Analysis

  • max time kernel
    108s
  • max time network
    110s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 17:37

General

  • Target

    https://launcher.chlebeekclicker.pl/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 8 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://launcher.chlebeekclicker.pl/
    1⤵
      PID:404
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=1428,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4504 /prefetch:1
      1⤵
        PID:3864
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3848,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:1
        1⤵
          PID:4364
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=5308,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5324 /prefetch:1
          1⤵
            PID:4908
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5464,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5476 /prefetch:8
            1⤵
              PID:1200
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5480,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
              1⤵
                PID:2464
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5896,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:1
                1⤵
                  PID:1168
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6100,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4800 /prefetch:1
                  1⤵
                    PID:1332
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6096,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6200 /prefetch:1
                    1⤵
                      PID:4412
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=6184,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6036 /prefetch:1
                      1⤵
                        PID:2288
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=4764,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6564 /prefetch:1
                        1⤵
                          PID:2836
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6792,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:8
                          1⤵
                            PID:1400
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=5412,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=4548 /prefetch:8
                            1⤵
                              PID:4456
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=5060,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6132 /prefetch:1
                              1⤵
                                PID:2172
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=6920,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6972 /prefetch:8
                                1⤵
                                  PID:1048
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --field-trial-handle=7104,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7132 /prefetch:8
                                  1⤵
                                    PID:3436
                                  • C:\Users\Admin\Downloads\ChlebeekClicker.exe
                                    "C:\Users\Admin\Downloads\ChlebeekClicker.exe"
                                    1⤵
                                    • Suspicious use of AdjustPrivilegeToken
                                    • Suspicious use of WriteProcessMemory
                                    PID:864
                                    • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe
                                      "C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Loads dropped DLL
                                      • Suspicious use of AdjustPrivilegeToken
                                      PID:216
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --field-trial-handle=7280,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5336 /prefetch:1
                                    1⤵
                                      PID:3424
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=7652,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7640 /prefetch:8
                                      1⤵
                                        PID:2560
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --field-trial-handle=6968,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7664 /prefetch:1
                                        1⤵
                                          PID:3252
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --field-trial-handle=4884,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7712 /prefetch:1
                                          1⤵
                                            PID:1384
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --field-trial-handle=7120,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:1
                                            1⤵
                                              PID:748
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --field-trial-handle=5416,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:1
                                              1⤵
                                                PID:3756
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=7752,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6784 /prefetch:8
                                                1⤵
                                                  PID:1716
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=7772,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=5700 /prefetch:8
                                                  1⤵
                                                  • Modifies registry class
                                                  PID:3568
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --field-trial-handle=7760,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=7324 /prefetch:1
                                                  1⤵
                                                    PID:3220
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6224,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:8
                                                    1⤵
                                                      PID:3724
                                                    • C:\Windows\System32\rundll32.exe
                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                      1⤵
                                                        PID:2876
                                                      • C:\Users\Admin\Downloads\ChlebeekClicker.exe
                                                        "C:\Users\Admin\Downloads\ChlebeekClicker.exe"
                                                        1⤵
                                                        • Suspicious use of AdjustPrivilegeToken
                                                        PID:3424

                                                      Network

                                                      MITRE ATT&CK Matrix

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ChlebeekClicker.exe.log

                                                        Filesize

                                                        2KB

                                                        MD5

                                                        9fc9901ccf928631cdecbd3ce59c4e7f

                                                        SHA1

                                                        96a2cea5acd6a724019fea78f6fe1bbee63f12db

                                                        SHA256

                                                        708554f8c886284af93ecb6e1d1fc1329cd45a0725e5532c38579361011f5a93

                                                        SHA512

                                                        e3b21d3ab9c5774cd8681c27be974cd4f9cef579a5e34f7db6c4002a5c8b3ae737f62d4d7224d31b86c2346aa2d73431c738b9ceff5aace3bf0e2962c86a3dc1

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\apple.png

                                                        Filesize

                                                        411B

                                                        MD5

                                                        92db5a641f687c92eb6f74d8fd71b9de

                                                        SHA1

                                                        e1060ee5fd285270b6772bcea5673c95eb7e7765

                                                        SHA256

                                                        d3270615d87067d48f4cc661652bd14a99843a78b6dae32a36871787564244eb

                                                        SHA512

                                                        eea249c4764265eb6008d268eb1d1787627bbbd8b0054f44c3edb6a0d386b4dabbe310cd88cba15d6825de54f6f9faf0d64ddbfa72c50cb092dbc7e62f04ed06

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\book.png

                                                        Filesize

                                                        352B

                                                        MD5

                                                        64fe056c95cea27c989ac56bf22bf116

                                                        SHA1

                                                        4df534939a0bd8d11fa37cbb092754f805027bf0

                                                        SHA256

                                                        f85fbce67dc8c74bd31e843c7f8d18c1aa91fef478c74a05a47640a8cde304bb

                                                        SHA512

                                                        b0f963d2f9076b25004b5ab73b3b8bb97a83f2ac0e382172adfd2f5debfff0d0089fa52d4aa295f1e485ba50c739750cd4a9e5b662daaeea62d356a1cf5dd727

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\bookshelf.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        85998e721864417ab02211bf1a2aad3e

                                                        SHA1

                                                        f3dd93bd00b067b50d23ea14b11c94c9fc950e7b

                                                        SHA256

                                                        41e06a768fbff49eb906b6aae2fa8cb2b6d476948fae8bb855bdcd76cc2fc0ef

                                                        SHA512

                                                        8629a7038551b3b45ebe0ca17b806202ed63f7618622950e44859989233da92b787b7f9efb9557008593073293e29f75f9142e3cbd9fdf5b4c80f03fae68edf0

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\cactus.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        44798b49d72a899a2011529dc978b1d5

                                                        SHA1

                                                        895fec6e51fd68d227d64882ff47a54c0f0e528a

                                                        SHA256

                                                        23c6964ffa21f9754e1880baf1920117c70af0125ab5dc69cff783c7bbb43768

                                                        SHA512

                                                        75e10da88a0dbae9a4c2994a1858cee1feaaea76ce5154313a4479baf0db8875f2076bef76a2ca6f71aacde66d523b9c2c9af29a6791f439627bd85edb561bf0

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\chest.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        978b9b5c3beb4d660342dcf60bc88238

                                                        SHA1

                                                        8422efee22c84caef2c0e0f60c5ecdb90d1a4a0a

                                                        SHA256

                                                        1641fbd3aef6ed89e5c59e55b23ebc2f5678ce9929a9559702449ac2c22ac0d5

                                                        SHA512

                                                        912eceba44c053bc380310c4dfbf3f5a20dafb88bb70574c25c0572b42b729299345823277538df090bca21d9c44501093a88baa9fde85f8cdf7b728bd8e690f

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\diamond.png

                                                        Filesize

                                                        375B

                                                        MD5

                                                        afad6ac77201f06af90310c9705cd20b

                                                        SHA1

                                                        209886cb88aba22fa674461fd50d6c2df87a12ad

                                                        SHA256

                                                        62167844410cbd8b04a7eb772f97b3c2ab8d9ebec814ca49dbc3a8e3f2b8e1ea

                                                        SHA512

                                                        42d1fbf3ddcaf94418c8455ab04ab87942b3075e59007c04132fadee411a96ee808e82623454c9955e84908fe72b3a222ebe1c70d379c04bb50c787e8dd68f8f

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\diamond_block.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        ecce272b9c9ccefbe8aa0488bd397db2

                                                        SHA1

                                                        4c8936b21cb2ab38627ea962ed0d0528935742a7

                                                        SHA256

                                                        919dba5a40f203dbe8b46d516ba48b8c8962bb2a8ded945756e332145378254a

                                                        SHA512

                                                        dee09e32b205a3a0107392aa893aedbee7b8134018dffb458dd456d637905b9aa62efa9a84f3e0d7c3cb4577095a1ba526b3700c4e96dd217131898dadc131d1

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\emerald.png

                                                        Filesize

                                                        491B

                                                        MD5

                                                        8f5df2afc9ea304279521ba6f996f806

                                                        SHA1

                                                        ab803b92aca7a016a9622603c5535738c92a2956

                                                        SHA256

                                                        a482a71c7d57fe975781215190e4063b51afe151be92f5a5fd9ddd4c0a1d270f

                                                        SHA512

                                                        74e7b68680779e35ad5d37589af7ce65122d4e67f8c22489c49983310c9fa104c6f4854bf3a7eaeb0212cc64dcf454bed76d0d029f36dadecffc99ac8a113581

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\emerald_block.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        155c45ecf7dd34bcdefe95a252bb04ad

                                                        SHA1

                                                        ff4f232bff1b6ffad65e50e675803bc177d9c3b9

                                                        SHA256

                                                        bc8bb8ef96a6b914c4cc9e1c33346f4991905592ca1b58b0f9b907d2a6231fec

                                                        SHA512

                                                        8b9258261e8f95452e331ace3c794579e6822fb1fa433493b5c68c0a9354dfeaa55b9f359c9d5ed095bf2bdf265ef297c6a3e51ccf8dfe70df662ce26a0b84f7

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\ender_pearl.png

                                                        Filesize

                                                        338B

                                                        MD5

                                                        f2132d4598781a0165c861d2f797606a

                                                        SHA1

                                                        2538df57600191db4d2ca0d1ae097d0832fe1bfd

                                                        SHA256

                                                        1455df6d49173e28d1ef00f26c7295ad6e61c4dc1855c24a434efdfb37f0f785

                                                        SHA512

                                                        60d3da4e681fab099d5ed2256c25c0c943793676dc3eca5eb74a16beb12552e6f19e971efa37e830912afc9b82ac988d2646f1bdb9f31c3ee6cddda0b9640bc5

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_block.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        00a2ccd3b3d5aa63668d344b5e714778

                                                        SHA1

                                                        d3894e73206c3a72fed2ab158224489e86e80e05

                                                        SHA256

                                                        66515d8632a17d8dfb8db907ad7971abcc27f3c2a85b26673374a8d44d37365a

                                                        SHA512

                                                        6c4b16415871e34af4bd8b8cf25e108e8321b4e03f068b14f3624c2d65a00f122344699e3b4d6edbb7c8b96559e2bbcdf91573f89ed5d167e44f3d5734ae6368

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_ingot.png

                                                        Filesize

                                                        321B

                                                        MD5

                                                        eea2062d3dc06ef0234c65e28b2a6c16

                                                        SHA1

                                                        8d783d5d48319c8e0f939c5aaf43f3d95c9a1c82

                                                        SHA256

                                                        e1ceb6788ffbc6d745e256737a47ea732d1e63819cef75e4647642bc2e92d105

                                                        SHA512

                                                        d80ec3f7793ec800fa05ab4e048b441f9cb4c78ef3aeced48d9f3afb9c62461141ba56f740f4e580c8aed9908b5f5aa2a9c55b75333edc24635e9bfd72fa0cb7

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gold_ore.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        f66294930d33b804248defce6d2043ba

                                                        SHA1

                                                        3ffba28a40e162ac1f59fd95313e9a46ca2f73ea

                                                        SHA256

                                                        f90814bd972ad02c466456b8664f312c2039b3eb6b8df0f370f25982e91856cd

                                                        SHA512

                                                        1dd2748c1e2fac5dfe490f4d22acbef66fb6ec21c16ee8bb092c8c4162378ed0d0a9853668047e9c61447b102a8cbaebaaff8499af4cdbc951e584192134ab42

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\gunpowder.png

                                                        Filesize

                                                        273B

                                                        MD5

                                                        02ca409664ba047021f8136464ac8c52

                                                        SHA1

                                                        8b93b88f5dcda23597d50a48e27bf01243763e8c

                                                        SHA256

                                                        84b83bf91d13beeca02825173ddd3df350844aea6121ccae5bdfb012f051b544

                                                        SHA512

                                                        eb2bf1479e1eaddee2631d22de790743dfebf6cb4e6ae0233dafbf939c500ea0f9a0de7f5fa8686307d3e4df570fe3567f87bdfda080a0ca964569dce1274692

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_block.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        6043c50efb0b2cb52434fe024d0cacd9

                                                        SHA1

                                                        f8eead7b1cec7385ff052dc75985782d083b39c7

                                                        SHA256

                                                        4bbc72dc951c48860fa7d1a129eed2106e0f2339775bb8d03182a8816c760609

                                                        SHA512

                                                        11ee469270667889cd40e92981c87b23522d2964eb80d3ef323287385474280ddb416efa82a933968627021290ca28c447f539cc1857e31d7cfb66f44ba42738

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_ingot.png

                                                        Filesize

                                                        317B

                                                        MD5

                                                        53ce17b2f17d1ae258fc94f3ed71102d

                                                        SHA1

                                                        a0db8cbc9d1c1fd365058d1cb878a3fbae70444a

                                                        SHA256

                                                        d72c09f22add35e813047dd799e2fb999ee58ff9924768418628f3c79faaec33

                                                        SHA512

                                                        e706a2d2131d925b1d17bed23643fe7734fdffdf477d445db54d8803711d288d2a6c38978850c24e86d686c65d3cd66f6aea9ed4f8197f1d5bfedfdc993bd4c9

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\iron_ore.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        16e7c584e2f0aaa47ac0511c7f3ba260

                                                        SHA1

                                                        3dd12e74d8d7c8f4496b8b13c6a48084086fde98

                                                        SHA256

                                                        c62e8e8313d93151eb4c17d65afa388329fac3c5018b6dc602f5adcade87f901

                                                        SHA512

                                                        e69ecb358b64594c3b830f40ecfead08f18175f20539caebba67f79a133a5e0b160ff387e6078aaf324dd8e4edb47f526d8920c3eb2e5899d6654ae8395cda7c

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\mossy_cobblestone.png

                                                        Filesize

                                                        2KB

                                                        MD5

                                                        d61fb1cb2e9110c3830b7a006cffd1ce

                                                        SHA1

                                                        8e59f3d309770d35ec210a69a0e434226c2d27c1

                                                        SHA256

                                                        22a086d50cd17f900920cc77899fb8900173e86d4e29e0a65501fc7cff19d2b3

                                                        SHA512

                                                        f0cf0c3617dd7298d6bde517b15ee548d35d72d42abb58231666e64abfc5b159e5cbc91b205c32e6294bcd91f853013055b3767bcf1c1305901a700517370d8f

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\obsidian.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        094315e9755a5e6eb573bd9df7e8cb2c

                                                        SHA1

                                                        58668fc8af6c94a5376258fe5b1aca8230151f5f

                                                        SHA256

                                                        636f7bf71c3a77b69262b5c7884033cf9a6666b03a968632c689f742ed3089db

                                                        SHA512

                                                        6dec548ac96d3a0b19905add72cbb33cae30a571264b0c9a7957326b2d5292092ca8fd189d2b7da002dc0e174f068251b23ff31bad72064c17eea9c9f4f80b11

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\sand.png

                                                        Filesize

                                                        2KB

                                                        MD5

                                                        e210753a3442b9c5f2cdb2dfe22b9a9c

                                                        SHA1

                                                        9ea23583d8c6f5a86b0fa7f362139a9fe8b5c582

                                                        SHA256

                                                        19cb81359b09fc5ef7e4110a333e24eab511fe2e0059caa5757b3e72d62958dc

                                                        SHA512

                                                        7e2146b14122adf60b8051c7620e214e0993c55d903b8e99e2d70b54f6c7d607ce11bbf96a1f2e3762fb52f8277e1a46d1f34b4c74f8a79de71d60fd10e558f4

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\tnt.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        6e19a4abd0daf74b54922bde20bb7a3b

                                                        SHA1

                                                        4e94c26df8b8c3fcd921e5f0393c2959bbc5b775

                                                        SHA256

                                                        6a8cb3bdede6e500d9d92d8bb1c7b6eaea24589496fa73f9736740d6956f846b

                                                        SHA512

                                                        e82d39c961e5db132a4c87d52bf48a8e28f4579b2bbcbcc42d6c66e342158338518710cfc9dbf17647a74a0d1856cc6749a18269626fb33f8c50eb795009ab44

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\Bloki\trapped_chest.png

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        d123578d983a96effb96d71d7433e8b9

                                                        SHA1

                                                        088a9d8798339908d4a7a362cd16edcedd54cc2a

                                                        SHA256

                                                        7efcea4c8ec83a28392f54b8331bcf6100e47ec0850da3e30d8e240c5f8f369e

                                                        SHA512

                                                        0c5c89c44ee17a2d431c693a67ad4f4533b3e526a2645182986319533288907f68362b0b12fd8663a4831637f103dbcd1d52d043a173526380f6589ab83411b6

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekClicker.dll.config

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        5ba77878f86cd71dcf8a9ac8082515c2

                                                        SHA1

                                                        a75eb068ee86d8dc958818c49f0b5d99824cd849

                                                        SHA256

                                                        f373e20c832a72997570cca0984a97cb5675bfb0111dca6f6c4a8acc0a91e0e1

                                                        SHA512

                                                        1bf082254df8cc8199466b847e98b69c3a407187d94a7fd8493f0bf1cb5791125e73efd67874ea84ddd619004fa26116a7cb087be14d1d04027e1c4d1cf540e1

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\ChlebeekCore.dll

                                                        Filesize

                                                        149KB

                                                        MD5

                                                        a770736f3bae216941c87df55a22b5a7

                                                        SHA1

                                                        4aebe1792ab45f9cf2600d6e2e65867ab0bd6700

                                                        SHA256

                                                        2be7c068e9b03a9e90e503c63d557aced1d778ae45ca23ade439cbdef01f0479

                                                        SHA512

                                                        f2fddca8982e566f5d56cc5124fc65d575a62569d75d15b237099a1e3b7c62376f40771f461fcbdb8d105bca6346c00a75763a93da3fd931a60d7e7d1e613c65

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\D3DCompiler_47_cor3.dll

                                                        Filesize

                                                        4.7MB

                                                        MD5

                                                        03a60a6652caf4f49ea5912ce4e1b33c

                                                        SHA1

                                                        a0d949d4af7b1048dc55e39d1d1260a1e0660c4f

                                                        SHA256

                                                        b23e7b820ed5c6ea7dcd77817e2cd79f1cec9561d457172287ee634a8bd658c3

                                                        SHA512

                                                        6711d40d171ea200c92d062226a69f33eb41e9232d74291ef6f0202de73cf4dc54fbdd769104d2bb3e89dc2d81f2f2f3479e4258a5d6a54c545e56b07746b4c4

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\PresentationNative_cor3.dll

                                                        Filesize

                                                        1.2MB

                                                        MD5

                                                        61d5bea0ec706ff402f9793b46d10f8d

                                                        SHA1

                                                        60e1b35590cc507994c602de8cc9edac9ebbf405

                                                        SHA256

                                                        06fbc002e01111fefdf2153961cb715d71eb6ff9c86630511b1722997b0847a1

                                                        SHA512

                                                        8d1d3e3e8a38361ec487118db585be6dc9d16854eca01d1490590903c603af69d7890761ca2904f35678dd9640624873f96cfbc14f318a81ea063d2a42b3065a

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\WinDivert.dll

                                                        Filesize

                                                        46KB

                                                        MD5

                                                        b2014d33ee645112d5dc16fe9d9fcbff

                                                        SHA1

                                                        aa69498562d350f2de06954b133e59fac1e57002

                                                        SHA256

                                                        c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

                                                        SHA512

                                                        37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\libcrypto-3-x64.dll

                                                        Filesize

                                                        6.0MB

                                                        MD5

                                                        d36c59bb1d520154398d5827e37a84cd

                                                        SHA1

                                                        0b93178fedee13623f9faccf643347e4db917dd3

                                                        SHA256

                                                        d57af867f90b9ee52170d286a35993f57906059ffbcb4b2d5c9eef80a594080d

                                                        SHA512

                                                        f4a05eb0953ebb2aa7b0acb3c9033530b6d6c145a7a0d76b0463850a1c3adfe14de97db2b467fcd2bcaa8bec7cc3de95f25a7420643a3b01695bca8681790433

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\libssl-3-x64.dll

                                                        Filesize

                                                        1.1MB

                                                        MD5

                                                        2d327ae980275e96d05de72d5aab526b

                                                        SHA1

                                                        dd5a145d57720f73fb68cc1ffbf6f535eb2e5c7a

                                                        SHA256

                                                        8f8445ef584c3a5722f6871c9d756be6a597e2130ba5eab127bbcac144184743

                                                        SHA512

                                                        af06c30d90a118d878a57dfecfcaf0ba454340c7455923b6e12a8b82b8d6f3fbcceda2a0a5ce769eac4053f9c610422326093ecb7ac6f3d4968f3a6602c6ace7

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\vcruntime140_cor3.dll

                                                        Filesize

                                                        116KB

                                                        MD5

                                                        be8dbe2dc77ebe7f88f910c61aec691a

                                                        SHA1

                                                        a19f08bb2b1c1de5bb61daf9f2304531321e0e40

                                                        SHA256

                                                        4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83

                                                        SHA512

                                                        0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655

                                                      • C:\Users\Admin\AppData\Roaming\ChlebeekClicker\wpfgfx_cor3.dll

                                                        Filesize

                                                        1.9MB

                                                        MD5

                                                        b228a7b107355d1aa376ee7d95280fe3

                                                        SHA1

                                                        dacc2f058018631ab5fbc553e9d361daeae32980

                                                        SHA256

                                                        1b00d3d583934dea4be4dc043fb630cebbe0be4cd400f874f626f921e823c035

                                                        SHA512

                                                        554900f8e542dd87a7a38706b70220eecb6cef97162c50393bfe430385c6663aac39dfd1044d9ec17d78320683a756a7bb25420da482faa5494cbc6f509c56f1

                                                      • memory/216-141-0x0000000062800000-0x0000000062813000-memory.dmp

                                                        Filesize

                                                        76KB

                                                      • memory/864-2-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/864-13-0x00000000010B0000-0x00000000010BA000-memory.dmp

                                                        Filesize

                                                        40KB

                                                      • memory/864-6-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/864-0-0x000000007516E000-0x000000007516F000-memory.dmp

                                                        Filesize

                                                        4KB

                                                      • memory/864-5-0x0000000008B30000-0x0000000008B3E000-memory.dmp

                                                        Filesize

                                                        56KB

                                                      • memory/864-4-0x0000000009CB0000-0x0000000009CE8000-memory.dmp

                                                        Filesize

                                                        224KB

                                                      • memory/864-3-0x0000000008850000-0x0000000008858000-memory.dmp

                                                        Filesize

                                                        32KB

                                                      • memory/864-7-0x000000007516E000-0x000000007516F000-memory.dmp

                                                        Filesize

                                                        4KB

                                                      • memory/864-8-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/864-9-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/864-102-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/864-12-0x0000000001090000-0x00000000010A2000-memory.dmp

                                                        Filesize

                                                        72KB

                                                      • memory/864-1-0x0000000000610000-0x0000000000696000-memory.dmp

                                                        Filesize

                                                        536KB

                                                      • memory/3424-140-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/3424-11-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB

                                                      • memory/3424-10-0x0000000075160000-0x0000000075910000-memory.dmp

                                                        Filesize

                                                        7.7MB