Analysis Overview
Threat Level: Likely malicious
The file https://github.com/spotDL/spotify-downloader/releases/download/v4.2.5/spotdl-4.2.5-win32.exe was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Detects Pyinstaller
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 19:03
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 19:03
Reported
2024-06-06 19:34
Platform
win11-20240426-en
Max time kernel
1800s
Max time network
1737s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe | N/A |
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 239712.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/spotDL/spotify-downloader/releases/download/v4.2.5/spotdl-4.2.5-win32.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe78363cb8,0x7ffe78363cc8,0x7ffe78363cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2560 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6368 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1908,6393713210685001810,6788402044652056714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 /prefetch:8
C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe
"C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe"
C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe
"C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://localhost:8800/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe78363cb8,0x7ffe78363cc8,0x7ffe78363cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1118559847388113221,17227279760053273042,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5016 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 145.83.221.88.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| GB | 216.58.213.14:443 | music.youtube.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:50190 | tcp | |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| NL | 5.79.76.225:443 | b.azlyrics.com | tcp |
| NL | 5.79.76.225:443 | b.azlyrics.com | tcp |
| US | 104.26.13.204:443 | api.iconify.design | tcp |
| NL | 5.79.76.225:443 | b.azlyrics.com | tcp |
| NL | 5.79.76.225:443 | b.azlyrics.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 172.67.71.159:443 | api.iconify.design | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 34d22039bc7833a3a27231b8eb834f70 |
| SHA1 | 79c4290a2894b0e973d3c4b297fad74ef45607bb |
| SHA256 | 402defe561006133623c2a4791b2baf90b92d5708151c2bcac6d02d2771cd3d6 |
| SHA512 | c69ee22d8c52a61e59969aa757d58ab4f32492854fc7116975efc7c6174f5d998cc236bbf15bce330d81e39a026b18e29683b6d69c93d21fea6d14e21460a0a7 |
\??\pipe\LOCAL\crashpad_1540_WZRRZQHEYSMKISJE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 046d49efac191159051a8b2dea884f79 |
| SHA1 | d0cf8dc3bc6a23bf2395940cefcaad1565234a3a |
| SHA256 | 00dfb1705076450a45319666801a3a7032fc672675343434cb3d68baccb8e1f7 |
| SHA512 | 46961e0f0e4d7f82b4417e4aac4434e86f2130e92b492b53a194255bd3bba0855069524cd645f910754d4d2dbf3f1dc467bcc997f01dc6b1d8d6028e2d957236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 89752f081571a4cb7fd10033a6ddb4a2 |
| SHA1 | f8329fde8ab290a815121a81873aa8784372b98d |
| SHA256 | dd3c4a48892598470c5fd9f00045450a9ed141692e9e58421a9ae0a6dac21f7a |
| SHA512 | 49c836b25f1b30ce14d8c58b19a113b7d2a716f88833c799eb976a732196698accd5c5d66f170e931bf475211326b125ffe3c596b8c97b600edbdd8fb641824e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 577981f7e4e4c3ec1636b294c43002f4 |
| SHA1 | 9f3ec5b4ef2e238b49f6119a59ab3166aeb2acd2 |
| SHA256 | 94c252661ec0bb0b1a72a3e35cc311b55f78a51e5cc74bc5e5ba167a89d16205 |
| SHA512 | 680bf9e8391858caa57103d01ebb8050ad03dbbeacc983f28eff4d8ac6402c013d06f25297fdee4cd30bc9060852b980259819a3a4b0bfdb681d66a25d911603 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | debd94d93a0e7c175dc57b098da7b754 |
| SHA1 | 8b680c948030779dc4ac38b537e061fe0f860b38 |
| SHA256 | 208e2fbaf6783916b85f925ccec69621dba600f715bc8f9634c251e713ebdf1a |
| SHA512 | fadd2a1185e4c3256d8005c3d5f70b2ba0fe4eab2bbd995f633ae4b3e243e6ee3778fcd61f25e777ce57b79e347e15c2aa2b71fe09e924a6a7073f5d601f641b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\Downloads\Unconfirmed 239712.crdownload
| MD5 | 0e8c11c1a28c63389e145ec1599e30c1 |
| SHA1 | 77e200acd96361f87f7bb70b22c34ff235224ec3 |
| SHA256 | f19794f059c93d7ca35eb4ead12f7c33c9cdfbc1bcbc77547cdb134e08b1b470 |
| SHA512 | 45e7cd28cb530d287dfbbff98795ac0928e873c8a962faa1f0612f971bd8d8f826ee4846de35386b08425db8a0d4a6974dde2d6ba1e1cef3f8e2032cdaa84a5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4e9a686663b2b65ea271ced416c21571 |
| SHA1 | 2f557dbf6ef088f4ada33be78c9ce2a016e64884 |
| SHA256 | 09a81d48bcc58ca7fba6b4e192b8fb1f24d1ceab6c938eb4627a1cb57d9350f6 |
| SHA512 | 05e1bb65e5b2452d36aa421673dac86ad771d690e153f58b2c257830401a17f5c716066130eb506d8bae49949970d5ea1abef672ddf91ee6fa34a831fb8e6a82 |
C:\Users\Admin\Downloads\spotdl-4.2.5-win32.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\ucrtbase.dll
| MD5 | 6b9880ec69f2988d1035fa11969fa894 |
| SHA1 | add955b1826c79aa43afb268682aad5614d5f1e6 |
| SHA256 | c446df8432ff2679961763de876432fcf13f272269c17417e7eccbda0b000448 |
| SHA512 | 747d074dbc9bd020feb04c009ad8bd975a4c9a37e0ead8093908237ab00f08e46beb73bfc3a7b41bedb99130877343206a0a2568b611161d17ece5597e3416d9 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\python310.dll
| MD5 | 63a1fa9259a35eaeac04174cecb90048 |
| SHA1 | 0dc0c91bcd6f69b80dcdd7e4020365dd7853885a |
| SHA256 | 14b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed |
| SHA512 | 896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\VCRUNTIME140.dll
| MD5 | f34eb034aa4a9735218686590cba2e8b |
| SHA1 | 2bc20acdcb201676b77a66fa7ec6b53fa2644713 |
| SHA256 | 9d2b40f0395cc5d1b4d5ea17b84970c29971d448c37104676db577586d4ad1b1 |
| SHA512 | d27d5e65e8206bd7923cf2a3c4384fec0fc59e8bc29e25f8c03d039f3741c01d1a8c82979d7b88c10b209db31fbbec23909e976b3ee593dc33481f0050a445af |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\base_library.zip
| MD5 | 721e98ac1c901a0c6a3d867f663932b1 |
| SHA1 | f04347eeae764a541fbd6252c525301d43bc36b6 |
| SHA256 | b8e1b3eec714e90db1d22af241d1a0c0ca69e6e93cf07ab00a6eb17512ac5b92 |
| SHA512 | ad25e634ca420837dc6251a631213ef1237f4da2da4eb81485d37457437e2519cca4277f5ac6759cc2cb277fe6ad98d05fea390227f834f8a4572f94a0628e12 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\_ctypes.pyd
| MD5 | 1635a0c5a72df5ae64072cbb0065aebe |
| SHA1 | c975865208b3369e71e3464bbcc87b65718b2b1f |
| SHA256 | 1ea3dd3df393fa9b27bf6595be4ac859064cd8ef9908a12378a6021bba1cb177 |
| SHA512 | 6e34346ea8a0aacc29ccd480035da66e280830a7f3d220fd2f12d4cfa3e1c03955d58c0b95c2674aea698a36a1b674325d3588483505874c2ce018135320ff99 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\libffi-7.dll
| MD5 | eef7981412be8ea459064d3090f4b3aa |
| SHA1 | c60da4830ce27afc234b3c3014c583f7f0a5a925 |
| SHA256 | f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081 |
| SHA512 | dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\_bz2.pyd
| MD5 | 86d1b2a9070cd7d52124126a357ff067 |
| SHA1 | 18e30446fe51ced706f62c3544a8c8fdc08de503 |
| SHA256 | 62173a8fadd4bf4dd71ab89ea718754aa31620244372f0c5bbbae102e641a60e |
| SHA512 | 7db4b7e0c518a02ae901f4b24e3860122acc67e38e73f98f993fe99eb20bb3aa539db1ed40e63d6021861b54f34a5f5a364907ffd7da182adea68bbdd5c2b535 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-convert-l1-1-0.dll
| MD5 | ad107dadc3298da8e5b8b5979a429b60 |
| SHA1 | cd1e31d3b31f8a07c20addfe6063f8dffd8bb201 |
| SHA256 | a3330afde4c96d0bfd58a328d32cec7f47013a737a33fe074678ef5537e9f34e |
| SHA512 | f5032e717a3566c86c9f1a5f0b5fd5f6797a9d298f8bc07d8c955bc156da6ecea66c08a3b8f88fe1007de4c214ade98391f0b3b22252aa67b051b3cea2ae802c |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-conio-l1-1-0.dll
| MD5 | 9e348cb5f8d93c9adafa0907564ba487 |
| SHA1 | fac47a2127756581de8a1e49cd86239b2fe90de5 |
| SHA256 | a0c144a76b80909a25b202114c07a06927f33ec237131d27c409cb4411bd6f1b |
| SHA512 | 1611284adb4491ead21a9088f8890df2d7e9eb6401228104aa4df20f6e8d8e2f59e80378563883722c18be5d31a2da78db43978375f5b8e1b36a723696b06bcf |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-util-l1-1-0.dll
| MD5 | 53bf180be1d6b795b6163770af75cb20 |
| SHA1 | 1817e20b2020be1e3e1cb0ffd8e243ad8f9f80ac |
| SHA256 | 96d0b3666651b0ad01fd7877ea19f35c78fd3b87e0da0007889212022edbba8d |
| SHA512 | 8c32ccf1c1b20e9cd9160318d2b8c8eaf97c1198ba78efcbc271ca0292189f04d68d38e8948a49e4585039689d671fab84d86128919418d207c167fdd3f99a64 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-timezone-l1-1-0.dll
| MD5 | 8a7fbe2425592dd419f6cf665613b967 |
| SHA1 | af2170a7e5f27111e32fa27ecfdddaa41edc8156 |
| SHA256 | a6cbce99976a8fdd8d9cc278c7d8aebbc4a6ae6404684021d73c8f4e520b98dc |
| SHA512 | 57d41d57721f9e37c6ea8a55ac156f9275d2373beead9f5c836ff7379c49c6676b9168bf278206fe2e60b576e066d8706ec1ed0a96b3db82b197d724f4a2279f |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-sysinfo-l1-1-0.dll
| MD5 | a992a0e59e2530e67281f8db9bd28c80 |
| SHA1 | 96a0b9780a53384d2dc65b9a5305312a1ecc7ddc |
| SHA256 | 71ba7dd22ffa833b924778c5d0421819cf01625b4d7462c463c2cf75cf596806 |
| SHA512 | 5633e37239bd3678b4d6d1e2a74c3f59394b30da2cbd0797c882f418250894049b85684b12e0fb367e762ce7f205c0715532266d6cfd0580b7b58adfe07def7f |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-synch-l1-2-0.dll
| MD5 | b8a4e7ce46930e538eec8290332fe6dc |
| SHA1 | ea6938f141edc0ba3f32aef3bea90597e9a58707 |
| SHA256 | 8ec827f3a991a313137d3c378bddc7022640c0b1ba79ebcd847ed3ecedc425b3 |
| SHA512 | 1707324e08dc74de23c98ae62ccb4373e2dcd7c2a1aced7b2c5a98436efefc9baecf80dde07fca5c775ab14a79816ff9034d46a97640e1a0d2a82a561a7c698f |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-synch-l1-1-0.dll
| MD5 | e58cc2297847d947b50d7d81f8d6c518 |
| SHA1 | 1580d3d4b1093549ebb6d95cb5d0d32b8d6b5f45 |
| SHA256 | da79a38d4799a9e4f3aaaaeea05a2f47d323d3472f5361478e20e5075b63af9e |
| SHA512 | 258d6c1d37884a7ab313dd2e98fb88b94cdeb908f31dd296745c1fa5f2ae105cfbb225909e2dc9b178531183bb98195cb689ce14ff2570bc168e46e69c544e84 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-string-l1-1-0.dll
| MD5 | a871b3bbadd412d4634648688a881a5e |
| SHA1 | 6d4dff475b8d2f270f4ca3393186e3ae20ef2273 |
| SHA256 | e7f1d2398de4a7242b79a21f85d3ab9bdaac3e70e50ef1eac5da1cba09dda192 |
| SHA512 | c05a8965858cca999334cd085aac771c71597b4b35a0c309ca8bb4d23cc9ec636ac4be7c1ac5ae36f6813bf92761a7584151eb9bc4583772e8f7c39bcc862cc7 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-rtlsupport-l1-1-0.dll
| MD5 | 8afde80df750f5ab010bc08a85c52776 |
| SHA1 | 3696bfc329ced5a61819fa785fca0f955d3a309f |
| SHA256 | f205e9c1ad5f029555d56a24fb7a3309a6ddd554eb19989fc3a1d309c990a6bd |
| SHA512 | 2ddb753c58ba6108d3bb09b4f5aca47dbd0dc5449ed75851c05f0f1db5a8bf9a59572b416260df6338cf3838ded2541d832755d9e82972bc191d1d1453454599 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-profile-l1-1-0.dll
| MD5 | 37851625d48c3c435e64566387b8fba9 |
| SHA1 | 6d0ba0836270984c91a0cfd410eeb50edf6b62d6 |
| SHA256 | 516d34cafdfbdf5e89804fe2b9c995f23fac93672ab1de9cffa55f6bdb0d1e24 |
| SHA512 | 0da8d12e42aacd4d447434a5a83952da2230fd1970e213a23eeddc25606e55cb9fdcda06787eae403c14279591974cfa5dad3bfaf598fd875a5ccea2122924b8 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-processthreads-l1-1-1.dll
| MD5 | 8ce9f911908bc20529ce03b7836397f5 |
| SHA1 | b8554a420c1372474e15d931f2f50e433d3b634e |
| SHA256 | 257d25b17680639ef9175e272c2cec4239a395651a69115441ba234c4b30ec0b |
| SHA512 | 980af4b0b3749d5e5842be388734b6385f0181eb5319b3e7802fcb33aada78b6bcf753a4eed29584e988b2708798e3da2ebd286c09fc5c518f8a1e2c5754fb11 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-processthreads-l1-1-0.dll
| MD5 | 20bdf0aa438ddfbf65952d202d5cda25 |
| SHA1 | eaf1c6b6400cda52637dd68fc17d20c2b7f09dd8 |
| SHA256 | 70a96238fe9b62eb195d1f1553624fbc45b52cc12dc7193913e6e65c71e09321 |
| SHA512 | 188a22db1df1c417fcffc83b4e51925012dd551900746b000582dcfdb5994e23d9ddb278ba96a0697560a1680534c6d78e31b1749f062dbefa3f0c0a8ef7bc4b |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-processenvironment-l1-1-0.dll
| MD5 | bc19bc9c45a169cc62f9e7975da0cc35 |
| SHA1 | 55fe4e9733ed24c00d58702e6740c4f078d0a7b1 |
| SHA256 | b3b48223093c2b210f76fd38d3d70b9c0bd17834c2762d1172bee7f12411512f |
| SHA512 | 5140df1cdf68260b698bc59ed9ca0a4315bd96987c974a800e8077f73b0887fccc2ab3aedb7ad6c772c70c98ed281211d8cff9306eea8e0e8d83f257453de8d9 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-namedpipe-l1-1-0.dll
| MD5 | 163050861c7d8809d06d5ed6228bef54 |
| SHA1 | 8fab242e91454e7e293c9a26e468cafadf0d7ce4 |
| SHA256 | a322178a86629cce8ecfe5c88518f874afa7903a30bc26edc6f1989d087ae726 |
| SHA512 | 6b04702ccefdef6640cbaf8d187e5beafa01186943259e319eae4ac60e09511cb0e04d7f86d0ebade00773220e0ab8bdf9e60460f354d3fe670fbc1f592e92ab |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-memory-l1-1-0.dll
| MD5 | f897d6715951a70e80daa9fa3dc9b913 |
| SHA1 | 7eaa2b5adcbe016508cc63c25bf4b60a3a2f94d2 |
| SHA256 | bac0e15f62d2aad8af2d9564d15c987d707ee4c5021fdb308287e1a63a6116fc |
| SHA512 | 0ff9ce545f7cd44a01a30ea9fa0821c8e564d509da6085331c766d1ce6d7a4c22910968eb142a888e2314a218fb882841678de18cca46472ace0a09bce6f19fe |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-localization-l1-2-0.dll
| MD5 | e142049a08327db53b0289cd25bbb70f |
| SHA1 | 3289a7c010a613b07b235d13ec96af31b683834a |
| SHA256 | dd36f8e544be435ffd7c96ddb077dc76b4cebd6fbef14319f7d21f47fe794a87 |
| SHA512 | f6fd8865f9df1bd382b246041ad90a3e87e42a99b7dc8167d0d4513e7bec6901b80120ff98e1283ca754dcc726b4ddc000f41c428f4f45dfd4489e94075352cf |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-libraryloader-l1-1-0.dll
| MD5 | 0102c27a0a9973942ab7974258b127e5 |
| SHA1 | ab6279b7e802b3b229322f07442be5b59df944d1 |
| SHA256 | 1eacc48d19f44e5dd54e4ea0a2f77a3130ecaacf22605595f3c6b6e398b9d2d8 |
| SHA512 | 9ab4e772cd649296f12b37cc4ae165d7bd7f4830c934d9540cd76cc42480c2b484cdd35d39082f861b74441d137656d2d1b6f73b27ea09ed7c42c55f3122384c |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-interlocked-l1-1-0.dll
| MD5 | 4a6bb2456b03efd381762294048d4e1f |
| SHA1 | 7f7cd1541a89c937654dfd772314061c1d5c4b8a |
| SHA256 | 1e72f74bdc5edc4ef93bced9065fd1ce3d20d891a6933c068d8a8bb97f813870 |
| SHA512 | f9da432af0643fa80fc7688f35c35ab2c73e9687c6a5b69a3cbc655af499296a59e6107b0faa01c0f48a79a510032b95bc5acc31f28a32ba53c2a46385af6c2c |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-heap-l1-1-0.dll
| MD5 | 55c47ec3351addab989634c5a4142698 |
| SHA1 | 1985aa2decdb3b0718b288a798e67abcff5fbfb0 |
| SHA256 | 5e3a6502b929df2cbfd6c9e0bfc2016b082e72246dc033655957aeaf812f5119 |
| SHA512 | 72d2be88661bad13e3e2828d9ae870d5fdc1679fe0079e206dc787fbf33396b58c19efa5e4b98146ecb5244d46c03dc60f51f01de2eada2bef4b8d9b151db21a |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-handle-l1-1-0.dll
| MD5 | 53ad62eadd80fb7be326b2ac21cd51c4 |
| SHA1 | 520316ecaf0262df0d5970ed6160c1a58d34fdcc |
| SHA256 | 0d520c708ea21b4120660e3b2db833f473c193508649c57d759452f19d6e633a |
| SHA512 | 2a59e6677d0f48a8588999d0f8f3d28c811ee66a98f25d0da727959975b7f1b51e2e252133173c564cd71a18fb1507c18cb376034ada3a92eec95cbef2a6974d |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-file-l2-1-0.dll
| MD5 | da0e628d704f10be357148f2131108b1 |
| SHA1 | a9a8c5e002a65d1b43fb990a86c59d290d480464 |
| SHA256 | 5747de24ef2014b50f49d541621a328a02a4ef5f20eeb94423a3d7f7954e49f6 |
| SHA512 | 30b2b3fd92b73dc387b6beff63c4d9e16123f9abbde0cc3f33b1b00c013885f980d12d793e32aaf7c430121df3d337dd09a9a8a5ea874696d3cf37ee51a50a81 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-file-l1-2-0.dll
| MD5 | b5233e03bde877536db16308f3664cda |
| SHA1 | 15ff9d07de90f4a13943b36c30ce2cfaccc67451 |
| SHA256 | fb9b51ab73cb5fecc491a3a2624d54cc327370c6ac5efc9dfada2411acf766ed |
| SHA512 | ad005e39dcd889e8a6c127038b7c25eb2e100c889b16a6b12063bf76087b3d245df2768d3f032963dcbb33d320be56ec3a2822a718d17b34503ee0ddccef7486 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-file-l1-1-0.dll
| MD5 | 770b1f0533e25a199144bd95e1e4a366 |
| SHA1 | 2a7f04c61fd91b5dfb1b592e20186a4f1675fcb0 |
| SHA256 | 22967506ae7e13fd6afc9cbe6aa7d14f497c37a40684fbfd7a5146b9f1569646 |
| SHA512 | c817dc7d51b0a3b05e9546793fd2b6eb8ad783dc933dd619024177bebe6aeb0c551ab0add7029fa0b0754aee139adfe1d04b5c0ace638c11da02de27bb225a94 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-errorhandling-l1-1-0.dll
| MD5 | e02239f4c0948021443bab405791e401 |
| SHA1 | cd5300b8a2cc2aff15d5b45122b9567cb9c68bb5 |
| SHA256 | 0857f0669237f4c8f85dca01acc7af0f654029832752c54d518cb741fd709878 |
| SHA512 | 1f61c23fb4487a80921b5e25ddb942d83bf3a0f1e11df7dc849f2bc6e6dd72c8c7aa2808414821520d998b9123c040bedef392be39c5616a4bba8b8cfb9a7295 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-math-l1-1-0.dll
| MD5 | db734d502665e4972717837aa2bf2223 |
| SHA1 | 956b4ff9c59a3a4f4e447d16d0c898dd9bac6147 |
| SHA256 | fd7c108c8b26ef8bbb3eee7dbadfa6031dfb6c2c0c1a74953034e0d080219646 |
| SHA512 | 04443719af07dd7ea50d009ddc3199ff2c9a66a3ce04c9559c82f3db7337113f65974ff104b250fec76bd5765f9e5f5805e381446ccbdd27274e4665de2e50e5 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-locale-l1-1-0.dll
| MD5 | 58f54ccdc55f6d6c8d62dc72d75ee063 |
| SHA1 | 2e25bdb7de5e9d320cf3439c8b6073b1952784dc |
| SHA256 | 556af10c9c9cee5ce7dab89a66693f41b50051bb39abb8365374829004cfe20e |
| SHA512 | f79bcf4098868f82577f3b985551198506359eff50681da925ef951a368b4d48470dae8d887d02985a84fb791036831b7b2bebf6c5b9a7c0701eaaf331609819 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-heap-l1-1-0.dll
| MD5 | 6b32d1060aade3b0d8b15b171f14d20e |
| SHA1 | 7cf40ea05eabf369f4889d5109e4c79df0322912 |
| SHA256 | 5847f24760d9b392264e02b00933e4e8cbed704238f24075ccdd0e2bef3fd86a |
| SHA512 | 93c37c39c2c46fba8a78f8019d123e6d908f5971d91af23ff9704c9bee6c8de1bffeae61dc7c4fae9398ea01764b53a19b9e7d8a47c7a032c3ae5392c0006563 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-filesystem-l1-1-0.dll
| MD5 | 14e1bafb694fb7c8671649eeac71ae1e |
| SHA1 | 5f0bfd72e0a60e01458ac522a79e6afc46bc1a47 |
| SHA256 | 1817be3001c47078676cc8e43e472efc95bc8a56f73dbcdb303036f6758be398 |
| SHA512 | 670ef8520b2c3d643deee2cbe3eea5697f575ebe132e5fcb1daf33423a4c9c74e721d10a24873dde238161a3228df7893179d37d957f904ea15e6d274512628f |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-crt-environment-l1-1-0.dll
| MD5 | 39150685e6ac8cfaf8cd6abc56a2be37 |
| SHA1 | 50dd3633db29ded2ea70056dbb96b42d4d7c542b |
| SHA256 | a6522d4ec322ba2d55704e5990d465620ab33dbcbf2716bbb1a5c0a997a4c800 |
| SHA512 | c082e7611e767f7650cd843b1c03ac10d5585698b68090a3a9d91cbf946699a797aab90fcfa750847b662502a5e407754fe7337d126b71734469c8ee617480c1 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-debug-l1-1-0.dll
| MD5 | 193ddd6964272a4522613a7dce90ff86 |
| SHA1 | 7a15245c775793ba464cae4826424cdf69655c7f |
| SHA256 | 326e33a52024cf4f16d717c74875b45f9d72ce5036e563ddc71163d092819e55 |
| SHA512 | 1e6366d2171d6a6c50647527105ebe6e6af8408f8c3542cc74e2984e847674289d3b7c6e541de51e989f09e3949e0f43a1c5cb239e308133294f597dae591df0 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-datetime-l1-1-0.dll
| MD5 | c1a0ac40b2cd7ca942c3d658e2c74d3c |
| SHA1 | 9a7411922824464c33f6d76ae9613a1a3801ea1b |
| SHA256 | 88d783199b25d350968b6ccd0c8240991587b7ae810c744dfa2ec62d8e9cb072 |
| SHA512 | 6ac0091c7e742145b159f8f3ff7da429a26fc2fa8049823469a1e8c27e962613f4112d5a3208f09db5c8cf25f4ef0105ce43b88e0a9796d5a663015df116035f |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\api-ms-win-core-console-l1-1-0.dll
| MD5 | a3236d23bce79fbc8984ff59f0bd350d |
| SHA1 | 376cf6356c8183de1b8dbc3611aa688d34552320 |
| SHA256 | 0086c2409ca8fca1b7fe42972b60f937f846e60a938a5989129f68b8b41c77f2 |
| SHA512 | fdd4c5589d91abfd61c198fa6485f40db04a9eeef41af4930e92de55632b4e6cd2ad7e412beb6b5c5b751079a6cac529f246fdbca73051d7dcfe85165f897de7 |
C:\Users\Admin\AppData\Local\Temp\_MEI11002\_lzma.pyd
| MD5 | 7447efd8d71e8a1929be0fac722b42dc |
| SHA1 | 6080c1b84c2dcbf03dcc2d95306615ff5fce49a6 |
| SHA256 | 60793c8592193cfbd00fd3e5263be4315d650ba4f9e4fda9c45a10642fd998be |
| SHA512 | c6295d45ed6c4f7534c1a38d47ddc55fea8b9f62bbdc0743e4d22e8ad0484984f8ab077b73e683d0a92d11bf6588a1ae395456cfa57da94bb2a6c4a1b07984de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9473d8ce72367bf7477c214a2999b537 |
| SHA1 | 3dda7ae0a166eafd543006dd94ce7240a2637b5f |
| SHA256 | 161dec1d92b3188e34b2193e3a33bf1c7f02475f08f4478b1648ff641c3c448e |
| SHA512 | 79f3faf30ea121dc097a79796098ec49cceae544f1f513b533dd9c82ffbbf3f443295d1b01644882b2324bc07ed99c5e6bd7c904e2d03ae6e0287b457ec39438 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4913ccdc8c20372d97abf175df4c1466 |
| SHA1 | d728e6abc60e12e52b257f89526df6cffec3cddf |
| SHA256 | 0658f890b3a08a1094dbe55bc949f710e421cf463300637618d1afe13b8824c3 |
| SHA512 | 776bd80ef4a53800fe364913b124991bf14c8773a186eee3235f1ecda3990688273ba2795c6a8d34aaef6e05b090c9439467aef8ee5251e9c7a07ccfb1a329d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ee77ee0ddce6df6a4cf39b6d19ea6b4c |
| SHA1 | d5407a3c365266b7a794e647bc17ed9e06b4389f |
| SHA256 | 79a078c39145a1dc1c27c15f05bb7a39bdaf7aec14fd85a2dcfd36b95a3f5b36 |
| SHA512 | 1841689b05aab9ba73ac48bb390c148e92d218b07da6b89bbec900bcb84055fe2080115545933d495f6e8f2506497af930fbab1c68cf65ff080f2d5a61b30eeb |
C:\Users\Admin\.spotdl\config.json
| MD5 | 28c66aac7cd4dd5ed2a117e2027b91fd |
| SHA1 | 46d2d05d60234dbbe93a26a0a1d5abeda6720e81 |
| SHA256 | f394c65845442dbad228e79d1dde29813f058b06a55ca7566ce61211c4054fe3 |
| SHA512 | 19160e8f0cc3c59bd06b0980c3e4db268c2c58fb39434f5693fcbc37d130313c9a09adffdc0221657c35f5f5a709dccc0b75ccc55e6e794063feac27eaab2d8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5b114f088f58698a1719afb74aac3a61 |
| SHA1 | 36e0bf06aa6b97250a841b6c83fa8957dc4dbc01 |
| SHA256 | 30ee5f1ba4a3d11ee8cb1df9e8ae2a285057853bd13111c12aead90a9fb31185 |
| SHA512 | 2b7959df61f780f2afd13db9de3454ba5c09cbc27de231a17b916b56943fb1288f126e70d65a05385add3eb3fd2b9ed3836f74851215447100a3dad3d1f2335e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5ce029041b7a16c84ed8cc0967b79e7a |
| SHA1 | 9280f5c6f62044a184ba8b232a4fba751c33b80f |
| SHA256 | 3e7f9e1e2e55880881853f3b9ad27274aa66492bfcfa0f6e4f7033920520e9ba |
| SHA512 | 272c9af34961d65afbe1f121caabf5a4e8770baf248d6a75b14bc07fb320e448917caa4c032104244be702008c29f401d506eaf997ba98a12d5071c4687fd766 |
C:\Users\Admin\.spotdl\dist\index.html
| MD5 | 78330d0bb29439a6c14a74c8f7780a30 |
| SHA1 | 8f65d4aa93ef08fe5f4fc4589d332844c1b97c80 |
| SHA256 | 87ddb87059d7649650dd390eef2d4cde508972ef632181dff868b86393cee2ee |
| SHA512 | d4d689746855e777c5bf8a777c9aa36563d15f52165cb07b9faede731863ef508bdc743cc22fc8357664d9fa7a3531d0e746a4eb2fce1a37fb45543b0009e831 |
C:\Users\Admin\.spotdl\dist\assets\index-CGxZV3ZT.js
| MD5 | 408151a77922aceb7765116803e4bf4f |
| SHA1 | c986c794dd30403581dd62c571e75bc6610ee3bd |
| SHA256 | 1cc7d6111cbcbaf9276bb339dea6d40a5248d31496524e7b5cd36e57ed012c83 |
| SHA512 | 82f14109eecdd63df23379528b6ec9b6adb1305d0e552aa8a9f88bce4939f3d6609bc2f038a392aec2fa6e29bcda509afd0c0dfeb2063337316fa6853a8dc96c |
C:\Users\Admin\.spotdl\dist\assets\index-BDDgGyM9.css
| MD5 | 79b6b1d673fee0c723c7b10e7315839a |
| SHA1 | 5b17a64674fb9b7fc2af65ca6cc581e9911e0743 |
| SHA256 | ebc092205ba6f574aa31dc59868e53b3430f612c6e47a642fbd6418811ae1fe4 |
| SHA512 | 0175b674c3dccfbcf6eb5270436438f7bdf1d153323ed7d06c4c7010270c5325fafe4f3cf6e4ec3c2818e12dd23f32c2be4f45d3ffc11150223d43763d0bc5ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\.spotdl\dist\favicon.ico
| MD5 | e115ccf71887568d66709308d0d9afcf |
| SHA1 | c660ba60395612692852bb49ef2c5558f6890abd |
| SHA256 | f0b70b22aa2020bd6d07657e526c15e1850e4cc3a1f904e0e7f6e03d475be925 |
| SHA512 | 7a994f023f4b30831f7cab25259eb9e409388cb6f6eb8adc9214ee7ba7c60e9c8f0f033619d71941c600b00a8310dac3719feabaf096ef19ae0e9596f850ff79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8b48bff204a83d681667f2f4bef11607 |
| SHA1 | 57d7568145317bfe8f896d7d45d0ed470337bfc3 |
| SHA256 | 42319e9a93789956255edc8f135597a4422646a4f69cd9ce471b3b9bcb626dc7 |
| SHA512 | 2ef36a3c1111598e9f32593f2b6057ff9caceaa70a01401fc24a888006932fb58a20b23b71aab4f63bdee33919e89873edc2ad91ae9aa5752e992b5f971dd39f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f5cd008cf465804d0e6f39a8d81f9a2d |
| SHA1 | 6b2907356472ed4a719e5675cc08969f30adc855 |
| SHA256 | fcea95cc39dc6c2a925f5aed739dbedaa405ee4ce127f535fcf1c751b2b8fb5d |
| SHA512 | dc97034546a4c94bdaa6f644b5cfd1e477209de9a03a5b02a360c254a406c1d647d6f90860f385e27387b35631c41f0886cb543ede9116436941b9af6cd3285d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 449abc8c66fdc1ae687adf34ee976a8c |
| SHA1 | 016123b6454a59c2bf7ade853d988f83b070f376 |
| SHA256 | 346cbec0c2ec0781baefe7c444b5b87a38bc75e4e641db61cf272db38619501d |
| SHA512 | 46961cbb0f6908e26bcfd4e49375b4781a701e10a32e253db240332137c6300e08dbf63c310fc3d78ab1f19932957e3344b327fdf88e1d3497eb812884f5f9b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8265b6279bae78380b5ffc3318b78a86 |
| SHA1 | 9d7e4050aa93a4de45e59a265958528080374019 |
| SHA256 | 65c9e945e5d30c4cf784ecb4402c5288abf083d46c5e8a1939cc441ffd2c5413 |
| SHA512 | 263d20f4744a174cb076c53083b62736ad9cfb7950495eb20e4266edab532082b7cfe25953c8d785278ff96e73774296c959208ad37919f022e9be64c8e2f07a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 42253d8594bc54ee1f73af99d36ff176 |
| SHA1 | 3b1f0e1819240aacfcf2baa2ba6e0c90fe8ce3b7 |
| SHA256 | c727d17856dc09451714d60b485080da1dae226c1ec796905cd046a209bac34b |
| SHA512 | 7b8db2c59c5b230f059ecb1a1a82ba706c2a8d9a2ee6241600142b5b41db880d9e8700fddbab7eb778592efb25f4fbf8737b1164ace39ab51117ef17856f4353 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6a800e69334ca2310d22a67a335afd2f |
| SHA1 | 9883cfdd0e22d874392ed871578b60f4101c11b0 |
| SHA256 | f618abacdced16176195323ec3781417a078ff81fc5485961c74c2a5bbf24c4c |
| SHA512 | 66ac53315d279fb891d44e4ba9921bbb257c18e8492ae4d7af7711a28af5d81d0eed1ad36c3560f57c6477f86b2dedd901dcc9b71b5f6f9b842cf518eb9a3e50 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\.spotdl\.spotipy
| MD5 | cdf3a2c558f50966d2411a75afa90ccd |
| SHA1 | 798fd24a1dacebdfb3777cafa533d2597d5e843c |
| SHA256 | fe0db35e32c6aa2c0b933a25189c5d0f08243786873ba82ffa694ff77d37f371 |
| SHA512 | 1eaca7b01a22fbf5da0b9577acb8779b8cd81d8be89f38af7f47fb0dea6a3d28c9d97f8942e9ea1309fb788264ecdd37a418b147079a254f1a092a9c7069653a |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 6e2dd918b2c22ec9d38424b34577d88b |
| SHA1 | ce9b5ec7934ace13a02d64f494ec8cf6de8ce5c9 |
| SHA256 | 037e7f2cd9d518cafd37f55edee61feac13b4dfdd35f67b41d7af525d93b7f0f |
| SHA512 | fe292b07ea0f7db690e00640f29b5cf7de32ddcdc887c24075801e1b7ad756e94dab31e297efff6c9def49ec3ac20e22c71ba40afb7e4fb75bf0678b64328eca |