Analysis
-
max time kernel
329s -
max time network
328s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
18-06-2024 11:22
General
-
Target
https://getintopc.com/softwares/converters/tunepat-spotify-music-converter-free-download-1898986/
Malware Config
Signatures
-
Downloads MZ/PE file
-
Checks BIOS information in registry 2 TTPs 4 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings 2 TTPs 5 IoCs
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE 15 IoCs
-
Loads dropped DLL 39 IoCs
-
UPX packed file 8 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks SCSI registry key(s) 3 TTPs 3 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 6 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 64 IoCs
-
Modifies system certificate store 2 TTPs 3 IoCs
-
Opens file in notepad (likely ransom note) 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 26 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 64 IoCs
-
Suspicious use of SetWindowsHookEx 43 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://getintopc.com/softwares/converters/tunepat-spotify-music-converter-free-download-1898986/1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd66c1ab58,0x7ffd66c1ab68,0x7ffd66c1ab782⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:22⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4164 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4860 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5088 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5176 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5316 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5064 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2544 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1536 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5556 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5132 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5840 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6076 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6156 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5408 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5888 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2376 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6340 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6264 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Users\Admin\Downloads\winrar-x64-701.exe"C:\Users\Admin\Downloads\winrar-x64-701.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6260 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4896 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Users\Admin\Downloads\winrar-x64-701.exe"C:\Users\Admin\Downloads\winrar-x64-701.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6008 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6396 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:12⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6524 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5004 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6692 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5840 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6800 --field-trial-handle=1920,i,12833925885735865964,11213465543832671424,131072 /prefetch:82⤵
-
C:\Users\Admin\Downloads\7z2406-x64.exe"C:\Users\Admin\Downloads\7z2406-x64.exe"2⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"1⤵
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Checks SCSI registry key(s)
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SendNotifyMessage
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\werfault.exewerfault.exe /h /shared Global\809cedea6c2f4236b31b2dd23586e5d7 /t 1484 /p 34721⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap25256:164:7zEvent142581⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\Downloads\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\f4-tunespotconv-setup.exe"C:\Users\Admin\Downloads\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\f4-tunespotconv-setup.exe"1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"2⤵
- Checks BIOS information in registry
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=gpu-process --enable-features=SharedArrayBuffer --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=16198192630438990845 --mojo-platform-channel-handle=1524 /prefetch:23⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.tunepat.com/thankyou/install-spotify-converter-for-windows.html3⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffd529346f8,0x7ffd52934708,0x7ffd529347184⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,16535597852577134988,14339126844601407523,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:24⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,16535597852577134988,14339126844601407523,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:34⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,16535597852577134988,14339126844601407523,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:84⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16535597852577134988,14339126844601407523,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:14⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16535597852577134988,14339126844601407523,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:14⤵
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=renderer --no-sandbox --enable-features=SharedArrayBuffer --service-pipe-token=11676828586649237082 --lang=en-US --app-path="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) TunePatSpotifyConverter/1.1.5 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36" --node-integration=true --webview-tag=true --no-sandbox --background-color=#fff --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=11676828586649237082 --renderer-client-id=4 --mojo-platform-channel-handle=2308 /prefetch:13⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"1⤵
- Checks BIOS information in registry
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
- Modifies system certificate store
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=gpu-process --enable-features=SharedArrayBuffer --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=16095145771868253654 --mojo-platform-channel-handle=1504 /prefetch:22⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=renderer --no-sandbox --enable-features=SharedArrayBuffer --service-pipe-token=5340546895680518221 --lang=en-US --app-path="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) TunePatSpotifyConverter/1.1.5 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36" --node-integration=true --webview-tag=true --no-sandbox --background-color=#fff --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5340546895680518221 --renderer-client-id=4 --mojo-platform-channel-handle=2200 /prefetch:12⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=gpu-process --enable-features=SharedArrayBuffer --disable-gpu-sandbox --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=2776513838027578536 --mojo-platform-channel-handle=3556 /prefetch:22⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=renderer --no-sandbox --enable-features=SharedArrayBuffer --disable-gpu-compositing --service-pipe-token=4122358572425648030 --lang=en-US --app-path="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) TunePatSpotifyConverter/1.1.5 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36" --enable-plugins --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar\dist\electron\preload.js" --background-color=#fff --guest-instance-id=1 --enable-blink-features --disable-blink-features --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=4122358572425648030 --renderer-client-id=6 --mojo-platform-channel-handle=3476 /prefetch:12⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\TunePat Spotify Converter.exe" --type=renderer --no-sandbox --enable-features=SharedArrayBuffer --disable-gpu-compositing --service-pipe-token=13024732827492493910 --lang=en-US --app-path="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar" --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) TunePatSpotifyConverter/1.1.5 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36" --enable-plugins --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asar\dist\electron\preload.js" --background-color=#fff --guest-instance-id=1 --enable-blink-features --disable-blink-features --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13024732827492493910 --renderer-client-id=7 --mojo-platform-channel-handle=3684 /prefetch:12⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\TunePat.Spotify.Music.Converter.1.15\Password 123.txt1⤵
- Opens file in notepad (likely ransom note)
-
C:\Users\Admin\Downloads\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\Fix\f4-tunespotconv-patch.exe"C:\Users\Admin\Downloads\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\TunePat.Spotify.Music.Converter.1.15\Fix\f4-tunespotconv-patch.exe"1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x3fc 0x4401⤵
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\f4-tunespotconv-patch.exe"C:\Program Files (x86)\TunePat\TunePat Spotify Converter\f4-tunespotconv-patch.exe"1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\ffmpeg.dllFilesize
1.9MB
MD54ac49a7460f1ff87211274821a8a5f02
SHA12713039cb1bb75d923207e954147ee7651becd17
SHA2563f1b371ea7fe6059b2a282a0ad7149e66caf01d3f8ec0d4df445847a1b2ee1f0
SHA512e24aaa747ec3eb2d1ea53be12e77f2c0d230089c32e5adae97e8f0ad882ba7b7b219b74420c3383a8375d71626677b6b0a92e1316a555a769911c2680398d1b2
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\icudtl.datFilesize
9.7MB
MD5197d5ce41d85a28c649011ffbf4a9cdf
SHA11a54a54202df0e5647223956229817be03a34e8e
SHA25674a7799772f24d858d06661d89f35cf556f4fc4c48c30dc307faef369874b4cd
SHA512edc634f157895e6831a9dd2f9613b498dd27cd8e4db2761d7043f12a4897e8d3d0b6a750d991096ac0d5468ce972866af526fad91beab6f302b5dd889484e8f6
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\natives_blob.binFilesize
122KB
MD599e9ed492dc4b9318704745f69e3ff43
SHA14276e245efeb0256bbbdefa77063d2585712198e
SHA256ad6654fca057a8b8735c8b5cdba9d322396befe7e706429b8236c234a3941da1
SHA5125163af106d268ff2a324519eac9a17572191add3a5283496170dcff10f52bd9854e47a00c4fe40d83c01b8cd21eaaa0665647044ddb038cf7191ff19c95af539
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\app.asarFilesize
13.6MB
MD50d60d2c0bdc018a52534c65785e9d1cf
SHA102be461c6eeb3b10f7495cb09d0839a1d516e9f5
SHA2564ceb88473a01e519478cc21f42be07ae4ddeab8b244461f34f0a76f6dede2134
SHA512756878ac952540d4dc936c427baafbc5c1e29d299b0843d625d55070c2c0fe9b70a1eb5ad751f01fcc6c730b8c1fb056a2580839b28592a0dc66c525b5123bc0
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\electron.asarFilesize
275KB
MD548099533c90de326842c4d79507200a6
SHA16d8b73fad4b228ef331f38ce1aa50d8cdf6c402b
SHA25656aace3c1a007071d288b1e7689edf8f7d3d172891c22ea4a4600ee679666699
SHA51200ea0f2e9dbc7523c21360a07f61bb859bafc8de322d96b9f980945323bac1e1c4ee67e66cfa7bc7fb9b518a219009f646a1670484579b8a2878714c6ad574f1
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\resources\native\protect.nodeFilesize
1.1MB
MD5e9b90cac7aa536b4768ce0b66a8f349d
SHA1fb223e1d37fbdef09440f319f11f4cd902966457
SHA25643b1f1bf6c1589898fdcdc76ffcfdeec22b50d623ee5f950be223da351b38bc5
SHA5125e0ad4efbce706cf48eb73184f8f5d0215a726f630efb3a29deaa1babdce778224acb3de2eff1f4eeeb356c59f8626432c84799d8c8eee453ea4f166905fcc57
-
C:\Program Files (x86)\TunePat\TunePat Spotify Converter\v8_context_snapshot.binFilesize
1.5MB
MD55ef60de10a78d9856e39fded6f92ff34
SHA173dd08cb21da88fb30c4ba40b71fdc192e06431b
SHA256d7f7aec05b29e44c92f77491dac40f4cfb092566cbcdebdfe0bf361920784ab7
SHA512c09235326b2815bd3a6d6e530cd880825ddb582033fdc03c8f337791783868bc9f9a50a6fbb25e15f7601174425691c0064f8dd061bbdaf0160ef30f571a4a98
-
C:\Program Files\7-Zip\7-zip.dllFilesize
99KB
MD57ec019d8445f4dcdb91a380c9d592957
SHA115fd8375e2e282a90d3df14041272e5ac29e7c93
SHA2561cc179f097ee439bb35a582059cbc727d9cea0d5c43dfaa57f9f03050cfaea03
SHA512d71a79091fcc6a96c24d95662a18cc24145b9531145ef0bcb4e882c12f5bb5ca6c7a9b9e50024c9c0bf4cb6bf40dca7627cecbfddd637142d04a194e1956ae9b
-
C:\Program Files\7-Zip\7z.dllFilesize
1.8MB
MD51939f878ae8d0cbcc553007480a0c525
SHA1df9255af8e398e72925309b840b14df1ae504805
SHA25686926f78fad0d8c75c7ae01849bf5931f4484596d28d3690766f16c4fb943c19
SHA512a5e4431f641e030df426c8f0db79d4cef81a67ee98e9253f79c1d9e41d4fc939de6f3fd5fc3a7170042842f69be2bb15187bf472eeaaf8edd55898e90b4f1ddd
-
C:\Program Files\7-Zip\7zG.exeFilesize
691KB
MD557390724513dc5d7bd369c3c36d3744e
SHA190af197d7f82ee03f283459e9d0976f8c7c157ce
SHA2561bb7dc64af47f17e70ff86087bae4748e5d105758ddf2077acc45d2771b1909f
SHA5127471f485f577525066c3d205b2fe099dda3063456021291b329cf225c803baffd9b55422afbefe449302ccda139c1afc9ccb7bb60a6b5547db7ad0420ff2cf5c
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD51e4d15e399c53e509f8bf82360de355a
SHA12d390af6fa2e359bc6ce1468967d70636cd1f3d8
SHA256891d06402bd5e1b16d3c7bc0a36906484428d5197799e7c3bf17b13a92ff7993
SHA51234abeae62a1db9afb7159780f481c4f32eb8fc451e663421d3af104f48215c82f9fc9accdf25efa654c9915d351f89bc428a7008a5f6570d838e1eee324ae26c
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD56f7808fcf5154db9370079e448baba83
SHA13b6ec68f092f31dee316ad6bee5763b378d5389e
SHA25631ef491330347208d067bd7725493314e6a5cd084009ded4e759e9cbcb903114
SHA51234f1fd772a683189e82b1a7509b872e26049c064ca4b426694a4af20a6dd899a9e654b7af8391f6c6bf4d224baa372e20eac308a2c6b49d7434e116b643fc3e1
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
1KB
MD5581c1f1cebfeec0243840879f7a6cb93
SHA1d07071d6d0204d2321b241a7dea5893f658d405e
SHA25683f98a7ecfefc90875e22f32a73e78519c1a36f7c43368e69eadfbd413cf0682
SHA512dd7cf1aed6861844c4ef5ac06daac887673f502ad57c1cf8a7445b76a7784e60fdd269efc4e613b1d57e3fab542c624f7c67c6cd87f014c6666fc460d214145b
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent StateFilesize
5KB
MD53cb377cc6428de909e0646bf220b6661
SHA16224fd87c6d747d11073aa252928c84d60b98669
SHA256a87c532c313c7de1976c8397907d7b30b2ea80b1ccfd663e0432f239a84d4f05
SHA512b5100e2b8a88ff974f3c35b8e41085c0ad5bcb355bc6402fcc7c9322950df9e89cce9b8432abcc6c4a43cd49d5a0411715b635772193777f4f247d4ec3e902fe
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent StateFilesize
6KB
MD5558839ed2a0399a4595359493cdda1e5
SHA19876ff09c181c8fdc8d424a4900be3617b1a62f2
SHA256a3f270a661554cb1c9a676db584e6f75a0f3a3b7a1fe3ebeb0841752a54b17c1
SHA5122fbf36acf114496bfeb9a87d1cb3d11e401462c4a1f95c7767ed4cb8a7f3d26109a5eb3de7c2250c1ab7be4bd7faae4c87eeb3d7ba952336bf5200ae33977d94
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending ReportsFilesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD5ef5d2ba82ea10f25368debcbd0bac072
SHA1aea492732202834a4fabe5ce8de91c8540e6f7dd
SHA256bdc38470a0087c4a2b26fe58237b8e21f278c271a425b9ab7ee06b196bb15171
SHA512199e738f07df4dea54322f80c696d1f1228a4682692c91513267226e1258c96361cc1f0b4751a303d0695a1a58e4e48e633eed95c7b98a97e87b46c98857e4c7
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD56bf7bfa1a00f3c442ea1be71013ec54f
SHA1c11bccddf907dbc03bde285b5222623a15410fa3
SHA256c74b5aa5e5f76e5c7b6f364a8756e2482c7ca0d8f8f52e732434e916ad724003
SHA512c5ff9ab3bee085b4c0738fdc5991ccd0ead4c175907709d8d81e998a3685ec8d491dfe1607888c83543abf5e4017c755567a21eab9578138669e29ef00073f07
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD5583b9ec5fa3abaf45c790da0bbddbdee
SHA1b856ba3c9b54a81ca457b7ec467b5627c686adf2
SHA25696032da8979c545bf8aa7a98eec6d692b43025d1a8bbaa6abd0caee82fcfa8a5
SHA512a962a33b182dd95981acc4f85c4a2f02ad3d9d1e38a9eed1fb2bb59aa7f70412bd0b0f07b78b356197453716ef88fea17c9cd278ec994dc42673e3fb1ea9b279
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD582843e4f54c10f212803d0d3f43d73c2
SHA17f759cfdb7d1a1ca02db95b2d6bb6b1339c629c7
SHA25677104507594ee3f0a7558d1ac0301e9821b1b8fc4954cfd240ebe12a091afa28
SHA5128254409db93d6aee51c0eb1906548e0ea3d784dbbaef8e64bf7f755b0c79d8ae734cd6c5dd2f6db77301a614e4b0772ca36f1ca4552f66a988082602aaa9f0de
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD50a380198101cdeb935fa6428b67879e1
SHA13e692dff0d39675c49e9447192f4db87c73720c5
SHA256ba137050eea5d05e108387652848a44615b5da185a50911f0e67be4094131585
SHA5128e5c14ad9b4d8a7b9f80bb2e6e0a795b4b418349064ac1235ab09abcdd91d94341c468c11db34d75d7589bb0e4c076a735b2039958bd20bc8229fa9fe4982d2b
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurityFilesize
1KB
MD5e46762b4f584d62e277d69dc7cf42919
SHA1965ea2af763b389521b986b2c8d405ec40700cd3
SHA2564a5826c89094ab921f26af55491f2d6f36d6b557527921bfa9bfb1a7255ad051
SHA51233d18b5a3abffa2540970014eefbb7dd38841d1a087edef5c920bc88ca4dc1ab1d82db6bc024ee94fdf5b029359e54b4db985fe1e688ee3cd9a13b3c641de82f
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
8KB
MD5d73d353742e60be92d8ba109e0836a8c
SHA1c54c4bc78024aaf80d83a87601a4b77946e2146b
SHA256bf297f8712266d8a6d6a9746c5d7d1a1173894108f2bfb8dddf47ecadcac176d
SHA512a31ea335c3bcce0a2b5ff70347d732dcc453e7819e00849414e3139f7fc551371db286f052ae52be5f117b9436af0de4c4e400e2d64137da22c2492ea87fe72a
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD5f15ae7efabf712b21bba4d7c778b0d74
SHA1944fd760a3456711fa8d44b9a5b9d151065c4784
SHA25692be85fa411003177266fe13bd29a6746b48c02dbfe984563930628f4c749aa4
SHA5125eed068b07b109f2d386f773d90b4c8cf01851802c1cb8b21a3c083489b5c5f2b0d5f4bc182e575fbfc914dab4eeb0ba943a12a56a45829e65cbf20bd7154b25
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD54ea24248934b765132d98e3292081261
SHA14f8dede50745dfb083bc52408f1d795cd34821e0
SHA2560049cfbd7974db61bf1fda468206c54b52f781c3cb7aa38490834df215dae6a7
SHA512cad916b30f2ca5b6faa562af798867adcd9898ca753a3676996ae5fca93871a79d956815a107aec90ee8160caa2aad48b6b6d8a4183bcf10e384aaf28521a728
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD5716e8433ce1c9c252630369b22997f04
SHA1c39cc68d737dd95728142998ee66c8969c424023
SHA256349b475ce5ec0b451687286684c192949fa8f28e8d7261466f9bf514e204099e
SHA512bd4a0c42e0ab2233a47de66735959d502a25636b52b4b1fdb39486b458d62d2a58a709e3ebaf350b10c3b63ae120488ee6a3307e37a6728298758c3397b3b444
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
7KB
MD5372e4956bde7f9d598ca3afed43a6cbd
SHA198845b3aa35632f9ff85277b9ba4dc258df9a8d0
SHA256687905ff209dabb63806e8d9c24bfac209bcced46616e4b941a06c40eb377071
SHA51258c871e7d875cad4b25992ab7d19d6cd3a745703e9a822326bffa486d4c7fe3d4eba0a98955703f7235312972989488956f1172e8b49925682ae587592c9efb2
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\PreferencesFilesize
8KB
MD5b5446019de1aa57368a21c625e7c95b7
SHA10722d7253a14b154359c5b5cb3754e62d84df201
SHA256d9bd747a0c2ce177344e14e4af42f45818189ed03722d2135a85fb6bd158bb48
SHA5127338c4713f4bd7090ad84ef4ddd6d0ff3b5f44f4accd2689cc77b7b7215895aa7321067939f37f6e3de59294a4765ee8cf04911a6c70720d54323d74332ec76f
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
138KB
MD5aea251d44468f965515ff25a4dca401c
SHA1915b79cd479bfa3a57b2ac139afb3b438e572051
SHA256ce4933cd9c66891673931121904fe124e589c45ad3bfc1e767152dac49721a5a
SHA512b7d025592dcb2e1be245ba7177423e0c749d176d9198fddf030599d88c70024f31fd8123a73913efeff54215e7dfa0157fa16446f8f4e11cb5a944fdd38deffa
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
138KB
MD55dc8814cc87938689b99903617727bf6
SHA150945882ea5f3c39ccce25cf36fb0a661c955d6c
SHA256cbfae59ae68f83c09234d87081cf7a21276680ee115879ca43f4586edadea16d
SHA512ba251f1c9a8239df0a739ae39a1a4b77205c632f67dc210dc1354def4a10290112844a1515093415eb24da27fd3164914fe028defc495973e1692c1be77e7726
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
138KB
MD59f528f998cf815ff282b8b8fa72cd17d
SHA1bf80dbafa92592208c6e268f1933b9df4b9eaa92
SHA2566f088ac1c450d817ec317500f231f6008b8deeb918a7f238ec4122c748e6bd76
SHA512f2cd036ebe79c735760f2464929c27870ed12d71c44f22b785ecf190a3be17c4dd7beaae22ba9faa0f39744fa288d478ea7aebe2ea1d2f5fa795b8e2f854c9ea
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local StateFilesize
138KB
MD5998551d5cffe27ef12419fc5c0810ef9
SHA16d634f6f421901122e34676deb6e5c4a0033349d
SHA25661327e430cc9255583afb2489b33c0753e4884bcc10f2401fd49b38c1fbb837e
SHA51285e89cf60b29804cae7215fb81e400e61211efaf927bfecc13f9e54506e582cec48d3d7ab88172b3219555c8bae0999f162a4174ea1183407097921a9488056e
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info CacheFilesize
100KB
MD57d35c5a0d542eb2416684f365f5d21bd
SHA177f3bee84a7b67cacc1f3d3dd6499acd7d7e8ca6
SHA256d38758ff7169a83427302f4737d708d57c053f70b7a20f5c321411015e2c349d
SHA512f5c942f0875ae8b851e58a11079a9effa39a64fefd30e35bb6d190e0e83ad42f471f02932d126309e0e9841f5905f123ac1862a994d9490a9f567f2b34b1a2ef
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info CacheFilesize
96KB
MD5fef1fd6eb27ef8b6c18c740cbc1e86e8
SHA184211e4077d7d88e91e47f60959646a590a73cd6
SHA2562f9ada2c9f0e9b1161dca5d83dcb8049ee9c328f1d032cd988ed49d4bfa73ee7
SHA51267f7b8ba57e82aa9afa92ac2d60ecee4f947fae927648935c6135308caf707482a54ccd17ed3e98359f17a5942fbbb40add314bf11e12298c96a2b83787643fc
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info CacheFilesize
104KB
MD5f6a2c3bf36118f649d32fd87c70b8ca4
SHA1e33c8c6e7e6c9b4ccc65257e44d98177ad8595a7
SHA256b7ed9a73f08f90ab3c134c0fde7dee6e7c93334ab041a5984497b808a8d2fc02
SHA512efe52189e6fa7b7a04c4520f3b89ddb35b2a04b5c4264c3e5b46fb5aaf6d7dcb9d2f1b80ae51c8f90c0eb0fed0e339e911dcc452bcf94da4d443a900550e1a9d
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57cc97.TMPFilesize
91KB
MD54dfadd39d0bc0f4a6c176e4c12d4c70f
SHA1b599edbb33ab8cc416ea384d207c140fb7143fa6
SHA256db4fcffb556f1db106db4350a918d1876c4bf5def4bf6e7d6e1f6603046b51ed
SHA5121c387be31641f31ae76177a615a35f68aa46f1b1346e4677e6d457afdd725174abb775fb16207843cf1168cebeaca127366d6135222bd6684819f9c6ef476b0f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD556067634f68231081c4bd5bdbfcc202f
SHA15582776da6ffc75bb0973840fc3d15598bc09eb1
SHA2568c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4
SHA512c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
152B
MD581e892ca5c5683efdf9135fe0f2adb15
SHA139159b30226d98a465ece1da28dc87088b20ecad
SHA256830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17
SHA512c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-indexFilesize
312B
MD5b4886899609d4823d6d466eda38608b6
SHA10de97ec6382b2263e724d2bd80e4b3dfeaf39a2b
SHA256ad3ad9f171b2e39794d7488be10db495d154735693d0d6f5c0a2d924366f0624
SHA51289c38bb162319b850f9bd29fd0573b486002197ecd6a74a706bcbf1ad03cd7fcd73da7fd7c92525ae04bbc08db415c81c783ebb0f64aea0a0c38a18b0eaa6be6
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent StateFilesize
1KB
MD5e556f36d46cfe75cdb67c4a9756f9efd
SHA199628fd50a6e87a57ab77f3897821974499ea6fa
SHA2560788bd6a51f0ff7789b9524d5f6346cfd7fffd07d8fc38b8295a7263c008b59f
SHA5124bf3a824a979dcecc33d10c26428034e93d860c0ec0133fa2185f60111be900bc300d983490f40abbc5df70f2fb5e4686474fccf1559fb42a8d4d58c47125a6b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD5f734e87ec0daed03c449821a4511a18c
SHA19c10c86409b94c77e0c3de4f0181139574ba76ca
SHA256cf6807bf1ffc4a7460688fc382f14279f1a5ee7edfbef3fd83d8013691ea88df
SHA512f7e4d5a35a5676be80fb3e6ea1e2eebdff590b84627d021b0951b13580c2712b282002ce20d4a7977de79c9b2c11dabcc8be0135f70394ef77e5de5bd5d951f5
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
6KB
MD554eb31f7c977ce0c1b7346b617f9eefa
SHA1c93afa3b2a0484f3687f74faa39e8b467e829fb2
SHA2568de2cf5598160f8d3d67bb5e2a24768d128395eb25e7c6488659bf96d5180665
SHA512609caf91c84178fbeb05861dcbdb944c149feb4059976ac9f78ce0d35f60a79e698dba627f63e0aeee40b19be8d7ab03e64617e734bf083b6d1e3826dd365548
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
11KB
MD58bdaca0fbcd9fc386bb2814d02e83d97
SHA11be45977a929b1d31ea90e084a3162c88f0393f4
SHA256fc01e56c663ae83081858409b5740fad8f0510119aec08ebbf790e59fee013e0
SHA512f587f22d4f0250a47336d1c447019d0b2d99e091f519792d4137dc307d1f906ca57388b6ed64922f61c96481a2108e406dfbc098b348e6bcbd1b5622b6d1d3c0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
C:\Users\Admin\AppData\Local\Temp\5e35bdf2-5a8f-45d9-8ca4-eed56059e131.tmp.nodeFilesize
415KB
MD5a5d740586b4ac18a79520ca32e54cbb0
SHA1a871a423286585ec8ee1e0c63cb5d25d0ae9b012
SHA256e19026819676767367e2b7b97f6e47cee0db66ed17f001646baa4e174ed000d5
SHA512567eccd5f71c4654a7a320c504a3ab7d2fb8ff1bc1a0b76c3347f0a42f5c481676981cfc82e8ee009cded5b81c2c1af2dc067bf1103ff6c79e85f2e9d974f5ce
-
C:\Users\Admin\AppData\Local\Temp\b869d0c8-3ae9-4ed7-b338-bebde6b9503d.tmp.nodeFilesize
440KB
MD53070ae18ca430c586b18416d042ef339
SHA173088bc5dbcf84fdd29fd7feb1625dc823d95b8c
SHA2567fb506446f2fdba7e9bd184535072927ab8899629670eb5ab525c822dfa5c467
SHA512862217fe30b10e1cf2971f0bdb3335ba2e6b1bf5d94ed4fed0019c91fab87d5bfd9b3b683ea74ba1e3bb88f1fa4208d81794e020b4193aed6bc0d8cc03a9da9d
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\AnvsoftNsisPlugin.dllFilesize
1.1MB
MD59d10dc6b36240e96b7b5bf869156b217
SHA198eb6433d075504591782482517b657442bd1339
SHA25659efd0299fdb9feab563295b8d844789f163a48554e0a5cc9c4bd720fb54743a
SHA51226eb985c3e7c2ff6389785fc515d1a2b4b8537764a9e35ed214a7dbc42537e225d553ac51e0a50533a4a790e5b75eec0c3e764746596c98cf10b7c7277332a8e
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\System.dllFilesize
11KB
MD575ed96254fbf894e42058062b4b4f0d1
SHA1996503f1383b49021eb3427bc28d13b5bbd11977
SHA256a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7
SHA51258174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\nsDialogs.dllFilesize
9KB
MD5ca95c9da8cef7062813b989ab9486201
SHA1c555af25df3de51aa18d487d47408d5245dba2d1
SHA256feb6364375d0ab081e9cdf11271c40cb966af295c600903383b0730f0821c0be
SHA512a30d94910204d1419c803dc12d90a9d22f63117e4709b1a131d8c4d5ead7e4121150e2c8b004a546b33c40c294df0a74567013001f55f37147d86bb847d7bbc9
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\nsProcess.dllFilesize
4KB
MD5f0438a894f3a7e01a4aae8d1b5dd0289
SHA1b058e3fcfb7b550041da16bf10d8837024c38bf6
SHA25630c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
SHA512f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\res\bg2.pngFilesize
77KB
MD545fd69910d1000ef99b9da10fe702538
SHA1b4990b78108799f933073e19b72915affff4789e
SHA256ff42d47b0e545092582095daecdb0a4696f5845576cc64be9b692515f64d7599
SHA5125e69f41d80cbb662a9279bb9e0e5be547bf44350f4446a7ab293930a2ec43fdc139f2a17a66f3b0534a50c1b2f6278d44ac37418f6f85304fdc2506c002c2175
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\res\[email protected]Filesize
168KB
MD5e05e60cdeafcea0e5f4220875021716b
SHA1a7f21d728e8c13c44f127b948c49f55960c748be
SHA256c165fc5de075568d16d609ed15ac87cedefab72d87d82ef50ea86d56bcb17d7c
SHA5122afaf74b41c284516234cb4f3e25b63a0dba7062af2e0d6ddf69148a92759554ed1931b6bc8d211cb5bb1991f5c3948eb4073579f03dcd510edfd36b2557b904
-
C:\Users\Admin\AppData\Local\Temp\nstF10F.tmp\res\slide00.pngFilesize
81KB
MD53d7ce499033a25dc8542a0ee175254c0
SHA10aaaba10ce3d3dcd758dfb3e87a81564e3d9ac54
SHA256983412c7485b273a394bb991ba45c86a470a52dd5cf06a28918eee55aa505a95
SHA512e75f3336ed6ea23567dcefca971073982d3e6820469b4aa71d32604d686ac0d91a22a52665f50696fcb5abc09a285ef339c07ab2124ac8b34fb9f7ef8220ffc2
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\GPUCache\data_2Filesize
8KB
MD50962291d6d367570bee5454721c17e11
SHA159d10a893ef321a706a9255176761366115bedcb
SHA256ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENTFilesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Partitions\webviewsession\2b2b3936-f217-4af9-9f4f-dc40bc7b4f06.tmpFilesize
275B
MD5abddcb4564becfeece1623ce1bcf1a28
SHA1cdf8a084c6e95a33c681610033431ac6d892d054
SHA256563e222691b388863aaebeb0c99dd81c35bc9fc74ebe0a128f59b7bd7d154899
SHA512f63c1edb9567f25de6e5b9dd4a3cd2c6c794f305fb3a49c27dca74011ef815bcfe233d2040544c3c62416eebf11a47e0387b281b3922226c6b1190cdee08781d
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Partitions\webviewsession\Cache\data_0Filesize
44KB
MD51e461b37cbe4526ae388748a45b7e645
SHA12d57130895b54e0e43b98cca23b33b78e15814f7
SHA256f4512f99c1a18ec27fd48be0a5c9d148111fb2178284d65d20da8c625b8564e1
SHA5125def78a4fa57a381ff0f5405a92d3a3f69065156025640ba960000a3ea545bd379a40653ec57bfcf4666869634e1ba60b0a1b083a617ab181a7266bc2124621f
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Partitions\webviewsession\GPUCache\data_3Filesize
8KB
MD541876349cb12d6db992f1309f22df3f0
SHA15cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1a69fd1e-b6e0-461c-b5a2-f69ceadbcc87\index-dir\temp-indexFilesize
48B
MD5ae320d2f991c36d528925f40f04b9206
SHA1ec11043acfc715d85bd9372c5385c3d07eaf2f9d
SHA256b17809b673bf9ca70344809cba2c7ba349f31d99d58e77d52cc2eb9607249bee
SHA5128ba05e5fa3ed97985855125fb62e2e7fa959a2bad609f06c09538648f5f8155b24a4669e46ec07b28ec9b4bf0535150de354dbceb3387c701719689a19011175
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1a69fd1e-b6e0-461c-b5a2-f69ceadbcc87\index-dir\the-real-index~RFe5ab3b1.TMPFilesize
48B
MD51d2478bc86b480c72a38ed83ae236825
SHA1f8272caafd14bb74df6e88c3c5c1adccab72d586
SHA25602f8cd899bab6118804b766067b13f7403dd1a567daf6fa039a85071f846b8ec
SHA51270193033f9ccba722b02da1f98873366439daff16047dc6d6fd338c7c79adb618a69ffc533e60b61c531406ff10d41c20f8a15f43e30e09cb3eb0a319af6ddd4
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\47dbd887-9169-4e98-8eb2-6b45add53865\index-dir\temp-indexFilesize
48B
MD5c10649e5276491cdb14583a3433f10fb
SHA1225cb0e25baddd08ca083694094628dabdfdaae0
SHA25666311b17678ac254f423241f59ca93589a322b387ad1854592f4a457965950f0
SHA512d0c7f32ffce2c97d90c5d4b584f4ed958f628429915bdc57d76039631841a56d81c210dcd13a56202ea73a2c739af63ed58f412999fa5aa171c3789fd98f972f
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\47dbd887-9169-4e98-8eb2-6b45add53865\index-dir\the-real-index~RFe5a40a4.TMPFilesize
48B
MD5554d3d6828226850f7f0d65c2fbf15fb
SHA1a08198f49262d214873357701feb7c1c7d7032b2
SHA25675037748149b6857ffd45a0d21ebf87717e1c76ced01c8e2853fc85c4915a216
SHA512615a05fe2cae36460ae03811dbbdab273c1bd91af222e346303d910856d008d6528275b5a294803debe3956415e09f472cea1e4f5dccba49d6ee1d780c6c4797
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txtFilesize
108B
MD5620101a523f1e27e004d60b18bb3c89b
SHA1b3b46577b903e2b93a3480d4151e07bea7f0b6e3
SHA2567a0ad9ab9985554999ddcb710537b95fd8f291a41233b51d21d83c46ccd84076
SHA512e7dfdc91abaf38016482e00062de3a8cb6631c03a3b3e8d8571827d9e922b5657836f11df49d8f37e5de9f7b01809c83348ba9d1f3d8bf2789a7e6399b074656
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmpFilesize
108B
MD5e2f3a28a4d13b4ec0efdcf03bd9881ab
SHA1d9c732c3cfa9727e6c74c60218328b16b0644823
SHA256c421c845bf77efa2fc3a1a32edc513184e07b2abe71845df5c1e6b43675dac1d
SHA51291b1464fcf680e844f3d155a88a4231c43e6e33ad0f40b316abddc68a796e67ccb0fcb30d70b7d50007fa3d44b2642ba158086528eb153bcc7159cf1c1c2ade5
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmpFilesize
26B
MD52892eee3e20e19a9ba77be6913508a54
SHA17c4ef82faa28393c739c517d706ac6919a8ffc49
SHA2564f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\bf796517-f60c-4212-9001-80438d93587f.tmpFilesize
393B
MD51e5ae82d1005f5f6cce91ee2b97ce2c6
SHA1980eaafc6b634475726556033d201de6e75a1d32
SHA256fb6ca46263fe12a25c0ce02f41dedf89dc3a78d78ffd7ac7ba035a0c78e405f7
SHA51270e893f24f28194a06421ed82b248ba7ae5a8d2e8bf27be2d43d4be0343dbe135eb002781e40ded0a72e9981f999672abf938e402dc271a6b91bc446252c8893
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\config.jsonFilesize
565B
MD59b8d248f0c3961c0eaa2a579c0feba39
SHA1e03268d486ccaccff1bc2d18b3c59968507accac
SHA2560454ac23432762210b2272e103e7e4eb7246c69523abdbd514a8e4c551e04cf7
SHA512366d03c07c1227d615d8b876a695aca190e7adf3f063ec937590b551061a7f042dd597803060fbdb3d6e9e2af196adefceeff5d5513f0d9ac33e8bd438d4f889
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\config.jsonFilesize
551B
MD52c56bc806f6ae935517c1555f71f9aa0
SHA1d24f277fc1a2e7e96a2c621e408f1d0ca67e5fa4
SHA256ced951a593c9d0b76ddc285290328e53ec6a016a1f5df22cb5052b4266d81a94
SHA512e97303f7c5382b2291afb43d15521380d163b5b93845fec6f79237308b6338536b80414c99d839122180dcf85408f31d5142f17bc087d42347a78f82f0162348
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\config.jsonFilesize
454B
MD594314d67e17fe70213a67fe63570e280
SHA1f3cdae707a28153316ecc438930c5dd644b441ed
SHA2565daa1456fc88fecc10fcf22cad4e873545a3e33c6b4eb67313720a8d1d3209a2
SHA512d2eb5a2c9f3bc185ca574b610f8554ef95107d7ebd8ddf4f70f23e8ec11727a98c09204fd77d83ceebb540564dcba7cc5e12744d8ce9627730f12ab66e930f8d
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\config.jsonFilesize
521B
MD588971b9fdfa7d4df99987dde0f10288b
SHA1ac841475dd1b67f2a26341b1653e1b08a73ba3ab
SHA2568b24017c96e53c623658e77a3206e9870f5bec62e16d1b8497ab81916b44c85b
SHA5123c9f94c66f5ad0a2a7b22f4945e3e6e7d9e6b7d245bf951e8a5d29ec84991590c72c6ac03dedbd653630921a248a19cbe0c5f0a8d876c08ff86f336402e80e5a
-
C:\Users\Admin\AppData\Roaming\TunePat Spotify Converter\config.json.961780133Filesize
553B
MD57c2c60d0d17215f738ea8cab6b414bf3
SHA189ca1c828e4789aa867ef13a1a2ca2ff0617d2ac
SHA256a65c79235ae1bb1f418cd6bc8549934dab7eb9a5a908f094c531b0b93b6c0f4b
SHA51226d267a28c539256d973d84456bddefae429169cc94e9886a434cdaeb3e947ae752e1fe88d43a1d40b0e7c1f7000864e2ea209790c91f2b4de9078aa19eb223d
-
C:\Users\Admin\Downloads\Unconfirmed 6745.crdownloadFilesize
1.5MB
MD5d8af785ca5752bae36e8af5a2f912d81
SHA154da15671ad8a765f3213912cba8ebd8dac1f254
SHA2566220bbe6c26d87fc343e0ffa4e20ccfafeca7dab2742e41963c40b56fb884807
SHA512b635b449f49aac29234f677e662be35f72a059401ea0786d956485d07134f9dd10ed284338503f08ff7aad16833cf034eb955ca34e1faf35a8177ccad1f20c75
-
C:\Users\Admin\Downloads\winrar-x64-701.exeFilesize
3.8MB
MD546c17c999744470b689331f41eab7df1
SHA1b8a63127df6a87d333061c622220d6d70ed80f7c
SHA256c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a
SHA5124b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6
-
\??\pipe\crashpad_2396_PJVQCPMSFVYTUARNMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
memory/224-1837-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/224-1836-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/224-1835-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/1588-1331-0x000000000D6C0000-0x000000000D7EF000-memory.dmpFilesize
1.2MB
-
memory/1588-1640-0x0000000074310000-0x0000000074423000-memory.dmpFilesize
1.1MB
-
memory/1588-1313-0x0000000074310000-0x0000000074423000-memory.dmpFilesize
1.1MB
-
memory/2572-249-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-250-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-258-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-255-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-261-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-260-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-256-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-259-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-251-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/2572-257-0x000001504B7D0000-0x000001504B7D1000-memory.dmpFilesize
4KB
-
memory/5320-1838-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/5320-1848-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/5320-1849-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/5320-1850-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/5320-1852-0x0000000000400000-0x00000000006C6000-memory.dmpFilesize
2.8MB
-
memory/5664-1834-0x0000000072A70000-0x0000000072B83000-memory.dmpFilesize
1.1MB
-
memory/5664-1650-0x0000000072A70000-0x0000000072B83000-memory.dmpFilesize
1.1MB
-
memory/5664-1663-0x000000000C6E0000-0x000000000C80F000-memory.dmpFilesize
1.2MB
-
memory/5664-1738-0x0000000072A70000-0x0000000072B83000-memory.dmpFilesize
1.1MB
