007FFA1B9D0000-0x00007FFA1B9DF000-memory.dmp
memory/4356-1073-0x00007FFA12C20000-0x00007FFA12C45000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI29282\base_library.zip
| MD5 | 8dad91add129dca41dd17a332a64d593 |
| SHA1 | 70a4ec5a17ed63caf2407bd76dc116aca7765c0d |
| SHA256 | 8de4f013bfecb9431aabaa97bb084fb7de127b365b9478d6f7610959bf0d2783 |
| SHA512 | 2163414bc01fc30d47d1de763a8332afe96ea7b296665b1a0840d5197b7e56f4963938e69de35cd2bf89158e5e2240a1650d00d86634ac2a5e2ad825455a2d50 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_wmi.pyd
| MD5 | db08907bdaee97a5e6e7c710fa7c8c89 |
| SHA1 | 770dac1472d1680b7cddc65c3e1c95e7231135a6 |
| SHA256 | 87c83cf09611d382d3886e396819258be29ee5bbcb15924ee9d7611b9aebb24e |
| SHA512 | 502a283beef61985b9365731e60a9170672abfb96c925e5d79067233a70498d15af8af2125e8ebfbea3043fed3732ddff46d79ff22182333d5d2c7017653e1a4 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_uuid.pyd
| MD5 | 353e11301ea38261e6b1cb261a81e0fe |
| SHA1 | 607c5ebe67e29eabc61978fb52e4ec23b9a3348e |
| SHA256 | d132f754471bd8a6f6d7816453c2e542f250a4d8089b657392fe61a500ae7899 |
| SHA512 | fa990b3e9619d59ae3ad0aeffca7a3513ab143bfd0ac9277e711519010f7c453258a4b041be86a275f3c365e980fc857c23563f3b393d1e3a223973a673e88c5 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_tkinter.pyd
| MD5 | 45110d54d0eada5ec11e9b2e39ecb3bb |
| SHA1 | 9962f19921b1838a542a9c43ddb909da1595581b |
| SHA256 | 288bb124bb036e0b79d309fa64743d0bda54ec33ccb365867f92ee1a2629477b |
| SHA512 | 5d53e25a7a4545e19058b751be84d6520fba45918934bc9de7b1fc94d6056b0f0022a0da12a054052909d730918f9f408ad6adb32564a4243a39483c8165ccf5 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_ssl.pyd
| MD5 | 615bfc3800cf4080bc6d52ac091ec925 |
| SHA1 | 5b661997ed1f0a6ea22640b11af71e0655522a10 |
| SHA256 | 1819dd90e26aa49eb40119b6442e0e60ec95d3025e9c863778dcc6295a2b561f |
| SHA512 | 1198426b560044c7f58b1a366a9f8afcde1b6e45647f9ae9c451fb121708aa4371673815be1d35ad1015029c7c1c6ea4755eb3701dbf6f3f65078a18a1daeacb |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_sqlite3.pyd
| MD5 | 3d85e2aa598468d9449689a89816395e |
| SHA1 | e6d01b535c8fc43337f3c56bfc0678a64cf89151 |
| SHA256 | 6f0c212cb7863099a7ce566a5cf83880d91e38a164dd7f9d05d83cce80fa1083 |
| SHA512 | a9a527fc1fcce3ffe95e9e6f4991b1a7156a5ca35181100ea2a25b42838b91e39dd9f06f0efedb2453aa87f90e134467a7662dbbe22c6771f1204d82cc6cea82 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_socket.pyd
| MD5 | f8d03997e7efcdd28a351b6f35b429a2 |
| SHA1 | 1a7ae96f258547a14f6e8c0defe127a4e445206d |
| SHA256 | aef190652d8466c0455311f320248764acbff6109d1238a26f8983ce86483bf1 |
| SHA512 | 40c9bce421c7733df37558f48b8a95831cc3cf3e2c2cdf40477b733b14bd0a8a0202bc8bc95f39fcd2f76d21deac21ad1a4d0f6218b8f8d57290968163effef8 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_queue.pyd
| MD5 | fc796fcde996f78225a4ec1bed603606 |
| SHA1 | 5389f530aaf4bd0d4fce981f57f68a67fe921ee1 |
| SHA256 | c7c598121b1d82eb710425c0dc1fc0598545a61ffb1dd41931bb9368fb350b93 |
| SHA512 | 4d40e5a4ab266646bedacf4fde9674a14795dcfb72aae70a1c4c749f7a9a4f6e302a00753fe0446c1d7cc90caee2d37611d398fdc4c68e48c8bc3637dfd57c15 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_overlapped.pyd
| MD5 | 6b2f62d1ab91d4d0abf0f10218cf1ca7 |
| SHA1 | d9797eaff4bea253d66339614a9fbaea8400bc74 |
| SHA256 | afbe7f4c19a7db42dc45f9f5591602c119fe5064de6607f33ba678f07626426d |
| SHA512 | 653a976c885b08a598dee727a2672aabc514d4095879c1b564354acf938197d8d49645f7b9e241b21610a5abf3bbd9d3805c64a158bf7c26f4a13e6be806fd5a |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_multiprocessing.pyd
| MD5 | 1359d06d86e1694c74076b81d265782b |
| SHA1 | 9cb55b82f4c2a407357ea0e5e48020a22ad4bf03 |
| SHA256 | 81acc28672d3d46bdd7113efb2a13ceedbe0009fab5600117db4cad1648f69a9 |
| SHA512 | 173bb999e680062692c99eaa1743361d65c5cdf7f88380d512717bab9d716b0c8b339bc59fce220336242b75aa70b5521560cb4d1fa857176624d6a73d07e17d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_hashlib.pyd
| MD5 | 89f3c173f4ca120d643aab73980ade66 |
| SHA1 | e4038384b64985a978a6e53142324a7498285ec4 |
| SHA256 | 95b1f5eff9d29eb6e7c6ed817a12ca33b67c76acea3cb4f677ec1e6812b28b67 |
| SHA512 | 76e737552be1ce21b92fa291777eac2667f2cfc61ae5eb62d133c89b769a8d4ef8082384b5c819404b89a698fcc1491c62493cf8ff0dcc65e01f96b6f7b5e14f |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_decimal.pyd
| MD5 | ccfad3c08b9887e6cea26ddca2b90b73 |
| SHA1 | 0e0fb641b386d57f87e69457faf22da259556a0d |
| SHA256 | bad3948151d79b16776db9a4a054033a6f2865cb065f53a623434c6b5c9f4aad |
| SHA512 | 3af88779db58dcae4474c313b7d55f181f0678c24c16240e3b03721b18b66bdfb4e18d73a3cef0c954d0b8e671cf667fc5e91b5f1027de489a7039b39542b8ca |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\_asyncio.pyd
| MD5 | 47d2494ad68c102fd17022963dd85a03 |
| SHA1 | cebf8dbbd9df32c8f7807cef3bebf2d8d336ac78 |
| SHA256 | 91564632078b61f99ba037122e5def178a0b8807f2ef29e039290e60935ee7dc |
| SHA512 | 1461d1c7b58239c23d294359c5200a0dda0ad3965e41c2e9bd6dc8e879469e7cadb752e4d0c6cce58d8a0dd4f105a33bc0baf4f03738aacf442dac2a02f2ce57 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\zlib1.dll
| MD5 | a35d7eeae683a35acb99e72e01cf132f |
| SHA1 | cc37f1e0641f6afc821ef45a65986422eb853366 |
| SHA256 | c84547746f4c328daa9637414bbb252ec7124005d0cb7d4a8c62779cf641271c |
| SHA512 | dd7996756a3aed62251f90cd0ae95feafa7bc1cfe7c51e7e2e09bfd30bf0bbb2775fe397a1963f63aed7ad49957b4dd75faed022c6ec4ed9576822f650612f2c |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\VCRUNTIME140_1.dll
| MD5 | f8dfa78045620cf8a732e67d1b1eb53d |
| SHA1 | ff9a604d8c99405bfdbbf4295825d3fcbc792704 |
| SHA256 | a113f192195f245f17389e6ecbed8005990bcb2476ddad33f7c4c6c86327afe5 |
| SHA512 | ba7f8b7ab0deb7a7113124c28092b543e216ca08d1cf158d9f40a326fb69f4a2511a41a59ea8482a10c9ec4ec8ac69b70dfe9ca65e525097d93b819d498da371 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\unicodedata.pyd
| MD5 | 27b3af74ddaf9bca239bf2503bf7e45b |
| SHA1 | 80a09257f9a4212e2765d492366ed1e60d409e04 |
| SHA256 | 584c2ecea23dfc72ab793b3fd1059b3ea6fdf885291a3c7a166157cf0e6491c4 |
| SHA512 | 329c3a9159ea2fdce5e7a28070bcf9d6d67eca0b27c4564e5250e7a407c8b551b68a034bfde9d8d688fa5a1ae6e29e132497b3a630796a97b464762ca0d81bb7 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\tk86t.dll
| MD5 | 819a3d6ef6c445a7b01ec6581a853a57 |
| SHA1 | f02b0ce4753078da28db5a88a7cd16a716c7980b |
| SHA256 | f4051212fa1a9987cb4fbf4702a4aff0f9dc7eee6b12db6ef95274945b84de43 |
| SHA512 | cb62443d2ba3be482cdfcdd861a841bd613e66a1599886d45521a2466b4d153da7bd953826a32717b5549f380540971bb4b2cdeb3f77897a7087498389747ef9 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\tcl86t.dll
| MD5 | 9f5f85ae51c17a8c6ce1785e77649535 |
| SHA1 | 4266b23f3f149ed971564e05a45f0f0b9bb1a60f |
| SHA256 | 5ed152863312b3dc3ec3aa8efa875302fc8c1d063e50140dccf8020d0917de48 |
| SHA512 | 943c16e76a7c6fcdd48a9df501ab1108b7df94093bc44979310cfeaf7bc8f614e4dd64831aafb61a8c6b9c3974132968397bbc63243956ef313715c9b0175928 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\sqlite3.dll
| MD5 | 482b3f8adf64f96ad4c81ae3e7c0fb35 |
| SHA1 | 91891d0eabb33211970608f07850720bd8c44734 |
| SHA256 | 1fbdb4020352e18748434ef6f86b7346f48d6fb9a72c853be7b05e0e53ebbb03 |
| SHA512 | 5de56e00ab6f48ffc836471421d4e360d913a78ee8e071896a2cd951ff20f7a4123abd98adf003ce166dcc82aad248ebf8b63e55e14eceec8aa9a030067c0d1d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\select.pyd
| MD5 | 08b4caeaccb6f6d27250e6a268c723be |
| SHA1 | 575c11f72c8d0a025c307cb12efa5cb06705561d |
| SHA256 | bd853435608486555091146ab34b71a9247f4aaa9f7ecfbc3b728a3e3efde436 |
| SHA512 | 9b525395dec028ef3286c75b88f768e5d40195d4d5adab0775c64b623345d81da1566596cc61a460681bc0adba9727afc96c98ad2e54ff371919f3db6d369b0c |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\SDL2_ttf.dll
| MD5 | 9f5ece4e13e42058fa5ea65215c41c5d |
| SHA1 | eddcecb4f10f2bb9b61c57b88fb6bd1b1d560a07 |
| SHA256 | f5f2690285fc087376ff03edb8849ab5f24c6e9d60ae3661013bea621786582b |
| SHA512 | 09cf0927b7cdb84f9ddec465ba10874af6160f947e58e9ff9ead2aa6d10e7d164dd8c5e2df6314f0dd8a84d0b104b48dbac8cc96522f749d54041b3e8ec03400 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\SDL2_mixer.dll
| MD5 | 1230b474eca2c4cefb13cf0aaa2fc5d0 |
| SHA1 | e23f9cf8cb7dd47e92a02f7508922f01d4d1364b |
| SHA256 | 6879a16d963159cb0666e654ea4d5e9a92abffd96cfc6fffe6b39ae81b4ffca3 |
| SHA512 | 2520fdfbd1370bb9683c29fe1722f771e3d4c7df635987371190be5445237f9e96ae506bbeb79035f6f483ac116995b56bb1e9fc35b6f6a6d49bb940dbf72ead |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\SDL2_image.dll
| MD5 | 7174d7a8eec42d7700c5f4adfff39b57 |
| SHA1 | b850f0814e77a67f0414a85aae88c9534ca857e5 |
| SHA256 | 155eab85fe565f6dd1ecb29d6496425539c994bc0d14b52cabd850df5927f9bf |
| SHA512 | 9a79cc9661cdab7efeb096f1eb121807ba937b444546d46a321613f6d2792ebf09cc62ff067ece7cb0458b988d6081feadd33e93a52c24faac53dc1539bf32c9 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\SDL2.dll
| MD5 | 9684069bb2b8892408ccb50d66abbeda |
| SHA1 | 7df5e8f28481c4e7aef128e017a53a36b86c3b7b |
| SHA256 | 123c8a0d647e5b866545f8e1cc4cfba5fdadf8c1a247692050355a609d81996b |
| SHA512 | fbe493326da9b582c9c4fa1b16ba02e5befcf5787324116656e108527894f692c3fc21493419a419833ab37a5fa5fb5e38e2c04a8cbdbc3c8afeba08df390697 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\pyexpat.pyd
| MD5 | a8fa7e9e05798ee799f6cc56a3fcf4ad |
| SHA1 | 7e1a36eba8eded63f2e409c00b0dcdf47dc9346c |
| SHA256 | 0221731a4b1bea7946061321d27d4a2b0b96d7acf0a54ecbacdf11aabecb4268 |
| SHA512 | 6ea88387d89969f1746c0fe317d8ac3f55c28378fdcc08fcff05e9ddf57e1b034a6a371c0febb7858a0aed74a334b7b8de7d7f08882c650990b2779f946fa799 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\portmidi.dll
| MD5 | 1b443fe9c75d57eedcf5fd67493573e2 |
| SHA1 | 27504e51f5f19d3d73ed2a0ba473dc5cda787679 |
| SHA256 | 96b2ba3d433b0e0a0ce72c72725e033ca35b570225b55b38fb7d71c716418ee3 |
| SHA512 | 02f0ee765490d999ac621f54411b039ef42dddeba17d2edbb9970db20e481d29aed4d607d8330a7c5cd7133b214f13dcb427e89903f9baaef20ffc4a431bb0c4 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libwebp-7.dll
| MD5 | 4276d3cb447a08644a2c1d3b7afb9fdf |
| SHA1 | d63f34d0b4e8eb660a92a3843b695eda16294b80 |
| SHA256 | cc3831ce9ff18f5ebfde8b20d1ee237e2336e4d9ca6405392ac5ec9c8c948174 |
| SHA512 | d3a539176243e31a15877b0a6c40c295036ccac5c3ac13cd7b74a340c4183a661a630bbe6b5b0c0ff54b4b27fc72bc154883c7ba5167cb4baeb4b0a528f514bc |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libtiff-5.dll
| MD5 | f374796886d56c6c552f3a92a81c3338 |
| SHA1 | d61f0297386e9925a6ac0c6469ba40b86d3c98cd |
| SHA256 | e2c5b370bcade6a167dba5dc9bb33107d4ed2612e7e8af8d1035be72f35f90d7 |
| SHA512 | b59cd888b41c67bf139c2c78d7968a33c84e9127752b9fa276b7b3b461a01cd71dc72936e51a334ddad7fa8e67dd4c250a3495ce544aa156efacb77e7f1dce9f |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libssl-3.dll
| MD5 | 264be59ff04e5dcd1d020f16aab3c8cb |
| SHA1 | 2d7e186c688b34fdb4c85a3fce0beff39b15d50e |
| SHA256 | 358b59da9580e7102adfc1be9400acea18bc49474db26f2f8bacb4b8839ce49d |
| SHA512 | 9abb96549724affb2e69e5cb2c834ecea3f882f2f7392f2f8811b8b0db57c5340ab21be60f1798c7ab05f93692eb0aeab077caf7e9b7bb278ad374ff3c52d248 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libpng16-16.dll
| MD5 | 8f3bf615136b7241204419fb24c8d5ad |
| SHA1 | d107f0b405c566974c37be20e1abbd365ccbb750 |
| SHA256 | a9c4d2443d6de90091eff8a5adfd7a3c207b0c7aefb913b855320866e93f8039 |
| SHA512 | a2ced7974c086291e69dce39f841335c771088aecbbc52b049d7af51c81342bd1e8bd0d8c78e62529e2041d15d8f5317e5a41727e299c2d827027bcbb0382aa1 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libopusfile-0.dll
| MD5 | a729c1b14d695b00ae79472d3fe45339 |
| SHA1 | 20cd334187fc7297138f014303e5c82b5f918c80 |
| SHA256 | 57bb8b7dec2bd35ff1031f12c4ba3aa3cb2e8de2445e21ea29ffa3ad13e7be3a |
| SHA512 | 1da8060b1767bdf811b005e4a476c18f1c2f93186334aa40ca59937cec7aed37267c45a3b5aaeb8fa13d9b0639959d128d957e6d08fcb9787926df850e42fc22 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libopus-0.dll
| MD5 | 3c2e93c3d2b292a0f489449209f8e099 |
| SHA1 | 751f18a79c6da4e7162439cef4d481189d17a242 |
| SHA256 | b6b32593c0bcecea7b31a900086870bbab039f25b29067170ac461cf2479dea5 |
| SHA512 | a0ec68d2a1c650720b4e3e437a5841e8d04d165fc920ce26a41cc20d6ddf4c761b05bbf3426e241c2ee13a9fbe146fc889aa45df70397600b2d962bdaa1bedbb |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libogg-0.dll
| MD5 | 6ffebd7d283079e9029c7f29d8ca7fba |
| SHA1 | b470b09c8aa2f3e42bcff8392d95b6259cb87555 |
| SHA256 | 0d9a915ea29ed4da271f86dbcfa90b52064a26b5136af590b2bb430d5dd6a67e |
| SHA512 | 2b9a9b5f298eefccf0a08af52d7c2c803db19ab9f3cedad2bb19df50466527c05e31f956b6018c9a337565448249465eba8952e9e8397b728b7f76e4f0561c68 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libmodplug-1.dll
| MD5 | 072093b2671589d4ce465de2b92ebee4 |
| SHA1 | 821d9827286271859640984df28e01b4a37341fb |
| SHA256 | 04d07b4dcae8d3998156d563df20881ba790c32389aca23ade91de9cf9f4a3d4 |
| SHA512 | 522d5faa8d17017f1891374a23d6e653cd62b51818734bf1f7343248d09e1e314ae49821595818fe69af62c9e51debca4ae384e421ad8fa658aced95f977379e |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libjpeg-9.dll
| MD5 | 6e67e46f957f50215b7e68c9091db53f |
| SHA1 | e969fa4858351c95c337352dd0578fe5a83403f0 |
| SHA256 | 24b25fe9ebe303496973c4d11144b053a5f5a03eabf53f9d8eab0c15fdbfbffe |
| SHA512 | 86af5560269ef21490f5343ea3e0522f35e271d42e64f61a2f05471302856de79d34bf00658e1667d7145af48667627fa3897bca2fc479928ab9a62ecba81396 |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\libcrypto-3.dll
| MD5 | 7f1b899d2015164ab951d04ebb91e9ac |
| SHA1 | 1223986c8a1cbb57ef1725175986e15018cc9eab |
| SHA256 | 41201d2f29cf3bc16bf32c8cecf3b89e82fec3e5572eb38a578ae0fb0c5a2986 |
| SHA512 | ca227b6f998cacca3eb6a8f18d63f8f18633ab4b8464fb8b47caa010687a64516181ad0701c794d6bfe3f153662ea94779b4f70a5a5a94bb3066d8a011b4310d |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\freetype.dll
| MD5 | 522257e451efcc3bfe980f56d3fed113 |
| SHA1 | f5e12321517f523842943ea7f3ba74d449dba1f4 |
| SHA256 | 8c74376e7932eebcd084191b40774056b32525ba48e375d942754cdc4fc03c60 |
| SHA512 | d590cd813281278be4aec86af3713216dd306399b4910221a2447a3200accbca1b5f8d9495bf21f69ff8e09e5465a71c715a85ce0d87cdc26cbf27b0fae2cc4c |
memory/4356-1117-0x00007FFA17660000-0x00007FFA17679000-memory.dmp
memory/4356-1119-0x00007FFA18E60000-0x00007FFA18E6D000-memory.dmp
memory/4356-1122-0x00007FFA17540000-0x00007FFA1754D000-memory.dmp
memory/4356-1124-0x00007FFA12BB0000-0x00007FFA12BE5000-memory.dmp
memory/4356-1126-0x00007FFA16EC0000-0x00007FFA16ECD000-memory.dmp
memory/4356-1128-0x00007FFA13850000-0x00007FFA13864000-memory.dmp
memory/4356-1130-0x00007FFA03110000-0x00007FFA03639000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI29282\cv2\__init__.py
| MD5 | 6f043aff1edd20d3c9d6398f936fbf58 |
| SHA1 | 7149d2d20e1eb8c10c5d2bdb8eda23551fc82650 |
| SHA256 | 957a91bfd98ffb07a10cd789b7c5c46806568476b61e34c7ad56a00092b981a5 |
| SHA512 | 7358dba479899dbc3afb955903820d2a7a54b9c398bf5d4565c8dc044241821edd621d7416862af396db4216373b1e8aac00eb78046fcc3cc2396aa02cd6947b |
C:\Users\Admin\AppData\Local\Temp\_MEI29282\numpy\core\_multiarray_umath.cp312-win_amd64.pyd
| MD5 | 37e53b4a39673d0a4d828507e64f0415 |
| SHA1 | a1b91a60692e352cce0c7f3d348c5a3b02445553 |
| SHA256 | a75ab6bac2a74d8f1c6e81c6a50e600d19680deec06a84730ff3febb78a55ec9 |
| SHA512 | 90f7d07d09e82a424addb1bf7b07fc5b60141f8733cb366c611d0d3701185b3f28aa69274f659e87a212ea18b4e863caa383f35676b8c90a05737b4bb0c9aaa8 |
memory/4356-1137-0x00007FFA11F40000-0x00007FFA1200D000-memory.dmp
memory/4356-1136-0x00007FFA12A70000-0x00007FFA12AA3000-memory.dmp
memory/4356-1135-0x00007FFA03640000-0x00007FFA03D05000-memory.dmp
memory/4356-1138-0x00007FFA00D30000-0x00007FFA02E23000-memory.dmp
memory/4356-1139-0x00007FFA02E30000-0x00007FFA03110000-memory.dmp
memory/4356-1142-0x00007FFA12A40000-0x00007FFA12A61000-memory.dmp
memory/4356-1141-0x00007FFA17660000-0x00007FFA17679000-memory.dmp
memory/4356-1140-0x00007FFA12B90000-0x00007FFA12BA7000-memory.dmp
memory/4356-1143-0x00007FFA12A10000-0x00007FFA12A32000-memory.dmp
memory/4356-1144-0x00007FFA00C90000-0x00007FFA00D29000-memory.dmp
memory/4356-1145-0x00007FFA12BB0000-0x00007FFA12BE5000-memory.dmp
memory/4356-1148-0x00007FFA09A10000-0x00007FFA09A51000-memory.dmp
memory/4356-1147-0x00007FFA0A0E0000-0x00007FFA0A111000-memory.dmp
memory/4356-1146-0x00007FFA11E60000-0x00007FFA11E90000-memory.dmp
memory/4356-1149-0x00007FFA12680000-0x00007FFA1269A000-memory.dmp
memory/4356-1151-0x00007FFA11E40000-0x00007FFA11E59000-memory.dmp
memory/4356-1150-0x00007FFA13850000-0x00007FFA13864000-memory.dmp
memory/4356-1152-0x00007FFA03110000-0x00007FFA03639000-memory.dmp
memory/4356-1153-0x00007FFA00D30000-0x00007FFA02E23000-memory.dmp
memory/4356-1156-0x00007FFA00BD0000-0x00007FFA00C82000-memory.dmp
memory/4356-1155-0x00007FFA0A0C0000-0x00007FFA0A0D4000-memory.dmp
memory/4356-1154-0x00007FFA10C40000-0x00007FFA10C5C000-memory.dmp
memory/4356-1157-0x00007FFA02E30000-0x00007FFA03110000-memory.dmp
memory/4356-1169-0x00007FFA03110000-0x00007FFA03639000-memory.dmp
memory/4356-1170-0x00007FFA12A70000-0x00007FFA12AA3000-memory.dmp
memory/4356-1167-0x00007FFA16EC0000-0x00007FFA16ECD000-memory.dmp
memory/4356-1159-0x00007FFA12C20000-0x00007FFA12C45000-memory.dmp
memory/4356-1171-0x00007FFA11F40000-0x00007FFA1200D000-memory.dmp
memory/4356-1182-0x00007FFA11E40000-0x00007FFA11E59000-memory.dmp
memory/4356-1181-0x00007FFA12680000-0x00007FFA1269A000-memory.dmp
memory/4356-1178-0x00007FFA11E60000-0x00007FFA11E90000-memory.dmp
memory/4356-1177-0x00007FFA00C90000-0x00007FFA00D29000-memory.dmp
memory/4356-1190-0x00007FF9FFD60000-0x00007FF9FFD71000-memory.dmp
memory/4356-1188-0x00007FF9FFDD0000-0x00007FF9FFDE9000-memory.dmp
memory/4356-1187-0x00007FFA00B20000-0x00007FFA00B37000-memory.dmp
memory/4356-1189-0x00007FF9FFD80000-0x00007FF9FFDCC000-memory.dmp
memory/4356-1165-0x00007FFA17540000-0x00007FFA1754D000-memory.dmp
memory/4356-1158-0x00007FFA03640000-0x00007FFA03D05000-memory.dmp
memory/4356-1186-0x00007FF9EF640000-0x00007FF9F3E9E000-memory.dmp
memory/4356-1370-0x00007FFA11E40000-0x00007FFA11E59000-memory.dmp
memory/4356-1369-0x00007FFA11F40000-0x00007FFA1200D000-memory.dmp
memory/4356-1372-0x00007FFA12B90000-0x00007FFA12BA7000-memory.dmp
memory/4356-1379-0x00007FFA12680000-0x00007FFA1269A000-memory.dmp
memory/4356-1378-0x00007FFA09A10000-0x00007FFA09A51000-memory.dmp
memory/4356-1377-0x00007FFA0A0E0000-0x00007FFA0A111000-memory.dmp
memory/4356-1383-0x00007FFA00BD0000-0x00007FFA00C82000-memory.dmp
memory/4356-1382-0x00007FFA0A0C0000-0x00007FFA0A0D4000-memory.dmp
memory/4356-1381-0x00007FFA10C40000-0x00007FFA10C5C000-memory.dmp
memory/4356-1380-0x00007FFA00D30000-0x00007FFA02E23000-memory.dmp
memory/4356-1376-0x00007FFA11E60000-0x00007FFA11E90000-memory.dmp
memory/4356-1375-0x00007FFA00C90000-0x00007FFA00D29000-memory.dmp
memory/4356-1374-0x00007FFA12A10000-0x00007FFA12A32000-memory.dmp
memory/4356-1373-0x00007FFA03110000-0x00007FFA03639000-memory.dmp
memory/4356-1368-0x00007FFA12A70000-0x00007FFA12AA3000-memory.dmp
memory/4356-1367-0x00007FFA12A40000-0x00007FFA12A61000-memory.dmp
memory/4356-1366-0x00007FFA13850000-0x00007FFA13864000-memory.dmp
memory/4356-1365-0x00007FFA16EC0000-0x00007FFA16ECD000-memory.dmp
memory/4356-1364-0x00007FFA12BB0000-0x00007FFA12BE5000-memory.dmp
memory/4356-1363-0x00007FFA17540000-0x00007FFA1754D000-memory.dmp
memory/4356-1362-0x00007FFA18E60000-0x00007FFA18E6D000-memory.dmp
memory/4356-1361-0x00007FFA17660000-0x00007FFA17679000-memory.dmp
memory/4356-1360-0x00007FFA12BF0000-0x00007FFA12C1D000-memory.dmp
memory/4356-1359-0x00007FFA18320000-0x00007FFA1833A000-memory.dmp
memory/4356-1358-0x00007FFA1B9D0000-0x00007FFA1B9DF000-memory.dmp
memory/4356-1357-0x00007FFA12C20000-0x00007FFA12C45000-memory.dmp
memory/4356-1356-0x00007FFA02E30000-0x00007FFA03110000-memory.dmp
memory/4356-1371-0x00007FFA03640000-0x00007FFA03D05000-memory.dmp