Analysis
-
max time kernel
93s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
17-06-2024 05:52
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe
Resource
win10v2004-20240611-en
General
-
Target
2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe
-
Size
6.9MB
-
MD5
dd068a3f36ce57c80e9338013bd05d2c
-
SHA1
d92a0a5a52dbf140116401b14b62a0b287e04dcc
-
SHA256
66b8e293e759e973ef46c07996f80d7ad3607e66868d138ad165d93561f07d49
-
SHA512
90ead342162a2a47c17c59028e01f1b14bbf00743f4439ff0b95e86685a15774fe1bec60cd75da3198e016d76e72a4b0f0b51f2279c99a8b0999a90ee30a1df5
-
SSDEEP
196608:MyN+ndNoOUfeQsg6IrK9ob+RqNEVJuM9fpdi0:MBdNorWQsgb+pVJuMpp00
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 3 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000\Control Panel\International\Geo\Nation 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe Key value queried \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000\Control Panel\International\Geo\Nation ServiceStartMenuIndexer.exe Key value queried \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000\Control Panel\International\Geo\Nation oct36C0.tmp.exe -
Executes dropped EXE 3 IoCs
pid Process 60 oct36C0.tmp.exe 3352 ServiceStartMenuIndexer.exe 2248 ServiceHostAppUpdater.exe -
Loads dropped DLL 2 IoCs
pid Process 60 oct36C0.tmp.exe 60 oct36C0.tmp.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks SCSI registry key(s) 3 TTPs 4 IoCs
SCSI information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe -
Modifies registry class 60 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-159#immutable1 = "Programs and Features" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-7#immutable1 = "Change advanced color management settings for displays, scanners, and printers." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-1#immutable1 = "Credential Manager" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-100#immutable1 = "Mouse" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." ServiceStartMenuIndexer.exe Key created \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings oct36C0.tmp.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" ServiceStartMenuIndexer.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ oct36C0.tmp.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-1#immutable1 = "Network and Sharing Center" ServiceStartMenuIndexer.exe Set value (str) \REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" ServiceStartMenuIndexer.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 2488 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe 2488 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeShutdownPrivilege 3352 ServiceStartMenuIndexer.exe Token: SeCreatePagefilePrivilege 3352 ServiceStartMenuIndexer.exe Token: SeShutdownPrivilege 3352 ServiceStartMenuIndexer.exe Token: SeCreatePagefilePrivilege 3352 ServiceStartMenuIndexer.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2488 wrote to memory of 60 2488 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe 85 PID 2488 wrote to memory of 60 2488 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe 85 PID 2488 wrote to memory of 60 2488 2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe 85 PID 60 wrote to memory of 3352 60 oct36C0.tmp.exe 86 PID 60 wrote to memory of 3352 60 oct36C0.tmp.exe 86 PID 60 wrote to memory of 2248 60 oct36C0.tmp.exe 88 PID 60 wrote to memory of 2248 60 oct36C0.tmp.exe 88
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe"C:\Users\Admin\AppData\Local\Temp\2024-06-17_dd068a3f36ce57c80e9338013bd05d2c_mafia_magniber.exe"1⤵
- Checks computer location settings
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2488 -
C:\Users\Admin\AppData\Local\Temp\oct36C0.tmp.exe"C:\Users\Admin\AppData\Local\Temp\oct36C0.tmp.exe" /S2⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:60 -
C:\Users\Admin\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exeServiceStartMenuIndexer.exe /PRELOAD3⤵
- Checks computer location settings
- Executes dropped EXE
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:3352
-
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe"C:\Users\Admin\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON3⤵
- Executes dropped EXE
PID:2248
-
-
-
C:\Windows\SysWOW64\DllHost.exeC:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}1⤵PID:4612
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
10.6MB
MD5975e50a6a7987c4daedb504fe99a92fb
SHA15373cad041a4f508315aec0aa1ad9cc2e095dfc2
SHA2564b7b6fef62293e81f274b496068bc83dd06b7cf9a21cbf3be6efff6029b44872
SHA512c351a77d06bafce1adc4226fb283cce9ac28bf6de2bdc41c5835a2eedc30c72e3f2c360746f501991d05b8fd7b05f61f3c5d7206881929fc0dc49db514823817
-
Filesize
2.9MB
MD5da1032987448c5271e1d90e39ee991f5
SHA1df9b8780c10de47f8c829f419ac107c7d0677682
SHA256d8cae77dccaf4c3eb1e943f257204bd09084d810c90ad90ac20c318e4261e80b
SHA51278152652ada500216f755ea8323a630f8c92b3894e21bfc298915df31eaab5f88723a3d2276f81635477bdc217306812220b5f5385a4075816c9992c45a63c2b
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017a52c6d11ef9d11cacdd8b22a4f.png.compare
Filesize846B
MD5d495e09bd9899c0410c4d67aca1192ff
SHA122e0eb07a794c1fb2fa7127f2d6e30685f9b5f10
SHA256f90e336bb5f46bdbd6144e81daa57af8eab0f752620c0cbd151b45fed1bc34b9
SHA51202e188ff6c076f550d4b676dfa77a6da31a412c27f9fb09766f88fa56a7652fada23a7692e708f26202ab5110a12ad78eb6bad958354fe65e0a9691c1c4f0c75
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017a92c6d11ef9d11cacdd8b22a4f.png.compare
Filesize531B
MD59d3a7815aebefca02c1fafb0b7fa87cf
SHA13052ad2feef0b2d211b51c8180e8f77782aeccfc
SHA256601333277a511e3e079cb71acf743419496a5e430f89cdd8b0cc93cde9e8f8b0
SHA512955f651b805fe7db0cec8a6970f3dbc466e711c8ff0150b9d744f53ee905d8c85b8f811dbf99b1d60b1dec32d09723229b0d6611d9ee377743a4fdcb2638cd2f
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017ad2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize614B
MD527666a793fa11760547454944f089546
SHA1a3166a4a1a04891d2a30d7988f6ae2be5b5608db
SHA256b14f658cd0f545e53148b65dfcf3b9630ef2af84cbafd6bfa48f8c165a2500bb
SHA512b56ebb454a360ee4bc65e655adef136a1950a015f136b756b8059c5bc13e8df7914045582a5741651ac6a80f3ba35c6801b92a106fd2020caf1f444104b64a25
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017b52c6d11ef9d11cacdd8b22a4f.png.compare
Filesize802B
MD5df7a4fa395ad23842a01a678994b50d1
SHA1aa88706aff04026caca74dc352c568cf4c92fcf9
SHA256ccc44bdcea482f2f2fd89c6d350071ed0e5879fe46693a0dc5792192c14a9178
SHA512e5dc4c54821990825a6eb9c415519a38f4c5a214a7a55540a4c6bef7aecb86137e4bbbc70026707dbdde4a3e30f5c4ed825b2a0b5c594c5f5e15e632351aaaa5
-
Filesize
662B
MD524fbc352a44321963d09c74fb30e9f08
SHA171fbbd923882741a17f35656231f836c59b03da4
SHA256d848fbf20333fb1f097e7402a27e281e6109f8c1aba3f598b66e5c83dfedf30b
SHA5121edc6a5ca9e4d1227b8ebfc79a6551c7f87dcce13b9981f57100ab482b4bee375dd653ac4245f3fdd83d13236819f62ed21ade3cd503c9ca35e9a6cedc4b4240
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017bd2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize627B
MD509179b2a273b7d279068f570027a43bf
SHA10f7d5c0fc142df7819d9bbd17fabc5edbbc61b1d
SHA2560af2b0f377e2f51306f6f8762d606944bd73aee140798c9454ad30cf9658a5aa
SHA512eef7c4cac7990e22619bc7aa883f686cb8e832177749c3e7cf63b678f37b4bd67b77077639826fe115651622deacda80407f68e9a52853434be24103c375acff
-
Filesize
303B
MD5409f205360f9aeadb925f46f4f2a5ac7
SHA1118b94885125d199ca27b32ae5d30e51f867d26c
SHA25603799be4d9b5c71541905081ce2313ead4bad19b92a2d2424bbbb1439ed5d04a
SHA5126a476ef92278c1d996f0b604947581faa1ec43d11e2945f7dbaa73f7d76ef621238fd9bce56c16718767f236de9a281838a7206e304b0efaba487604bc0815c6
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017c92c6d11ef9d11cacdd8b22a4f.png.compare
Filesize898B
MD557659d81293e851d6211392ced456e7a
SHA14556b8958edc41aba8f64ebb3b0d9674c6348db5
SHA25683d8869e2ea0de994d785bd482a522bfbb23bb3caac44916f0697aac2b4653cb
SHA51274ef58fd0c405318ae570ac73bb82706c520627ef1aa9782645001ff57145118f27b73a3480b6bc5e4c5cc13413fdf99ce004f03880e8c74129160878645d7d4
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017cd2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize816B
MD5b20e9c46a6c3f312c67194f6f3665d0e
SHA1c3050b3226a28aa90433a6a2ac524b22d8a03458
SHA2568a74bd7bc15a20012e176233f407789e036cd979017e42bc0d3db93a7706cf1a
SHA512e6ee5ff1a86a809c0b57543325e6a6157f9458e391db17dc4b5482556b9206194f30658a572db9e0535c7063e3cfc55523af9b00307f3c52deb35e6bd02de0fd
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017d12c6d11ef9d11cacdd8b22a4f.png.compare
Filesize526B
MD5a63c60af2e9a1ea35a80e93d95a25bf1
SHA176fd06bccce4fdda8b3a088b7d22d2a8017ad53c
SHA25660f1134cb1b26e89894a127eeff8579dca3a25dd86af5ca7bd03dc9602c6fd70
SHA512a91558a60260c19e35ef76619b13214ae017995c14c4ecf3144717ee05e0a3bed2b0f66a9d192260fd88563931f83cd5de72e531f35e1d6f41599f1162d741fd
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017d52c6d11ef9d11cacdd8b22a4f.png.compare
Filesize449B
MD537e050bfb1f28142eb03a3f8b5790925
SHA18d59237279dcdcc706c1fc040043fc39aa10e21b
SHA2564d2e1151e591ede48d31ccdf4c982abb5424733325a91c3190e87752d4363282
SHA512eee941ece7fadb2f1371bd7a3f85869e21b2231d8691270f922b9cf7732903bd2531b31b9054066f1e595d96836f04b198d977f599eefbb66c5cec51172f2206
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017d92c6d11ef9d11cacdd8b22a4f.png.compare
Filesize379B
MD5ded7c6e8b9868e660d490859e69efef2
SHA1cc045e91f0ffc9f182c8ead8ecae069680fed42e
SHA256f0376d903299f9a81a5d002870630f94d0bd90866a201c01c0ff79d6f6cf94c0
SHA512f231e17b1c8edf764fd23160bf0f87288e5fe476d361e57fdaa697bf844f2bf781eb5fb50c8b0b4d2f7e37649b0a532aed0c9829c6c3372a0f38a6df80747663
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017e12c6d11ef9d11cacdd8b22a4f.png.compare
Filesize888B
MD55f916bfe3d914b43934342c8481d227f
SHA16d17ed159fbb62f768da8cb5d6c123527e95090b
SHA256640170ca50156b97a584baddbb81374e3b56f37c5db32605351b8886de56eaa6
SHA5125415fcb1ea840320b4bd2dc108e9ad2ea8903ce5cfe1deeb6f0360cc323efd6abebde188eb541ec84e6ab2c1524a274a0754199af2ffe47eb61f12a6cda19932
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017e52c6d11ef9d11cacdd8b22a4f.png.compare
Filesize742B
MD534502e147705e3e2fddb6297236816e8
SHA174ee02c9f7aeb5c49cbde7bb324c4b458e72904b
SHA25624a3a9042e1ee7719307850ed29a4359cd7d9a0ca08d76af047282967bd06bd6
SHA51276e053593fe9b11efdcd41ef8e87ee5e44d79a12dec5f8f0a8df8afb9dad4c594c4e8dc4455d8b92e1d6f6593833aa7824464f14b79cdb13d9d3a0538f0fa20c
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017e92c6d11ef9d11cacdd8b22a4f.png.compare
Filesize363B
MD50c47baec3f396891e4e2e8c29ebf666d
SHA12e4d55e5dcfd5cedac7b6ab6c0ae65b4649863dc
SHA256a3832962dc8ec8ce5b14e0318b5f023c77b23909f21f931f5b4caa13b0f20675
SHA51207abad8641f73a0b188eef06cddec23f173035e68b60b96552bbff9060d8e6130b4c8a0ae8366109d3346987ea5298222be59b4d10e9f7ce1ad01fb956fc450b
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017ed2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize600B
MD546f8418c8fff05fdfaf6e1dc11c6df14
SHA1de93b619e6838789e14e7b243b6c9eb4028b5209
SHA25629dc4d1956e5874ecd46aee57fbd5fc9156e6fe921c9029d7d32534ebcc15757
SHA51208731185412cf5ce26c34f387db85337a0a233b67f63cbab3081f050225c82d85921a31f2b520fffea0d2c562b88bfb09d8d1489f1e36573e41f1c0cf9d298bd
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017f12c6d11ef9d11cacdd8b22a4f.png.compare
Filesize836B
MD50c618eb7fc772cd238017e84a21a88a8
SHA1d7ed0c390500bc6869a507cc6dbf3f729aac887e
SHA2561e3a4cf80be3b203f1c2037b9dd940731d6a2b8f1709ab04834fea1e53220812
SHA51249bd1921746a7ca9b83c9ce191e602387d2d93a798fcbd9342ab315dda7eda7b3cf9a7698fd7ba1e56c87d51289a5b3a18d0820f4b5ab104dd76a90e062818f6
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017f92c6d11ef9d11cacdd8b22a4f.png.compare
Filesize687B
MD5ef19dd8f73bea37d9e28e8cd85ee4e95
SHA14ef634e974a59fe976f2c2ec2e092f5b55bda9bd
SHA25693b3a0f4e4b3da6e8af72d93df7785d634f0d0d2613fe000e84d422b85230987
SHA512e9dd565c2c400f0136fe6978c9afecaf00a309263b94eb23fbacaf9c46cbc8fdd65c798653a8e4266668c287bef5144cf8cb62c1db146de73c6d27512897d141
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b017fd2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize603B
MD5a8320db85f8650a85953d8f375f31d7f
SHA15051406133fb903094334d2a44ff3ad35d89f240
SHA2567c4c73eab72c234b1220bac99a4b62d5ae23455be5740d4d6e0a07ee8617e1dd
SHA51223b7f7fb767d597b189aa819ab54377122704467d0b725ca18208c57e0de31fa9254ecb0fa094e95d764d5a78aa1ca7a960a4268fa7de469bdd7e302bf26d750
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018012c6d11ef9d11cacdd8b22a4f.png.compare
Filesize903B
MD5e418610d2901a954c45ca7d8d14def94
SHA150add435db112f4633f05aa82e6f8dfa6b89c09f
SHA2562500e33d8ac3ab15e60e7b98b91da9b298a777c41e2def355e7a173f910d4765
SHA51254ee32888a7021deb59d5294c9eae8f0a44b7fbf7b1456783688ae65cb30febf2d7c87918864a418b609139c73e4fac054ec4b291b4e55ec3f5241104422b450
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018052c6d11ef9d11cacdd8b22a4f.png.compare
Filesize912B
MD5f08ceae28618ba55cef1ebcbf954a628
SHA1d8524df8efdacddfa8d9f96c1086655b7657d39c
SHA256e6bc98021145873772bac0fc4aca7a2a63dc5c535f93185d6ef8497ad748b18a
SHA5120dc758ee4e28aa74e13a768117e5f5067232fe4569fa8877a4644c9d6fea7023ad059e3239f68715a963232712136b3284b8b65a72b026a602d76719620f4037
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018092c6d11ef9d11cacdd8b22a4f.png.compare
Filesize501B
MD5851d2c4d0119dbfc5e2da4b05e6e3f48
SHA1610100221bc7fb32230983b48e3f11b8c72554df
SHA256f2793b70e8ed1c7ffdc02bd4e5e83a94dda0ee9d30995396b729d74315c2d1a7
SHA512e2e509ed5a37734cd36473a6996056e420bf0ba687cff6ed8ad429f1152436a2802c0933752b55c445452f9319faa8aa677feb207c0896184ef5a17e22aea628
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b0180d2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize486B
MD5ff966ae89b1366ae6e07e66ce3ab3ba1
SHA151d570794235e4bbf5f0a4a3093abb9b855c3d9f
SHA25642f44b5a5dabb08539c9c3588b5665c05d27d8de7831592d72cb6769470ecbe2
SHA512360ecd1b04beed28e9e103b21f48f88547d0eea30fcde307e666142ad97e5498a98ad55d7aa09a59683e818682ed00eb023a533ba08b94b82e6c91873d73f9af
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018112c6d11ef9d11cacdd8b22a4f.png.compare
Filesize415B
MD5a4d10a8b9dbce7598400bbbd96a11248
SHA1c552286ca4ccb618856f107d738c471810f55118
SHA256ee60b8267fabde8ba2118580b3935d56e5a4e713d3be115421a8909f666cc68d
SHA5122d32aecfefae82d0c412dee11c66f7c3f23d4bc06bc88174ef84257728db4beeace4aab05b201c26ed514d64204524a234d0b8a921264727b3055e609692fe33
-
Filesize
483B
MD523d34cfd73e18438d7a352fc58008a67
SHA138c6158ed085dcfa9144a3f8ff3fcb801a10ba1f
SHA256e8178172cb8280545c3e115b09e14cd42b04910018758f7d46959469f11c2ade
SHA512b73d7de71189ea0fedc014b5ab53317237d4f7becb29af6d9b26e1a76b8297b9d0ffb6dde52a39410d057ed750345b2da1fd19cfc4c67890e55a529124ab4190
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018192c6d11ef9d11cacdd8b22a4f.png.compare
Filesize742B
MD5e167f54e12462548e9134434c085b2a1
SHA158ace4ba5a71d15db04f2eb62cb7d41f039ba4f6
SHA256e02536a4279072c13539a00f6378fc44e021a055485520f8c988a0699962dfab
SHA51205d7e0ca0082a8ca6ac642d4878f8d8288ce648f334b16b4eca8d1ba605dce3a396b66118b942a4d429a723e151cdd9efdd1eae53a120e04cd66586c9b35a399
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b0181d2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize679B
MD53146166ed1fd8057e2219d03b8371493
SHA15c48ea6d05b84d7d606749fd407b6b32ee1e3946
SHA256dc29d54b597088a3807b862f3eee3c0694093e18bf41b5dc0167781ee49db8aa
SHA5125467d58fca53f1b4dad65e97ca81adbaeeb8333623d64376d636784a0494688e3b7b51e7e638ad1299719feb33e83050c35c4e4cda50dcb4fdde8604676e65d0
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018212c6d11ef9d11cacdd8b22a4f.png.compare
Filesize543B
MD5b0e099d59b68278a221d5ad0e0358d72
SHA1927d01d9488f49166c7c628d7496e8f0671fa69a
SHA256ecb6e8c5def4c27b09533b7f3bd140b1eb928da0a905df676589ace2fdd7f8a2
SHA51261c4047ca8bbf7936035fa097b80091b78cc733c299836102698558da855a5dfc454d53bcf4ee1a4c950f911613190455f52281eeef27a2a79b7c141ec814aaf
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018252c6d11ef9d11cacdd8b22a4f.png.compare
Filesize419B
MD5bafdc1384f760cb24225d8f469b4c850
SHA1045382a11bb7cd98ee45d854fb710b487dd6499f
SHA256ffbb91bbee6d387da490a211e82c9dca169670331c1387d28951b2eb0823581c
SHA51246f9df83deaaf63cfb1508b9021f2a50ab4ec20a266777c1488b4dad994854dada5abffeea71bb30d0162de518c50c87339569f6d6640a2ff884f6a9b696a7a9
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018292c6d11ef9d11cacdd8b22a4f.png.compare
Filesize522B
MD5a5b89d38f7b57e3d8c54a9d47b5e313e
SHA1cd99946c765ec449064af3cc1cff7c704776383f
SHA2568f962f7440af38981fc3e152f35ba1eb71826b6c3c615c15539de33c5f563db4
SHA512e431b569b73b49577ee24e69a7ccea1ace281472a5683fd71ff9ffa86577af767b839a2df03f8618f36fae9002f7687195390a90a90f3c6c50f18d041ed2d116
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b0182d2c6d11ef9d11cacdd8b22a4f.png.compare
Filesize713B
MD58f885008995299d06b4b05b8d1c84518
SHA19219191880e205d8cc4ab9811c66fbf5b54b5b97
SHA256cc6b2e2e8adfc0a1a830699e44dbad67756a707b80a16df14469b8f669925a28
SHA512cc5b99241c39865bfbe18de11036888da3b85299e9e044c8e11a63136addc46a6ca7ebac06c58f8ca269d9d805c27e58b9a5806a3497ceb636fc81b37a3cd414
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b018312c6d11ef9d11cacdd8b22a4f.png.compare
Filesize257B
MD5f3cf25df56c59a6ac274f840b0e6b0f7
SHA1e14e5524635298cc84df281e4c3451c127d1da83
SHA25612ba1332a26b7c74aeda5dbd45cab9b7ede2f3dc6672ca07eab9b76a5b4c88d2
SHA512007200b4d4050d2c384d253ab42af407111846dbdf6da8bf3a663548fb85eb87d67ae01fe3ab9d2dc3590dee554a09ffbdc32204a3665d16972bd26b87699d8c
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b019342c6d11ef9d11cacdd8b22a4f.png.compare
Filesize846B
MD562d26a02c8f82b63f409dd9b03770272
SHA150d2c50caa398744334a3a597636204695fdbb10
SHA2563ec4a260dbe807de12b4a78b8cd7145b5c110d53b6fb23222232c396c4c30307
SHA512364b6ee92720280d4672be436795d20819b7868199c27300350a9afc89d41559f251bc31651f91b54569fcd0c8d2ef70ffd97424b7852bfd7e43be1ffa17bfee
-
Filesize
632B
MD5be79cf3367a8e4981cebf89afd21b8fd
SHA1922622b173c68d69a48d856e8b71ffb22ce14cef
SHA2564e0630d842961a0a8b1095f80a4167f5672ea5566f54ae841170e46b9e6403e1
SHA512f070f187ed5061a8566e3485c01de6a11e31628713c6aa5b0c3ac67e4488a8e2586d62f85d89853ce12775cb912bca142bd78a0fa1425b98d50c96c1110174a1
-
Filesize
1KB
MD51e93c63b27175215d330f71df243ed36
SHA1bcb8444e0aae425978b6e7b75559255f9fc6b6bb
SHA25641bc2267ce6c52bd380781177601275f4f4baf85d15416c8b22c5710ed201e66
SHA512cb1e8ccc6305cafa023743aa9c94ac294ba19d0ae10f8dbbb572829ae53e0307c7e70e1096128d7ed5cbc577d298c8cb1238e4e9aa47771443f9091e4bd141ee
-
Filesize
2KB
MD5d92e99ab213ee4c655ed0d6618ff288e
SHA1354037d41bbaa9a21d4386f381a0f75e8480ad19
SHA25690edc17ff5ca4d6a2e265f4473563334a7e799da4f45f07b6188c8f4f418350a
SHA512c269799d949b37e35bd0afa76d6985f4e43a3b331a6667922fe06518a499eb4b4b523dfea6caefee0c4a17fe428c1f565d35e1163aa8db831038cc6d7450c530
-
Filesize
53KB
MD5ff322d763ec1f410fe65de234d587909
SHA108e3fe6409f344890a3a75eb3b36e1dd5a59f75d
SHA25603e0db119333cbda7c2a692d414ac7e2770e97eb373998cfc9e6ea9bfeb22104
SHA51226a08d792f856fd12bc11897c7f86c8dd2b134ff990e854fa83ad59b8b4a471b922754b8d57c1c1f5bd25822dd2c49fa5733e50627d79ff6a8a46bfee93ec457
-
C:\Users\Admin\AppData\Local\SweetLabs App Platform\IconCache\d6b019b82c6d11ef9d11cacdd8b22a4f.png.compare
Filesize605B
MD552073ca1be30dc0807acf7459e3a3d8e
SHA1fe56a698e0478f30d19058394735dca75efd9ec8
SHA2567fb86e8afbe25ce25b07524e84eed5f7f6c656afd3103ddad4a80533974acaf0
SHA5120b973ec70be9968d298ae2cce622200d248695459c00c46dd70f8f1814fb62826539cf99b744ed7660f5b5c4b81f350b5afbb335312739b651354eb2705f3c3d
-
Filesize
213B
MD5ae43f1321d104fcb03c1da6154286ce3
SHA120e917c3f0b556a51ee07fb3de512dda8c0fcf5c
SHA256939fe49c93f1a1fa4ebf600f22dcd1ef0adfc0ac817735a465861deb5e4d50eb
SHA512a305dfe8842b5473e6161779d7ef5f9ec739cacf85cea45ef70c232a157faa061491a9f64324665a6e44a928132719ce6b0cb11742d95e458cb6948889025a8c
-
Filesize
389B
MD57ec4f8dc8ee3b2f23bd56eb3891c4c09
SHA17a7f3a486fb66b461f4e692666ab419f2924cc27
SHA256575ef7061a2ec30fccdd46ac67e7ddb51f7b19215b4adac6bcf86b3d5a988616
SHA512b702e85283f7ba6c532a150c106ab0eeb161120729de0d8c8f37361372bd4ef857c3a609b447912299e4739808c1d9cdd2aa46991d9f0c81ea7cf3cd23e87d61
-
Filesize
533B
MD54762fbae75b467040222b16a94616ac5
SHA15684ad88f049145a099a546d9131264f233c354c
SHA2566c2431538f213ad2c95d28df6446f9a42c785d8241e60bf799832d6b827eea84
SHA512369dc792c430c67b2a6017a0c7cf8b8286d00459f4e9896097c92f3f55a33f03c3d408321972eb56b37d1b0584427d0bbd7ad893b016664dd0bb7b6e98b33b77
-
Filesize
3KB
MD574f1e54688409597f6f3e0c4d3e21a10
SHA117029462506e44c94263072b8c6298bfcfaf8283
SHA2566e54f5c10b49429a15214d34d8061e06ba9ef9ec5c18d852c20ddcd92bbe5990
SHA512f1d5368efadf37cc849c63cd75a138bd5470ea30537c6d169b6fdcf3af1f2bca958306e570eeeb6d3c3efc3bedb62c54084f52babed92d082ccd5ff107fb4b21
-
Filesize
2KB
MD58fd601909484c953bb7987b888c61691
SHA13989a87d56c92d09a17b5befdec1ccf07143ad94
SHA256f5fa1535df7c76244faef920b6a6b84cdbad37affb3fd855e17759a00da0f814
SHA51251845af88d9f4bc6bea9107f4953e7744c8a936c644ba16eaa6a0e535bf7842a1fc847f7bfff1f24192c4737c6a11a93b43a4075a993f2d4d4ce6bf4485141a1
-
Filesize
4KB
MD5bd6d22ca1617d4d6594bc59ebd577ff4
SHA1520e595492f8214b8a2e20aa76de323220429055
SHA25665f2a673da464095878dfe1d94043ad242acd151ed7cd3641c96875c098d3522
SHA512b4d69579b8b28dada58d14b5d082a7b203a290324727fd2f309a9c2e2c4ea1a1b3a98876d74dfee2963f7006ed9319ed93131628f4862e0f82d073247cd6c471
-
Filesize
63KB
MD5a1fb16fb73739d9f0bf9b1123fd3a734
SHA1149af19c3296bf9993d4e0ded7617582c2501006
SHA256b5371325df11f175bb21fc9f9d827a4314ff28ecf7846df976d26d8046ed0041
SHA5124146400e8cab0319107c5f96a1edfc3968492c9b7aab2170ea65f27efbf9a9565b6134df0fc05d8cfe2ee641f2df3d25d2c49df269954186e1b5fada0fbea57b
-
Filesize
407B
MD5e55214ba44abf9fdf68f052b1e85b569
SHA16903b785435607385695e90f22c645aed05bc86b
SHA2565f125f147d6f61f9443f4e9f47dc2efe821702370bd5a1c5ed05eff9eb4dca30
SHA5125fd2e1d7d670eb940ca858963d210f36c4352374cdcd3aa53ac5be3c138d16944f3c6ddeb6c7aa94b06b2a4ef74f12d9d7996cd266f283bf9cab02c5b7363017
-
Filesize
2KB
MD5677784568590f3c77d0c6434b6eb142b
SHA1e7b7e40d1dcdc6cac7d9baef359f8a6604975645
SHA256aaab57852a2c0434de14ae4200f5424106cfca53f1d1a5afc5734734fc933648
SHA512d0286a4af4e1a72329fce6350b73a90d2c2ede634f1465f064baef7f224d64de2e71b6006a17d7324954328c71d395de38f60b8df676d4716ddd874730d4862b
-
Filesize
3KB
MD59a04b5b935c2b7cd902d15317a755504
SHA1332e7a2f22d7c64b1aef13236e1adb61a008ec14
SHA2566fa4f184c0a56c9e3425c71abfcf1c12837b4f723fbd060a391ac28f52530d28
SHA51277fc66a5588ad8b07994019c81b0e89e16873628a3cb06dab61cd65c68117c732a94563c5984e32492c8130f2a755fbec691fb46f5c5a1023f08986c25cffa6d
-
Filesize
27KB
MD595223b6fa2a3fe952616e85bcd2f630a
SHA1d23367e44f7d1826b221cf4077b012efbb58806b
SHA2562eb5cec4208438e0ab96b78418331c6b84c22087d034fe88763c79c6483e99bc
SHA512141d8833e8dd859f08443753ae82accce6ccdca77c8bfdedac79c932ae8216be85c8d2d159bab5bb3c18a6fd0195cb92ffc70dcea4b4f5c9a0fa1762890caa54
-
Filesize
739B
MD53b20a57507e63838a2659b74c0bddc1b
SHA1da8de7e7a4484d6e8cdfbb269abd3e6ae7041898
SHA25688b84e826c251e100de58618b4d6e54d5980a75d7c89af79d8eff669c981d252
SHA5127e1cde9576d26dd10cb0532c653065f3ca16984c1cf6d4453d08055fed5a8d8a689b9966a2ea6c8f07ac7b783598613635f5e3b00ae2a3c13f2877eeed6dfcf5
-
Filesize
2KB
MD5a9271bc5204a7b2c9b013510624807e5
SHA12a337424bd6b5a1c71526b4286e08f3237b7b194
SHA25683b2ffea7ce890626ef8db5a8e087cd4dd6f0680d090aad6b6fb0bcd54aee94c
SHA512c313d97a23bd404b5ba2e312e76fab3dc6a7a998638ce38d82c87983dc0eb0714a84a6836fe0bab31266deb3f9b6fb29bfc1f003e7c6c3e73f29b7e8efe69c32
-
Filesize
4KB
MD55225f9217c4745edbe95af119c9e0ee1
SHA1529fbc3fb4ca4d0cf2a244b573f57ab3a1a22e37
SHA2560e3712fdff533422e544576e5beddf8855d043808e5d94ec3cd976a915e120d0
SHA512a21a71fcaa43629881445c9b0621d606c57f4e1c4fa3ec1366991bd8a29f5d7ecd4a7b68fdc2c6f4f5dac6a76bf07cfde6725a4daabfb613b8bc4b32b3cffb5a
-
Filesize
57KB
MD5887b642b2242d057299d47c0df28c7f3
SHA10f28ff38538bc6b007418aef2a4a96f820fdbb81
SHA256af5a4b556490cc6cfd12bdda60ee48cf0bc097d3651c14846f1aa212f02f714c
SHA512184d4e90e15c4bbda781f90ed1dc4f705088210aa45833cc9728284364d8680cfd167804b71ceb4de23dd84faa430fdc64d24b1409a4717c5f2b929996ae1887
-
Filesize
5KB
MD53caefb63c5e8b2141ddbafb2bea5ebcc
SHA1c8b6757f6ac007264d73de3532addef9b591057a
SHA256abc356cedeb7f1519daa3e9295b007bf1672b043f8dda0d2cdff37f2e9fa1da6
SHA5124a51250ce82cd4365817c608599b35d5e096ca39c68e4ae18ca5112e7650afc38fcd5c77f8a8787e1ac80eae0b3550974582127b1adbeabb095a68fdb2aeb343
-
Filesize
11KB
MD5c5b7a72f97df551ec78b8bd1e7ccf9dd
SHA141afdeb1ee910b93d6eb85c55359772a93b032a4
SHA256e630598643359cfda46e168c9c77635523079e47b19174934c301f9cf4992306
SHA512bd7fcd62db425fabdc5eb1258a0a12f702c384fb97d5dd323c1dfdfa1025b3dbd37dce3c5d01580af556a4160f76b7026fc3b476caeb1f8cf1b586d3e25c2fab
-
Filesize
14KB
MD528fc69ab3d54c7c0bd78d964ec6e7637
SHA18616180cdad11422d675a96ccd0356fb74129e8a
SHA2568f603657e3b8f878d1a402d3149b20fdb5eb4cffee6d2b17bf94bcd11546a96c
SHA5124fb95f2140093e3a0de517be5b5f8c1db3e6a36a10dbca5959955d85dca16cacd592ed547b3e87256575ea3d795587fc18674bb8e65da0efc2e2227e5077704c
-
Filesize
15KB
MD5159e8002e7c0a5d264627b674b0b0038
SHA160c53d0926792717d264cc201ff8d80044eb12cc
SHA2564d8313726fe647ab2714e2c0494477fe0aad5d2bf38ae039d5647d8945698ed4
SHA512d24dbbbb31369c078a16f19ed9cf9d0cd7b88cd1df0016823edef2f42d8324888b3cb133019a2533940e7bb902d6b54baca9b5a3b81cd746971d8d687a9fa35e
-
Filesize
9KB
MD51a861ae5cda464c0ad588eeea8804cda
SHA14629f6a4f535ea423b5be08c6876366e0e0498c2
SHA2568e0108abf73b71079649fa86adee626bdbbe5638854ef110f336200f4a13b53e
SHA51269ab87ca2e6d167236edf41afb9c2897056776282086392b49c1300a1d80db984a45e9ce50060d62e70388af82090143b0a715fa5b38f1efcc5cc84933132fec
-
Filesize
11KB
MD5bf712f32249029466fa86756f5546950
SHA175ac4dc4808ac148ddd78f6b89a51afbd4091c2e
SHA2567851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
SHA51213f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
-
Filesize
3.9MB
MD5bea3bdb7df888a7914181994af62baaa
SHA1a7e3a6ba00f3a29bfcb052435b380300b9c2cc2e
SHA256ef603dc803845bec994a01008800dc27b1c7764779957756ea758d7abf4d16c1
SHA5129ecfcee5e56ea07c50adbdd68587030cfc249a2743d7f188d6c345ac5401e1c18377ac212b0e1161d8dd0207c02484e0b962dfc5397ac89182684413aeb9dcce
-
Filesize
2KB
MD5752ccecfcd0bbe46260a17d587d0a044
SHA1dd82992a2be8132900b535965eae14575d5b9f31
SHA256bfd8f097af683280b3ec4cdec4a3dbde441ed482beaa445065895ad08a3fc423
SHA5128133969821f7c1dab10fc63871afc48e2c9a830001686305bcb59f49ae7c72dbe957f793de1bc75dccde289845b66b310c0822dc8b010a7474650f0a9841f096