Malware Analysis Report

2024-10-16 06:43

Sample ID 240619-hmwm2swbne
Target Pi Network Setup 0.4.11.exe
SHA256 c0818dc38ce949e1330f204bacdf08d40ac0eaba46d8a562a827cf8673c8ccbe
Tags
execution discovery persistence evasion
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

c0818dc38ce949e1330f204bacdf08d40ac0eaba46d8a562a827cf8673c8ccbe

Threat Level: Shows suspicious behavior

The file Pi Network Setup 0.4.11.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

execution discovery persistence evasion

Loads dropped DLL

Executes dropped EXE

Checks computer location settings

Checks installed software on the system

Adds Run key to start application

Resource Forking

Drops file in Windows directory

Enumerates physical storage devices

Unsigned PE

Command and Scripting Interpreter: JavaScript

Program crash

Office loads VBA resources, possible macro or embedded object present

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Enumerates processes with tasklist

Suspicious use of SendNotifyMessage

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Suspicious behavior: AddClipboardFormatListener

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: LoadsDriver

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-19 06:53

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20231129-en

Max time kernel

1565s

Max time network

1569s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2924 -s 220

Network

N/A

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240611-en

Max time kernel

1563s

Max time network

1566s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2380 -s 220

Network

N/A

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240221-en

Max time kernel

1561s

Max time network

1567s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

Network

N/A

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:27

Platform

debian9-armhf-20240611-en

Max time network

1679s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 1.1.1.1:53 debian9-armhf-20240611-en-2 udp
US 1.1.1.1:53 debian9-armhf-20240611-en-2 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240419-en

Max time kernel

1565s

Max time network

1569s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Checks installed software on the system

discovery

Enumerates physical storage devices

Enumerates processes with tasklist

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\tasklist.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe

"C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Pi Network.exe" | %SYSTEMROOT%\System32\find.exe "Pi Network.exe"

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Pi Network.exe"

C:\Windows\SysWOW64\find.exe

C:\Windows\System32\find.exe "Pi Network.exe"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe"

Network

N/A

Files

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\SpiderBanner.dll

MD5 17309e33b596ba3a5693b4d3e85cf8d7
SHA1 7d361836cf53df42021c7f2b148aec9458818c01
SHA256 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
SHA512 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\nsExec.dll

MD5 ec0504e6b8a11d5aad43b296beeb84b2
SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c
SHA256 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
SHA512 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\nsis7z.dll

MD5 80e44ce4895304c6a3a831310fbf8cd0
SHA1 36bd49ae21c460be5753a904b4501f1abca53508
SHA256 b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512 c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\chrome_200_percent.pak

MD5 99b95d59d6817b46e9572e3354c97317
SHA1 6809db4ca8e10edd316261a3490d5fc657372c12
SHA256 55d873a9f3ac69bbf6eb6940443df8331ebd7aa57138681d615f3b89902447e7
SHA512 3071cfeb74d5058c4b7c01bfe3c6717d9bb426f3354c4d8a35bd3e16e15cde2f2c48238cb6382b0703b1cc257d87fcecfb84fbf4f597f58e64463ceede4366dd

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\chrome_100_percent.pak

MD5 e4cbb48c438622a4298c7bdd75cc04f6
SHA1 6f756d31ef95fd745ba0e9c22aadb506f3a78471
SHA256 24d92bbeb63d06b01010fe230c1e3a31e667a159be7e570a8efe68f83ed9ad40
SHA512 8d3ea1b5ca74c20a336eaa29630fd76ecd32f5a56bb66e8cef2bce0fa19024ea917562fd31365081f7027dde9c8464742b833d08c8f41fdddc5bd1a74b9bc766

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\ffmpeg.dll

MD5 ce613fb05afd722fac05a28d6e935cd4
SHA1 d96ae5969cb134a8686d8ae72be304848a4d1f0e
SHA256 742c956f892ad0833a5b8c52d19aa69940bc15bedbb42890598df61b263f6fed
SHA512 c886e1e1e24e4b3320842127a7464a1baae93b0f791c7fff06af3ae1d7c312ae490f7d5f41c6d857b1be9da39c63e468b7ac6493ba7ee9e2ebf5e6344acda7d3

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\d3dcompiler_47.dll

MD5 2191e768cc2e19009dad20dc999135a3
SHA1 f49a46ba0e954e657aaed1c9019a53d194272b6a
SHA256 7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d
SHA512 5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\LICENSE.electron.txt

MD5 4d42118d35941e0f664dddbd83f633c5
SHA1 2b21ec5f20fe961d15f2b58efb1368e66d202e5c
SHA256 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
SHA512 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\libGLESv2.dll

MD5 47fd3da85f490e65b3252c83c76e63a9
SHA1 6f799b2d5f1768682cb6d8c2407110410142444e
SHA256 49ace76d838e02994a03354e557ae65a305d9c5c8441774fa174177451e26dc9
SHA512 8df107a48ff17000ff0a59139fc545276a12355a052658d933a2681172d5bbabde48b2e17925680a80006587c318876d494096d27f0c41b281e39a5bdbd14fb7

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\libEGL.dll

MD5 874b49121773393e5ab748e52c630089
SHA1 f35c93744cd2f0c178fc250116588654772d1339
SHA256 d9773c57e821ef87891375d687c68c0be75222316a666e8c49640aad80f60959
SHA512 ac8a09d44d7242d0e897ea84fa8f3f3c1d0e203fc3c03d5e62fba75f0c5e88189037145fb3548eba54c6c657af9126da96b6fa224dcbebbaa51f84f74dfa427b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\icudtl.dat

MD5 62880b7d351a9f547b62b8da6c97ce25
SHA1 057f11003013cfb3f1c63e6bdd4f2f9949ff0104
SHA256 7c40c811d30d459dbf04a04c141b60eb4247cd58a008fb836605317df665748f
SHA512 0d6f83175a91d90f4cc3ec4d9071b7acd0cd8ebbcc592322e46fde2adb7198e035af62c45a11a622f2a908e26d4dd8b8d1af023e634a74d0824d02c791ba3c1a

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\LICENSES.chromium.html

MD5 e400cd908b8fb7c13985e2f5cc7a7044
SHA1 bbafebdf5b067a7d7da130025851eaa52ec3c9d7
SHA256 ee3b1ab8794c749673ce9bd2dd302f12d69f0a1a4adfe40a64247746cc311829
SHA512 e7ca440f0e042d7fcfa99367426bf19899a2b227c6d7b6e2c25d4f1a40113250f21ebeaaf91067d8569dfbad1415d4fe3e5626d7254722f2778497fcb22e5d6e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\v8_context_snapshot.bin

MD5 264e3b574e4f86b1fc47b2427402e779
SHA1 4a4f9e7c3da262713e4cf7af6ac51822c56b5ef3
SHA256 ed559c6e81b6003b2057e5c1b0bdb5b28ca094b895ca86c69fe11c5c9e014f06
SHA512 144365d0fb83576aaa02ea6ecea51d7ba2cacb044eea568a08f65b98a83d3e7d7e693738e065e22f94bfd1165d0ea93a749dd1325d829257a9bb6607a9a927db

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\snapshot_blob.bin

MD5 40a3c2200e4126e8c47a7802532c9236
SHA1 212a4686dea5a467b7b6fa54397e42122b235f1e
SHA256 94aa518fc892ee9a0f1eb5fe35b60123ee61a5f848864b00519b96d8d5d9786d
SHA512 fa1a943822abe3737587d520654078117cae86c58fefe6dd6a09f4a08c09293e9547a0ad79c52f8638dfbb1c496df3d0e828ce414176c8fbb77113be41212866

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources.pak

MD5 4f1e4a359a66a46eb55313e04090e102
SHA1 e3f971830be08bf10638ec136e7b9a7990abe4d2
SHA256 50dfd64b881b8ff256c7fc4d3743389e6e2f95cf6da453629557812ddc0f7004
SHA512 7762848e8404dacce11a83195ab4e8d1cf391d9916f27e165ee257a6ba7d6a73fc12c855be74c734eacc897cf64655b949557ea12275f3d488cc3680d7fb5e7e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\vulkan-1.dll

MD5 5148e286ea76b5c3a01656a84548d035
SHA1 9f90b7523c64c62d7b0adf4511b49a3f2bb022eb
SHA256 7fb87a7f0d50007dca64bf845d444fc66116a57edecdd8487c91d6879b578a0f
SHA512 23527f9eedc4873320c65b91afd90873febce3f666470dbaaa42e1165c4b864f1df19038bb272954eb2281bb103c15199c6ff25ca44c0ecbfebfa1f5b34c01d6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\vk_swiftshader_icd.json

MD5 8642dd3a87e2de6e991fae08458e302b
SHA1 9c06735c31cec00600fd763a92f8112d085bd12a
SHA256 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9
SHA512 f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\vk_swiftshader.dll

MD5 e53fd0779465c910b275f93abafa6e3e
SHA1 f38f2711805d08b4b6d29b0a49253db0da939fcd
SHA256 58e2b5ab33366550207ed8e1f420b24c94b19fbe8e753f5a6c038beb829533a7
SHA512 934e8e68042d1adcf17efc1fbe728930ecb2d6cbc0fd60ad064e28e18ed2a57fffc7331b2eb807f6972c0c37bb9acc69c97a137b264efab67e180a8fe0d1cdc3

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ar.pak

MD5 14b15761cb9d4e1956812df8b42c2aea
SHA1 7c25580d892711b9eff1a3ace4e6699ea64e0706
SHA256 c8d405127b032587e6ae6426a35cb766139bae26170ca08d811354486ab667f8
SHA512 ec9a6e6e715c817726ad744fadca4d1af3015d95421774ccfe54d616225b7a17e862e086fe0aebb3a903d2ebfb27779cffcd713d3042ecdf9761c24c5a56cdcf

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\bn.pak

MD5 ff4f966849b4107535e41d037d9144c7
SHA1 3a973857b061914e8905bda7e8f2bdafa384588e
SHA256 2dc26dee345271f4606650912b0b7b5df68f621f2920864e0e36c1d1b22459b1
SHA512 98772f266f9553f77f91b11dc4589ec8a0930554e9e0b381bbacd8d23ce794c04f6fe821388a6e87cb14cb59c7522c18c06b1af11fc177c7e40ef71242adcba7

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\cs.pak

MD5 1101c784521a550b0561b363722086de
SHA1 838f2bfe3432b87b950a2ec5d9862d2f58fde3e5
SHA256 cc6ff937d1c9fec4634db4e2f6c0718d2606fe2d5d25addf1314e110c5b78772
SHA512 eca3ce2075d3c920116c9e34957631e0617a869467bb76b09873ae96f7803f20032a6dd0a0f785f9e59dcfce3a4ccecdab2d445a860bee20d42e140b45e74089

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\de.pak

MD5 7ccdc41a3dbdf89058d71629225664ae
SHA1 e15c35b18685d9573349ff4247733b5f5ada8717
SHA256 163ea4c2cf67edd0526a8e18d3810872e92a1d4e17b5cf4f04107fda5967b0c9
SHA512 13b20b0db02a0a7480c56c79304ef594353507e1a30da0130b73aa8e9ec7636f306315a6f40729b10dc725f936642d2e2b282ed3040a079a6f25a7f9f7f1ae28

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\es.pak

MD5 29cbdcc2168f1bb29532122c39e67a1a
SHA1 f086c79d60daf2b0a7df91916387efa461795dcb
SHA256 232f41ab5996c917687276e82c177de208b36e77aa834bb5d94d6a331f4180fe
SHA512 b603edf2a18f5893ab482b0c34e4126f824fbdd1b669927d7bc30d68e2e5bdf78d7d4b2aabdbe257987e8e19f440d9396a3683340b94c3fd844c70e34e93d8a8

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\fil.pak

MD5 8ce446cac9221f07f912be59534d86ec
SHA1 15cd1b902b26abbe665fed518575748483a9c3e4
SHA256 b6ce37b1aeb4ca17a7f78ebc8f97c2807f588dfc4ad3e0639005c626b5c9b939
SHA512 20be2b5c7e8fca897109b1dc8219931eaaa1c8296b1d26dcc7f9058168fef371d7955fb0f6c5693399b83fa81d27369efac8c3742059eea2333bd66d20b8d0d8

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\id.pak

MD5 3b5e08406059d1a76566e9a5d4c9b15a
SHA1 6bf45f2647e959ec1b545763180e8f29961ab3e1
SHA256 60409d8b785dd057e3495190b18e6d6d235d8313555341cba5f64327e3d8c3aa
SHA512 6c4150c064edf6ed0b83b216ce62134bbab12137e6b45749dad08d1d1734b3365309414900615137c6acdd12250add5c69a222daa7984a94ee850aaa55af1b8f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ml.pak

MD5 1030c08ffbbe7366ce5b7d55bc8ecc0f
SHA1 b45b53c1e47a0051560c607874357130c499563d
SHA256 e1f97ce3011d9231f23fe033bdbb0905c173921b18402d362bfc35224ff67db7
SHA512 3b9127a0eec02f75f79c66f5f7845b65c4ebe2e6a33989c7686815ffe0651be47d42f55c2f32a67a221495a8bebf043d853df7b244a68f89390044210e52dd3d

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ro.pak

MD5 7056fc61de4a16c7f4f5bf44d2e87f8a
SHA1 99d16dcb3b1aefc472601439f630e1244b1aa277
SHA256 b7ba9435d82f6bedd7005b6e868ee86f0bb6c4d7b312fe5f5d4afbd440ad5b85
SHA512 529152da39f7ade6713206fa9f767b35b9bf03816387579522eea78ac7d0e150bad557fcdbef51e76d52e39f61a0b4e54ff6a3b592eb7e34fafdb98afe460f7c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\zh-CN.pak

MD5 07b6c43d87dbf93ac8abe6837f3c2103
SHA1 79e033179b445609b3f1756c3f4184d5efacf1c2
SHA256 7f85b35938fadca91bfd8f92ca53613718e375ef010c340947dd27a4ff66594c
SHA512 38ef8f8a8a950b11c18eb7a40da721b888ef792a49e1371dc8c1eb22058a6791f95bf9b25df4ba190a7aa6cb62ce38b0bfaea83c71b62cde6980d12cf9da53f9

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\vi.pak

MD5 4c5c09cb7e6eb120c8019fe94e1ac716
SHA1 f018e7f095605e21db24944b828cc3580cba863f
SHA256 e7319ca18eba379772954132493bbabb448d4e97d755b85360ed337216b48800
SHA512 d171ee83cf02a8904290a74df1224556887e41333b8a01fbd95f0cacc88d230195fbfb6f99f9e02573d4864b3c95b570a77c2a0b1e19324d2599925e40684807

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ur.pak

MD5 88eef2798dee8a361c3ea9bafaa02a35
SHA1 6f8d4ce422336ca5048ef35d6ece360a9b416d8a
SHA256 91318006c880e427417a2b2fff81fd451769a5536fa16d1dc185972137bc2d6a
SHA512 db36b58186f165ff3f746ac483f75b6fed596fad9b3f335e86b374b359e563407acf58ac7cded9420e4fcb91f31eebc8a91c7777ea59bafced8cff2f1c0e9a53

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\uk.pak

MD5 64aa9344abd9a32f10d6c05a58eda4eb
SHA1 3286ee43f36e2232677b4573e8b4a3303c7df048
SHA256 ca20af5982ae706f5029467901d7d66f90b261f03c7d240d0d1ab2fca2b50a7b
SHA512 dd768b314da50b8ba5a006a4e56d70044c1af79960834722894d930f5347194ae7f9f5697bc4cd0790a79341635cb1df8c74ff45f74d1736049161af5b163efb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app-update.yml

MD5 9949e10f3400c5e2c9d9a5393893f552
SHA1 bae264c21805b24fca84d3e9f141578fefa448de
SHA256 8a8ec6f73f5789155a1d85bab2e2582fd9c275e00e0fe1f7fc7ce3227fb81285
SHA512 3c8b65c02ee513ea6a0b313bbd42a92a318c9e86fa2782abf9d667704aaefe5c6f15b2549f90d4fc621682a2bb261ad31bbdb1ac656b08c16726a0a978905bb7

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\Release\cpufeatures.node

MD5 43155ffd930b3122ce49572de56dad56
SHA1 7c486bf505534bdd3d791bbd807e76ad8df4b364
SHA256 07a149c9f9c34483030036e56f7049469bd0c1c85d575fe31f06366ffb8ef635
SHA512 d57f0a66e1e89b0f799ea08ca0080cd843780ce7aefc9c37741ce0b6fc8cd8cd5fbcec73a599a270cd2100e194e0f4435c731423a1b093ba0057b42d55f4443f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\sample\CMakeLists.txt

MD5 353375c4680c09b949faecdc3ebbf5b3
SHA1 b13267db330ee8c0857c799162f0ba16d7da63f9
SHA256 da1b8787d87e97eaea85417dc58e9b68b273eee5262a3b97c90db5d99f19b4b6
SHA512 462b0a868d3f33cdc885c203d002963a2ef6dbcae05d704c1d8ae11b9361db89aa9170c1f4b2c0aab9735c6c3667583c2d61e5b6bad4cc6060e634c17bff231c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\run_integration.sh

MD5 145ee0e6c4959dc1982ae7c9afe8b261
SHA1 42f2ec205c6ee2a87238b2f4f323939db7c9e0dc
SHA256 2acbcf066d2b20c398b9a02b6f3eb11592396c41b5a19981aa660b8af74edbd4
SHA512 e48dc931e3422da3cf20d68124de4b93d14648f8b0324f966cca9e1a9e122fc52403a696cdf162fe50ff04287ecd98780bce7175ee036401c893869afd0a81e3

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\index.js

MD5 6b94ee4dad05ed6ef8685656b6024d68
SHA1 6c5d1510a77a9aba743748ed50379f6d9192bba3
SHA256 27e942aba52a13d7b72a846a4b3fd98d69b65431725b651e7523b74499a2ed26
SHA512 cb854309d25cc4cab1d85d9cfaff85448380f9a842dc0e7d9c6e7fe7d2f8454ec80e53fb3783fe00509b4f4d824b9dc6b75e864ab37a6b033f8d4f583439d8d7

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\assets\icon.png

MD5 8e90acbb09f0af880b8f9aa87b9c4445
SHA1 8ecfcb8ec2a9dce18bece3ed4c40c10bc7499460
SHA256 192890b6ab906f3f2cd4894c9c107f4a18aa6c8574e0fda78abfe95b92acfadd
SHA512 44aaeedcd49defce6e5da72c89cafaa9102eb4ba25379bdecc82d87576c705ce00c9988f30827c9b9707974f34f2b7c91bfce55c1a1752adaaae8719b23fdf9e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\assets\entitlements.mac.plist

MD5 9920b60c89256ceca825062dc9c53c53
SHA1 0f1d847ef4067022c69fd82c135f3dfd2e4d352d
SHA256 f4b2891dc2b1239191cecf7cd5b9a36ea4edaec33c1cc091e09380d669e8fb63
SHA512 93ef0a66d6aa8091af3ab8af4b1ced502ded11f658aa77b6a5fe9e3d36bd5d01231060a0a656ea627c0fa32313b7a3438c75e1eb96f4f07692ee4d0f53ce9a90

memory/1860-1414-0x0000000000670000-0x0000000000672000-memory.dmp

\Users\Admin\AppData\Local\Temp\nso18DF.tmp\WinShell.dll

MD5 1cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA1 0b9519763be6625bd5abce175dcc59c96d100d4c
SHA256 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA512 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\assets\assets.d.ts

MD5 b9d1467e2b8b9e67630f784255b565dd
SHA1 67f2a748753e51c6b782c2a257a9e3b088cffacd
SHA256 d1688c0a786e3d9c4dd1a71178fcd06230eb5eba9cd64421015b98c170cdeec6
SHA512 f29bd26c1f3e7c685c9e85acd62b78e0880bd58b00094e01088beaaf141ae8ad5b74589e164b7f4a2882de40f98158443c9dfe6b90ad2a7ba8a957d4202bcb10

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\pagent.exe

MD5 4fe4084b2ca508abb3e7c4df980998fe
SHA1 b34fcf53fba9850ebe58ef2ac6e6e7c48674705b
SHA256 8176da517f23122ecffcb85440ac4da50aed2923040f7d21a3ab172da6924c60
SHA512 3d084136ae59365be135a126a05cc7574cac82399d111ea5fa6280c708fae0dca5a4f79a91c708582b9957260d108fdce86daaad0045c54ea14e50e415df55a4

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\pagent.c

MD5 f0c117a351df8e532fc227e8d60403d6
SHA1 76cf0f3eebf6a01cd780e6d527708776173e1e08
SHA256 6a4825742849e5b1ee0b79e860746e8ceab511ef896d585ae4fc8e50567cfa46
SHA512 1025800e606d4d19d634d8c4679837638fb7dc50c04118b21a436efc2a56a0aa615ab813f2afe1071f99c8db82a6cacd9962324e7929d183d2fe5bfd784336cb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\build_pagent.bat

MD5 bed30ff5dac655070584704c6a306f4c
SHA1 9ee01d85dcbb43721ebdd3b148507810c2d9366c
SHA256 a53d135864c0049e1ba1e956a99f31bddaccddb49aebf15b1dc39c0e0fcf2284
SHA512 528288b0b5130f2b86721c12d85ea355d3ce1f295004088fe05a0ad15a9a638209cf32114c42da4399607c258cb4c4e66c7e6e6679166e08f5f3e5a54c8d6040

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\crypto\poly1305.js

MD5 ca36b7462ea0f4f5ce9e68c9ac67c573
SHA1 ae86026ca6d9c64db23373e8becedf822765b1c4
SHA256 55a579ed6a30022054fd1dd822b1b49e2fc51bfbdfa933bfe441de8b7e4dce40
SHA512 e519717d8f653a11e786c396e1d2d0809dcb4fa5b72e9ac0cec7ae46c1c686ddfdd58ad122f7a2b37d295b30f725bcd6b35498b2c3a83900e77430fe900e03bb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\zlib.js

MD5 9c0f8722a3b3eab38efd8d2ee6ddd378
SHA1 4d424e4adf177b4caa1189c10255676f6c9f83a1
SHA256 8cd9f4c1825cbc394ddf9cf076a5ba9195ec255db9e904182ae9c25a1036e2d6
SHA512 2d05e11f0ee01a552c6bc007850d722b7a5afd626553242a056019f939b3d152e4ab72f43d55b51a24059fa13845b32bc333208657e959885a46e32507feb8ab

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\utils.js

MD5 389d455fc1274f5ce6f385af1ca026bb
SHA1 d73d6f3823f842eb0786208d2bfdb3824f462c61
SHA256 402b39e75ede9e3dc99af5e8af008602546f35aa1472bd4232c06f606987f053
SHA512 42c78ebedb062a9161dc103a5370412f75b4465e6ab078370489b9db8d913047175fd5026c063cdd25a50d180efe70443153f1d52ad3e8cb6bbdce99b5c8cedd

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\SFTP.js

MD5 eb5fd378ac8125245e296c308cca69c8
SHA1 61023cfa39304488688d229d8b32daddc2a49be7
SHA256 812df65b1a573609f718c8c42339c036883a238a97ba4b3e6c263b7f906fedac
SHA512 3c67ae5d96fd747c1e5710b8f230d9dea03d9ce33916e79c80ffe3ecdc47f1d514e801be66ee4bde16d47d302d32c02ca07e783316263cd4328223ec9a5a4d31

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\Protocol.js

MD5 04f10f3253aa1ab3da1e4afb3cdefbd6
SHA1 9daf952ec971dd9b179c27c43bee73ca0dc9c22c
SHA256 c1104b49087de7a91cd3ffaac8807c05eebf49f61effd084d0b0caf29fde6af4
SHA512 316b7ac066979272b3499629fa2f32b23ddb72c9c405ad3e58ece3c5eb52179f24034eeb96c753b5a3dccdc357423cff36ea28d2598fd4dde99330c533990128

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\node-fs-compat.js

MD5 6bdcef6a38d4eea3135f1a0dbf59241f
SHA1 d87f78800ca333e33a63e12ba53628410b4a8791
SHA256 d46a25cc158456c4a82b686ceed9a8267dc7d1bb69b6fd1d1f9b09d467951b4d
SHA512 3e2ee0a667f7f1d2f104d9c6d8d9cd88356fa14d792ba2d4455779c5e84a3bd05704e3e13462694c99d51bfcd8aa9c6d386fe4186ac8159bed779f529644be32

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\keyParser.js

MD5 6b026334dbf0edf6506d67bcb1f84d82
SHA1 6e444031f461989444078ae6f9b637101ad6e627
SHA256 2c4063fe095c9deb5803dc4f730487958217e8540fa61085ecfef9a4c3b6ebea
SHA512 dafeecc9a9f3df1c1dba1963224717e4ae3de8f63817049ecf04e1438c1b3ca10759aaff54b85591fd7a3b82963b70874adec24406969ef3eaf331dacb2e93a2

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\kex.js

MD5 c75354f8d1fa6b72a3b23b38963f8f49
SHA1 7656530d8f81480238207aa259af4aefb1787fb7
SHA256 054ba4b81801596350f0e2e939746d2966297cffd4303b342c25b2fd5d295755
SHA512 ca47d24c263361617ad8e8fc687ad258c5b4d9c155253a5f54c12b4be89c35a4d1ead2157ad8635ee39747514848d1b392407f7fa9051e35136c1bb0f8b02f81

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\handlers.misc.js

MD5 077fdb63d14df171828ca5e0efe2355d
SHA1 65c8e54422351efd0ad2da59638bb05a89f0417c
SHA256 8927c504c3c338187f36f0304a3452d6396ec9fc907af3db2be46a5f175c36a1
SHA512 c2430526635282b685252321f23dbee71752b4ba463080fd230155382e863079fff4018c6630efd9cc936960f8b7c867afa824aa46f29e46ef713d6dedd20fe1

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\handlers.js

MD5 0f9d21c84ce6c492c35a94dfaf288294
SHA1 ec47b16e35903a25e34b3483e3da05e46c191b75
SHA256 b15f990134a4f69b7492d0b875d80d8c28228907045619b01ec30871ac711df9
SHA512 8c74079b5d2ae11c6d8e9dfed44cfdc3c2d4c9ea25b5250dbb11ae847186dde52d2706c3b3a003347da5b35b8d3f61e3a03004b22da58c20e02249a95d6ab38c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\crypto.js

MD5 d904e7c17a12f07b22afac8011a37ab3
SHA1 e41449122c04b8c8bc958ec7ea19836baaf03643
SHA256 a729d2064e787e2a4589c25a284444fe54a58b7434a4e6e5e8e9c73c6d91e28e
SHA512 0a5a48118781cb332d45e90853af31c9da21f881b0a7bf9b3a1f9033c282c9ecd8c0baf363500e96889000bb6be75bb9ac57ba2ceef74f1432f2a20c5e20b110

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\constants.js

MD5 9fbf77bc0fc671c50b80f69f85c823ae
SHA1 0126e79cbff82786e8b5270c624a6499b3df9943
SHA256 a3894fdd8e294109b55f06fbda69e467741f15a250801b744b6b0487bbf32529
SHA512 9364b7325c3af0d7147ca255a1409e905f9a49fb22f4946f3b2732362edb5f6a587cb58a9d5efd0a1e8f4188ad76bf5ebd3469f8875173fca439414a654069d1

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\utils.js

MD5 103897a34b15aa2bae141a1f247865a5
SHA1 efa953c79411813ef1bd56ab1d0822cdeedfca5e
SHA256 bbae8286bc64b049499ce353e8dc4eefbbedefca8f50591432c1057276097aee
SHA512 76b6cd18a55b87ba1c1912f96a09c07282adee154deb6ee39ae4f1a1e931e3104c56f093bbfc9e0aca05525b1f58bcde7d62c7fc35d52c2cc9103234d2726386

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\server.js

MD5 7eec308e893780d9370a60eb43af9d52
SHA1 7eb2b897a480f2ca46d640f9ffa1d3d05c0fba0d
SHA256 128b58ee54cf97a5ae17e18836ff4472de4a5e4e591f2862a5c9ec7f148befe5
SHA512 98c32bece427a7a5b679460bdf80d3d631bc895f104e894c366d831d0c1a7cd81015e4aaf09aa32549b0287d99ac8ab63bab486b0734238ddf90f5aa3b22adfb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\keygen.js

MD5 4044cede88a77ca08a00038307720c8d
SHA1 693f7c79ae070d9d6a529a70cdb7bd3933be1919
SHA256 03d0be43e78ca4f82d4c96d084a39c0242f9c56f343da17a819f8bd0d873f06c
SHA512 b39628558fd9c0e21192e0fc39bc17183488449df1deaf6bae5ad2f94b5a62b4a7648df876a314d9bf00ec807a3748996badfba9ff82614a0815d4310b682bb9

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\http-agents.js

MD5 e90ade66c6a686afe6c7881bafd28669
SHA1 48c2a28aca7d5349674131ce79692585118b3589
SHA256 477d34701116572f2af06ac545994f3e2d2f14b26c5ae76bff2b13de2289339d
SHA512 05d62973c7745dd4c03867a868a9587c179d0ae8f23f66d4a950229bd13f013430f13f2e8f7511b1fcf5dafaa760a49a26de8cd04e29c81b593501df2fb9dabd

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\client.js

MD5 d94bb5213ac675564793cd0450b96118
SHA1 174eca9d97e6ba0c676c5b3b76a14b10937429b4
SHA256 631d0eb1e44c69aa31e495a715228b0a918d83a39589992597be0c90e1b0e8cc
SHA512 a005942829a83335dbec4611ff133be97c615296a27773247ce47458a0e1b5d33dbe4b999c4bc77a91dab44d5c9121322e21a2a1f406dedd2330efcc24f89aba

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\Channel.js

MD5 54b15fa9a2480dbd86595410341ad0a3
SHA1 76cd2594a8432d254225fc563e462bf60554afc7
SHA256 53e92988a025009b192b72be110bd240b5653f88dbdec93e515e3e401e7f94aa
SHA512 fe351d6431f13560aa8629ab865538bcf230b104ced81306f018af5991f1ccbc88677151c1ec4fe6d9dc2a25b816b9b2cd3764c4cb8a4c4882c7ef85b126a7cf

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\agent.js

MD5 4f928fb220e194783bb7dddb525ff687
SHA1 6639e5e4d93cc283548ed6854d0f423326cc7297
SHA256 cc6987488bf45f73e0ac5d8bbe59912b70a144cd73b53c83919f188f4cc3f2be
SHA512 82c332ba7d49db0bfea15746730c9cca1dd34902a5723773cc51fbdbe4bb8c2ec33852fa6f620025abae9dbb02b6f4b51486072109ce177d3ed30ff8ec62c6c8

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\SFTP.md

MD5 e68976959cf80897fb47a79dfab94e17
SHA1 b7f157e32626f9b57f5107f5c0086dd1f773553d
SHA256 9648b6c7da1b011b5cf2c4505e6bceb09ee11716a61941ae5d7bffa40f4ab95f
SHA512 76c90f96f3ce23425f56273461afab014fa679d68411bcbc7d252f49a34732a9ee7fba486fe51bad7c75df665b7d5db113901f352ec6e3c9e8f0b6c3207b2b14

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\package.json

MD5 8fd99ddb58ed77adf9a06d9006c79e54
SHA1 671965538eb630a8067dd6ec2c952d92e50f9439
SHA256 bd8735180fac647270e058da78cee5d6816ab88f26110aa97e57391d09dddc74
SHA512 3e8fb61375a2c956789cd28c3c7238a2f6d77f75a9b7857ea030e09c2100bd8e4d61d87bb96df123d1052af54cad3177369cb38c37258a2bafeaa74307647eaf

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\LICENSE

MD5 df3ad145c2acbfc4f246fa834a6675c7
SHA1 7601ea2d9d1ee9c68dfd8f2d0bfffbb002565db9
SHA256 d06b5d27bbbbe22c36b1fd88406b1208876e2d37d795f5b8eaed951a459a3111
SHA512 1444380f0b33906114c402d4fae723212e5ca7ae14db7feac0bfd5d0947429ad200aa9457486a49a25b86de0e2f0f0f6c4e4a8c7256f254324459828c33570d0

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\install.js

MD5 4b1149f77de8b7f90dbc1967b4705f10
SHA1 df90983b41fb921c9ef0402c6647593d9667a1e8
SHA256 52c970cf01ed6e93f04300a2e9f68d1b9a00a4d0dcfaa77aa5d520fc8e2a0a73
SHA512 08686ca2cd3fb8df28a8c7b5af3666831515f624ff1025fab7a3689d423085b1f8a20ba73a5dafbff5d935ceae30315c7698004cae8642ab8c64bf3511fd7d5e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\.eslintignore

MD5 8ff7ca2ba114e8b6cf3103830f215147
SHA1 eea26c964f956bd639fbd6ce4060196637c81a41
SHA256 e32f444e9b9da9883e7cc37eff35c03da954f7c85c1388e0922aa5347193ae2d
SHA512 4ab86cc22741b50cfd2a8b94ee155fa5f83b0fea3d5f0ad3075767101861e1667fa217df683dd62b03f8f4c0e97d78cb41fbaca16d8d8860ee810165bb695f09

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\lib\index.js

MD5 0afaa2068999ceb2a1d4cc42392beb9e
SHA1 ec3cfb6aaf2a97eb31d9fa61e7fe447f9cdbfe7c
SHA256 fbdd49dfead22e1fbd0cfee47457dc343d3a5950092cf7922a671b2d40595771
SHA512 f32f803c10ed400aacab560608a31da26624bc1dfcc4bd281eea0b6c0f8a62262d652cbe2740876324465ecacc182c9144bebf9851f2e1f882a3fbcf75c60ccd

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\hwcaps_for_testing.h

MD5 0c59d8f5b756620ab3ed2b255181b9d4
SHA1 f8ab068c6f5d8b41348919937b2236a41b9a9354
SHA256 641a1a177703f3e31f4dcd49872ffa1198253abfcdd740ca9ecb6d19b8e490a5
SHA512 c5e8f29036aa76d5038723d9f839032d954c10f233dbcfc6de3d113f510b2fa3f752357a2b83d418f24e36b767ec690b270e598ba7c306df59c7743dea330866

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\filesystem_for_testing.h

MD5 18a0d28929d2146268aedc74f57ae33d
SHA1 6d4ac0cbff30fc622e156ff7ce187e9d207dd720
SHA256 febed8193e311b85ed3e094555352f1136905cacec87ad7b523ca326b97579a1
SHA512 51e8605cdf1ee5c02785e0819bd1c8ba3ab0a659693dca88e3ba38d7f4645f1b5f8dc1e1f7fa49a592de5e22ab6a156566238c7fbddbd6f2740d01f35f18c307

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\CMakeLists.txt

MD5 319d800633610cc5e857df891b0fa9d3
SHA1 21d421ddebd5b0ee197e3334e6385e7a730bea52
SHA256 4d03829124c7ef6f0368d60ed464c50cc582b88ab3f586049f10af3d52636eb7
SHA512 b15a41d5f834f932065da43d47bfe9bfc47b00ba5497cec942c128be0f4c1fb1a8a44b18da35d30bf66e6c9b112826e6e0dd78f0797798c8d56d035bb5e1b0e2

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\utils\list_cpu_features.c

MD5 2eac1432387a52495f8235ef014f54b7
SHA1 971a9c47e5c6df56acd99f771405a2dd9def101f
SHA256 f756bd53642c97b6eada5fe7979af80f7b4a9f3b0cf5ba090284d4433ae1b22d
SHA512 d70acc036a3fe708b7ee380ae5d38ca0aea3c474d92416f136dbcbf56ef7728a855c784b19c0304f946d18b368afe78ebc2bd450ee4e1a664018bef934c25a5c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\string_view.c

MD5 b14d9b836a42ec8ecfb2b0ec1c9c1a8e
SHA1 3d1b6df12c74bb6e19ff1cadec5d31d661f5f87c
SHA256 2dae10784257dddb3c78bf4066d6509e1916821f4ec249f493969fab3f62bf55
SHA512 4441e1b82139cb35f38b5d5d8a03578358167b8224ec75f19fab458c4fc5ab7291c7c0efab28cbe15004f4f67cedba22168b77ac7aef27ba81604de185ca3e3b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\stack_line_reader.c

MD5 c1c91d0522f8bfd984a47ec711d62784
SHA1 9dd6d835f4b86a3e991020db7855d08375cab7b1
SHA256 5bfffd626483cf0ba6739641b9a0051b31d78bad2da7d639bfb7422867129235
SHA512 e3488f564e3b1f240e65e9be5d5e3d11a28f1a78abdc0a454a20966571f6740e97dd24dbd6d577776122c9e39270f7e500a6fa70e4bb75e144ac862e0b46f4d2

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86__base_implementation.inl

MD5 a75f5cb1dc009d1e1f336f98c1c98b9c
SHA1 4402bc29e1acc7adc13b27992705525fea5e25ff
SHA256 404fa4d7fb20532133a2d675b77062057636fcef8a1890c5a683c0204e351885
SHA512 126f4b00f271e49b459bba70ce00e00a2b1f44a6eed22ec49ba80f350fe0160ddb2dece58a6a7b2511c006cca842b7f7765705e06f104d291eb360f90b64411f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_windows.c

MD5 bc183ddfb98780e49bc78dc9f9ba2567
SHA1 15e9d2112d82813baf38f7a94a645fef77f98163
SHA256 fe4b6730f132d842475545f274cb1b4ab8378546e9f7c03bfaf761a65db4a005
SHA512 d91afcf11bdf646c78c9ddc63941a7d905ae022e9a6c978038f2e32dd51390e068de9057ff4b8eaec83bd51c322aa060a8220cc0a3077144ed68644dba65e63b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_macos.c

MD5 1b2d9a4e4ed7bbce77b688daea6fc711
SHA1 ddf32917995c1d5c02211739da564a8665bf59ff
SHA256 06ed5cd7bbfdda099fe8559584daf138c44392b9bb53c22468859eb203abe628
SHA512 19e52a37fe1f39a81daed5edd1e247391156a9e227dc7e33a8dd311b6eef5e5260ea7e5ae8f9374c0c2e71ceee3aae43730d64b99ed306c8dba91709159abe81

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_linux_or_android.c

MD5 30392ed5d1ead2df6b9cb55e9928551d
SHA1 602e74d6e4f6a7d1ffb1c68595e371bc40630b43
SHA256 49b9afa41966172cf7e37412b80b37cacfaa419e597387c86d1af0556d29aaec
SHA512 22729d01e68cf6c405bd68d04a840d9b24d9a1ed7425932f0eaad50c7c70fde84baf8b47a7507eb87ee317dafeaadcf8e01d82fa23b284c3c38b34c20f9df302

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_freebsd.c

MD5 fcf4dab22eb843d8f4a775816ec6d761
SHA1 e09dacae2fe1cd44b8167fca32757400b57daf00
SHA256 28ba193941e6d76c523771e9ef6bbe8b975a3b164062484dcf6bf41bf4bb88c9
SHA512 8c6f46abcdfeb012b67934f9c8f38ab435fc65d35ae375af8fe5ef223ddb89ea4021e556c0fae41fab9f37d906c8508fc4d5f6813707280513f1710073b8b060

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_s390x_linux.c

MD5 b3fd8ee61eb4f95a9b9301d0cea9d4e0
SHA1 bc263716636f72548c89a07cf1a791d9f87f06bd
SHA256 1fb582bc463e9ac926c6348f579437c842d11837ba97847e8f32dfc507b854ff
SHA512 85b741789987fbe1030bfd219a67a99ea0ed83929f7bdbfbc8dadb2831765eb35aa156d1b1447396fcbad8f5680d6d8d4985474344743b8dbf7424caa82daba8

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_riscv_linux.c

MD5 612cddb0399f9f71c5eac8ad2e59d535
SHA1 58013d0af52a323796140f31d5f7bc4ccb16f08d
SHA256 5777a6ecd1b3867f3df85d5cc54f01511429f328e94095b884c0733605761954
SHA512 ee27427ea989f82754f9c18c5929ca0d0eb027e0f87c49437ca31ccace74b7dc0b9c2d79154625e5d9e80ba1d0098c6792051fde5420c5d5c70381a08c0a9dd9

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_ppc_linux.c

MD5 d1b39103ec0160957c4172ae4d5c9e61
SHA1 dc4af9b99665524f9a8271c8e31e9209ad3542a2
SHA256 221d909ed3d426a63f2a94660cea4233b41a78f9e299a10d3d6bf33626425b52
SHA512 625d61d389195521195f7f58e3b626c1d644f378cfb4f79037675698217067e7d65c75e0f4f67892f84e320d3dfbae6a38de96cb8257bced15ce1c058be7d044

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_mips_linux_or_android.c

MD5 022027dc99f206512b3a59e81025a701
SHA1 8ffae82ada3707f9af364b86a984f31875e68ddf
SHA256 a7430a4c310c3802e2e55a5b8373434ec1e42289188e69f21e5af3fd1fea8412
SHA512 e3c6e7f9f5d5c1696a8675300ed2566c88dd173621bd97e97206c70f5263eaac4ac6cc462254d5bd9519e859e3618eecbb7c7d2246e647c80accce770067ecae

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_arm_linux_or_android.c

MD5 431a1c15bdcacf39db451d3cf681389d
SHA1 8b9700fcc2c152d802df3cd70be3b581c95b0782
SHA256 09622942aa099565fb1b400908c8dc16f863e70ca5e5e3b867731ace40a38039
SHA512 3bacc45443dc62dc9079fa5362ffd9404a64b611c704b44087290869e00d716428047e5aeb5b876d779b8af1b470a89edd399b50cc1fbf5668e5743d38c5433a

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64__base_implementation.inl

MD5 d48e760aca067b3b29368b2b65c9f357
SHA1 c8815fe3a85c638314b413e7c51d0bc34aaad806
SHA256 ec2100f6dead0dff18bbbcdc86440df36389fd9ae3329abbaefde8410a4b3373
SHA512 197c5166679c58c255eb82fb584a6d4e141ec11b57dc70b584b33b9cb927b6d59c6c31a8247ec3d345161b4575a71fbdf49f7af8612ecd0ccb314e9000211d22

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_windows.c

MD5 15b15037e6b166a10f0407668164a9df
SHA1 738ba3b19e7113f751c817275856e7b897c7dc41
SHA256 a00d032157940b05e79ac4f2202229fff52c818a270d7550ea94bbf43f331f60
SHA512 687818bcbfa7b4c8fc0dec014d09810c5f33b985f22f0b3ae5b8b50559ef6b72a3318145d47da7abfbb05f015d5d35479e7f51a17f8e8f90fc9ee446a3b25b61

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_macos_or_iphone.c

MD5 85a84d465b11d3d510ac555b45b3cea1
SHA1 657a8c4ccb21c2003b48a69f05a2bbeb5893e9eb
SHA256 7313496fec1ebbb4ee86cdef502f1f912ebe3aa3df3e1e6cc9af1bbf609093d0
SHA512 77fb18309ccebc1640877a5035b4fdf33df0116749597fc39420360a5a2bec67dae8ad5ff8b4042e80c1cd8bb3aebb4025d59c478076b0b2911b8a06327730ab

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_linux_or_android.c

MD5 ff0e5886d3c9380e8345d18cfcac9462
SHA1 922c631af6e80552347bd3a8f38cf9bec53d2565
SHA256 f352cb5a9ac66e00cbc0addb0d962746586128f883a27a9d8ea488b5b0cf97aa
SHA512 1bf8f608dddf472320f57e00d5297a15b4d2ab27be76808a8a205a5d2c7ed8b5bd7da66958be0ceaabb3267ae41211696f070e19649cb43addcf0506e118515f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\hwcaps.c

MD5 743ffcfdec0b32de99f04f2129dc097b
SHA1 db3a5a20302a6894a64639dc272c1834760316f6
SHA256 3761e1ee3566acd5fc3c2737cf75c63b3e134e340d7d09c60d4c0ee5a5aad892
SHA512 dd563a04ed77fe67755c669b99a7e5ee142777800817d6d6a9fc5ffa7d264039296f2bf19d58101517d2fb10d1d25084653c0bafd5d86ef55306505027cc7057

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\filesystem.c

MD5 1652ace8927b8029b899a4c72f601ec2
SHA1 d7212a26292e97d40436dae0b774f1a0d1bc07fe
SHA256 ba6a9ce5c4f3a810fa4e9407b8dc21e6314bc1b6a7399c4c349e52f87aa5c3eb
SHA512 72076667f44b10c77f67cb3ab836f89e6ba66a355f4a4714836f8723bd2f12bffc37e3890c41119ef23bf7c85e4ca17e659fa9cbf964f24b02297dde2c547daa

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\equals.inl

MD5 16f35cdd2a2d5d8895b1bae6f1b74f66
SHA1 c12db2aeee8a0c71a092ccbb58b0eae14702f236
SHA256 8b84162d9e1f05d28490d67f12f1ae6b7d78e8103396726b2384048238cf6c68
SHA512 c891d2c61fa667300fc75c1eec92f9f3e910dfb6e56257da4fd940d1e77a0163ff1e8d47f504193995b0fdab2454fb74d181c28440c989ba721127eed381e6c6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\define_introspection_and_hwcaps.inl

MD5 48b170668666f946aebbaf299418ca6f
SHA1 bb3e9ac606a01f69e8ac7757475ea9250107ed17
SHA256 d179a7239204f9e1b4f25b74c7950edb7fa5ba65197011fef3846522f8014c33
SHA512 2d847501cdd58324a474e8edeb3c5dba657a17db797b721aad60ef24a9224062d9007a82878d9d036d05d354f7aeda5827f6c5f64d2aebd97cb0492742461c0e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\define_introspection.inl

MD5 21ae82e621ce2d4da357218978e35b96
SHA1 f6df5fe8eaf95c765411292c84f5c1842c1ad4d4
SHA256 502cee0d1cffe99bd4a8863d577b372e2cb5a370fdd2f6f1990f8cdf20a3cdbf
SHA512 f3ea810d6a68db7b6be385c0ace8a33a65cba56596ab563f0ab30aa938dd11ab058197242410d851077fcc464505d339d9ce6bfcd6ebfc4b79a3afa02f34666a

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\copy.inl

MD5 ecb28c55f47046099d780508037b88ed
SHA1 946d20ba0889e2f4a21109226e027d95b5a1e1e4
SHA256 17aeacabd35a380bdda0f713ec2332b84b31ffcc12cab68b55008e63931aec33
SHA512 72d4bbaa4045a72ca2c51c4e80d22f864f9fc71d6502a41299e94299b6d6d67e77a4b89cc1e76bef6a2776a29272530686bf3c892f4ba888d1cf53d5c23a5daa

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\test_integration.sh

MD5 aeb8c2319337d8d4a2c32cba5930cca1
SHA1 9602838c045401745d9079d47edf2db864b9dca8
SHA256 6e59badc2f3a0f709b886e6f0901758a48f68f99b9facc3cd090b9eb96b3fce0
SHA512 75a848a99b0c44deae32d3d95f53380d4ab9ee16389eeee94ed0eeaebd3eac506eb225c5dec83e06019303669582f0a760bc6e386ba4849ff0b67b092c89183d

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\make_release.sh

MD5 83c8e840ea43817c25029f0fbbf9c076
SHA1 a857e900536bcf7b0f03ee240f6452b595728ada
SHA256 98fbb6633c72414462d3328e1c9e3dc56559aa525beae5de62d9c8f2c6209caf
SHA512 c3ff13886dcf0dcd2058ea3a09dcfab0356ed1ba717df56d9af508336087c22d2365cae24bd8895732c3cd7313bb4c505dd83861e7241c2c8ffc1fffcf9b323e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\generate_badges.d

MD5 227e3becbc51e44d2e04d230990cd06c
SHA1 2a04bbf87aa791015381b090da6519d1a66ca804
SHA256 a741a15db1297e253f61481178ccd1d4e5052ee65541137b730342070c96d718
SHA512 04f963a9a937a146ec65808ac58bd5285d8d51b33d21dcb2ad0565181aa2b64d88628cde4868f5b9a25dba67515876b8819044213cca7e80c8dde1ccb10d30e5

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\patches\0001-Add-Apple-Silicon-Support.patch

MD5 042ebb8d2f5ff5ebed93e9aff74dc305
SHA1 28f37f1255aa4deb78b9604e945d08a1a4d8aaa8
SHA256 a31b912f63cea87dd6c3d21cd2b6822f982676316a63a2a8d4ec8a99a95472e8
SHA512 c7a08f1aea31c5731f2ea45bc807aa89d2b93b354016bd76a066a3f55d66ad83b0443d9e7dde0c1657a7de4a7fce075adab133f48f18dac1b7234c40ba4c45b1

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\README.md

MD5 77e3bc98053f16f732a33b19bf5215e1
SHA1 6aad228052171d4796922493df188c614eacb01a
SHA256 86ea69fc248fe1f7f69ef4827c1a15f54035f6dcf08a13135878ca98e8f81319
SHA512 e6d26dfaf6946d6e286807531a793465abd2a33b7c190661d392a3b4d1109065471a16ec1f11bacd3eebc099dad8a26466c062644c5378204bfed30187f106ac

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\ndk-compat-test.c

MD5 949f45a859ed70c8ad276eef02a78a5c
SHA1 bdb28e5f31a0f501e3e2557ad12261caf0af0614
SHA256 9ba64daf56af38e72ef407060755a30c7257c6909249eb61ad962f348607c8fb
SHA512 395876d6ee213e2dbbccdf5d5636fe93141ee2107e104efd0c034594fe40e7179064c63c10e0364ebe88ee339a3760259e163b4291e7600fed8dcf5a4345b9f5

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\cpu-features.h

MD5 12e94cc59acb2b5ce47b48bf80e6aea6
SHA1 6d8f39295a499409e18b1c1065ba73139bd86e55
SHA256 0cdf2c0ddfbf125e022f0d7a69965975b4c9861eda898bad5b0fa9627eb34229
SHA512 ecdfb7e6f173c0c649cf8f312e2840a570edba750c24d284e608857ace306420392e497bd3dacc874f1959571a5c86a663c11752228df86e56ffdbff78e7665d

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\cpu-features.c

MD5 c91b1c7ac4036d35c9475938e04b140a
SHA1 b198b57e421803e6727317d6421034d5d8186eec
SHA256 9e8f3e26e30085d007d04c25983e0db39c6a77e1b80d11e1f1a5c3d1967ce4fe
SHA512 5596012d8c239260dd2420236bc4d55c59e2c7425c7c1bd00168e1ea053cd21a30ff746577d4f152e2788bd31a8889a9af94b2213b54f2e30a622afa84ba0bc0

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\CMakeLists.txt

MD5 5b7e632500b0357162a43dd8cb850926
SHA1 6f1d2876bfa8fe6fd3859d12d5e78dd11f9edf47
SHA256 2f012871958b162f54c0f03b782bba03a729a2d8354cbc718056938e7e229074
SHA512 ce2602ed4ff0ddbfabcc88646e297e955f43a03217f243c4edfef53f62b5b2f89cf6f1668deaa1a686e301bbb5f8cb3f10d3a66675eef826162243754f91f485

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\windows_utils.h

MD5 1c19bdbceacc92328a2c282803f9cfac
SHA1 21229c103cf2b5f4dc1512420b8e21fae1e92bd7
SHA256 a359d4c914dfd18c8b02b101276afae2606b825e31a28f3a06b60f1c5d103fc1
SHA512 73cc800d326adb68f3ee7a8a34a685a551f89562bb863b64c2d79a78c021455049426cedcf0d82cbc6b4be6fe08c23081fc2836f4c5f5817f9b6ee568a71fc7d

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\string_view.h

MD5 ae36afe1cfd716abd93deaca9877279d
SHA1 914ea6a1db0b01e6e7bd24f0be9602dc9cdda6fc
SHA256 be910b66b0693c691c8c15cb83ae436b0aad6865f9b03d33d108c398e5adda00
SHA512 be74029adeabc52ce95e470a09288b37dbb55faade38c453b119f4e089aa02bd943c90fd99c4fe4bcab905c107c604801fe964fe795e3a64549fea0de51f241f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\stack_line_reader.h

MD5 20d327f9a7cb149ef43c957025e3d8da
SHA1 71c52ec8762f550fca472c576961d9692e805e70
SHA256 23f7e45950e27802a2c15fc77aaf92a9f1a97571db8bf75bfc5aa9f398571ff9
SHA512 a637b0df01d766301e032a2df69d0238ebd32d3b266b74a8e3cc53500ade055d4ff20d9219c2dbb27ae89c992233253a89c03b72adda0825c2edbf7385a4e372

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\hwcaps.h

MD5 0001cfa87d49bd71f379c6d19f11510e
SHA1 4281448c7abe8b228566bc53c18acff1b68d7051
SHA256 95657ac7fc32748a9ace7bce66e11b96925d9279aaac959b5f28ad89cc8c017e
SHA512 3d49a47d3c1d0cc7988806a1aae210bb5abe9afe9117951f5ae2aa615d180ecbc1da618bb24b6485a1efbc92a9480b1037d40685d04db0e2ddcd74f7fb61580e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\filesystem.h

MD5 3004811ba5ef799952cacc837a4edf95
SHA1 9625bcceda9df04e0d11b860ce2709c2b106d379
SHA256 fa89e83792ae259a458e3e43c11195de367be0db97747676ac579e9556028f63
SHA512 8121282a475b8db2f812ceb767c14fe89349b0e41bb45a0ac94ee45084236b5cfa963d12aafd33a4e2db06937186b82f3ce4263f67e48e4e84bc6d8ba666038c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\cpuid_x86.h

MD5 8848de7baeb25034122d9da2bfa11687
SHA1 7c2a758fbaa26396df5660aad285b5a9a8060276
SHA256 daaccb823289f9c9b11c78066895b5d18904eb27619584a157077b679ec13d29
SHA512 ff16696fec73884f42caee6b32e9eb13a558c1a83aebc676a77eabb31e32cc4edd0f25abf13f3c1294f6e86893cff5bcdaa4b329cffe54618346fdc5a518b24f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\bit_utils.h

MD5 412aa92f5ba22cbcd7ba32ef078323d1
SHA1 b479a74529df6668891c1c07debcaa022eea06ab
SHA256 866d308bc0dd754b836cb37d062cb687b2e835c04f111bdbfc313ee06731eedc
SHA512 25fa2a906baba165223e9845e484f8935d39864c410edffc051ef2619907082b70f99fb8a55b565dd9fcc8db4f4938832c2b1b211525d05e11812f17222e69f5

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpu_features_macros.h

MD5 85c86c1300f945cf484c26beedae3ab6
SHA1 12374e81172b22cb5292620d73d45ddaf6590ad2
SHA256 3c94fef7c305b6886c1356aca96f73fdc22586ca2ad926bec9688e3938fd4666
SHA512 518f07b98c57dd7909b7c36a03da01cbf6c69f0223deef229d4fdf8a1b8b5555c86915ad03479c5a993a8c3101d6a11b589d138d4da5d65a504c7229336cf507

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpu_features_cache_info.h

MD5 a48e5f8a9097ca62b5597c96adc56f31
SHA1 43565cfaccbb9e0f8b723ab7e91ddbeb40f5ac7b
SHA256 6d9d7456fd182d598a10d098f6f5f9ba0abc9abcd1849088adb07c5ddd8653ab
SHA512 fce4f6be0bec6c9c0b4b6f5b1e2dcf919cc4c06a37fa3a342ff3034e7ab8b906825664b76d2048af8b4b58ff7be34dacc141b419da7dfc0a265cc7239a51fda8

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_x86.h

MD5 ef0fa79230a4a5b423a609bde2b6e1ae
SHA1 4237dd9dc4e81a64b1d2d060376d1171d20cf3e7
SHA256 c48393860d65580d6a06e8ae9c03caf8abc71f9cf044c198e55c083f491adea1
SHA512 325bce8e4cdef5ecf294007d1338c3db7e83ea0542c1df3c20efeb9f005b27718e09ddb9a072c141dd09c5dd185e384fbdf1fa747c1ecd703aac036f7de05cba

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_s390x.h

MD5 4eeb9bcea946fbaaf70aaa6ce5eab1e4
SHA1 aa88ae76689d08244b9b79e67ab44c55c0553cde
SHA256 ddaefedf6f01e68fb8e76b2aae85a26ca98819b0bcefab54d1d4f0d6f204f366
SHA512 a48eb489a7fc6ec7f57e499d4fcb731431d7528e0aae1feca7dab01bfc65b15e97eb54431865fd22c4f382c7b20d8da15cf145d86f42e3c3bfc5201fa98271ae

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_riscv.h

MD5 795e2105cd661ee5bf8b46c9a60d499c
SHA1 f01be15613eded183a44de669c2d0c57dd0542c5
SHA256 0fa06f542ca0214c7b260e662ea352d4dc7992924800457c4f61f60310da9e0e
SHA512 c80237a715f35ae9b72b4fad7916df0e9409cc29de7d2b86ae6cf862c63f19b22a10f23dccf0e39236b1ec54e4f5d47af3d6b7d6f870f11bb2261d467709d468

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_ppc.h

MD5 944e99f7ba6f54c8d86d8686af794bb6
SHA1 39cc177b74f221a72846fbaacb08bb698d7c7737
SHA256 defd6bcb8739c2865f72e437cd79790564e0b152ebb7f71caea0c373ab807fd2
SHA512 70839eeed60edd9d964ce6bfdce6f70c4e1973ebfe4ade666c21d55c6e856b210e20949b24b45c24b710056b13754b8a3d698c8d510e36e3ee97f51e5e5a2281

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_mips.h

MD5 821551b35b4fbb7e6722b2221fa6b5af
SHA1 9608308eb7c13455f6e10248ecc01ac8b84c77cd
SHA256 b7169d8b24ed76d192449e0377b9279ac4255d3c5819ab7fe3b7476013b49d92
SHA512 8a93f047422a33fc4c2d21be57f0563b30b8d393d54fb8df11007ef197b2b0148bd170412b64c268fe88ff9ce83437334ae56de397eecc3c1cc4a440372f33d9

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_arm.h

MD5 153d394a7c06d377b0e4f77a7a39e97c
SHA1 510810128749ccfb6d9df925b8b2f79e7486a39e
SHA256 97a6ccee97fa06cd91a66c1e49cf679b059ba85d04f27d84564082fa9ecdc715
SHA512 f264629c46931b231630c5645ade61f8eaf6fba4f3d17e4dc4f02d9b14943f44f6d3494f87e691d94d59a6ae4859f146a1ba2029b9f69d1bca96b56eb71366b6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_aarch64.h

MD5 d152e7f9ec2883d781c05551a92e56ab
SHA1 aa4fc66a6300da1903ad08f2f3a9bd7be003b6a2
SHA256 19658304aaccba251a5a971f4918f3b15288f65fe7cefe4bb89d908b70b87933
SHA512 fe99fa3ae944a2616d89908953da65287f5256bc1f03eef2c8b89ef4e778d2f2936e15536018f60751ee83afb7a8b354a315ce2009fe52f498fb5a3196267239

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile

MD5 a14f2a80eb72dda41cc26fdfe1a4e7ed
SHA1 ad327c651a5b25e124da5bb18e8982a58571f985
SHA256 3920f312fe4c4f17405921a9ea25e102362ec55f5dd67eb3c99fe4e35352f882
SHA512 b704b3a01ba41ec26dbeadc43d13294966ebf48e06fb2f0e4b33971922bf5ae2cdf134a591678ce2f7726b227e7f54ea4a72ab0816744a7e563c65e5569afd9f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\sample\main.cpp

MD5 58f1f21ad9305b6df4b2cc5b4588488f
SHA1 bd9ba6c1f7ddd3491b5cf99ab964f2238e6bd02f
SHA256 b4a8cb688aada97fbb1fa24bf6c8ef24bf2b24b4b3f8829f63b04f46f24c1646
SHA512 44884567b1b2ceecbb4b300759304a7a3dab61db20b348d89844b985db7a89dd54f9eb305a31e783c28193fc68962c765e04f49f1d21ce9ccbe33e7ff6f0a021

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\docker\toolchain\Dockerfile

MD5 6a302d096ad751d7ff1090ff9d21222c
SHA1 19fe29c007302e0718756d8ec863fb5018471103
SHA256 f2ea6b990345ed10a4dcb14a2e6124f1585f623cee6a1ab1a5a3fd69c49a7e4f
SHA512 6a0f4a7f8e69b776cc4c73e4808549dc893383c812290abf479b7b54048de8e1eff8d93f7162ed25ac8eb62371db9bd0d4b9d4846efc666a6ab38d7663014e4c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\docker\amd64\Dockerfile

MD5 979f59c96e785a20e9d8d8a39f5b5889
SHA1 9b7a43c12315f4591a53981af62b9dbd2a5a4cab
SHA256 916e8b8a8ed393bb3955b986f96d58e30fadf35b0dd5d13aeaafcbda5ab93392
SHA512 96872ac642fe2245d4ed8767ffda026629a16d5f33e69905d6b6aee5267ac5d0ec4109c9428fa39e388f7ae1f312075122cbb067cb65232032c58db5f0779348

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\generate_image.sh

MD5 30bf65c949ede15b3796330b7e5d22e7
SHA1 02d765bebb30288375f8abd09b72e10de3269341
SHA256 debb342125c2a4f9c53d8bfe2924b862ff22ce298709614f63a0fec348690f19
SHA512 78b2f8ac53c7e354f0ee211d174821ebd93db387e2e6e25941bf3aee3d626bc733c7cde5bc2518f3298fe4066178cdd9ad23e75a37ebfb91f7b046ea185e8482

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.svg

MD5 5766a4bafcab33fe47e6fdd6677ea449
SHA1 52e5182364b0b4a09109e9c608e0b3ebc8ea977c
SHA256 2e5f44b2f1fd39d4f7b136f3d327f9c7fa3f1669fbed4a91833319a1a679977b
SHA512 dd12ff8d72541946d4e0619e74802b73622fcaf84114e86793236da5e078b45e24c2136cc845d5fd2b870f42fd2c99ebebe539cdd78ab275d224d3430b09b9ff

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot

MD5 d08fb2358d40bf05064a753171090227
SHA1 16cfac24e2dfc61f282799e6cc5d2e53eec2320f
SHA256 0426787a95f70006ffef1c1b881c6e857d7adf84abd7b3c2e26368eb7509f58c
SHA512 851eae4f8f704a804876456252ae1bc7cffa45981a0343ab925d4e9f89ccb58225f8c09ff9b2f10eb3e032eec460ee950348d53a810e0ab106b82339579ec397

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\README.md

MD5 a000e6085f97043dda5e9a8c6481171e
SHA1 c856c1d66a9165e591ff4a8ef979534a3cf4c791
SHA256 08c0db85f13f3b3e38248a684fb21a1f66d5a2e39500fdf4e5e9964d2b7058e9
SHA512 8236285c38cb0d625ab73050a0d5dddc94bbb1a99b3bbddac89d9ba76caf892e19bf450c5028b3fb20866f310e8eea550c9cb019a689b6ba14cc680b44c09b0c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\Makefile

MD5 7ddd1f93eb840e1a1e20e01b4ea914aa
SHA1 a96e7ffc26f0abe0034ff1ef6a3f18c272e471e8
SHA256 e3625bcca471894e5bd534b0a95e956ca8f8363d0b573133f9ef2f21cdcda994
SHA512 595de2f3c120c82a92303bf2ea4ad0256f1a58054179cbeb38c92b6bede3e5871f3124f0bbdc008ecbc46ad6e45713552cb3748e272a7b27a41616e0ec71a109

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\README.md

MD5 ac007aa8c0504c0adbfd3e5632132978
SHA1 82506715ea29796a1269e2c7d20a792d1b432f72
SHA256 273aacc7d3dab4f4ff444b751e58a1a90f243fe8db7316a46c995e6f45856945
SHA512 0dc1b11dcfa9af238016729bc2bf2f60adc1b14839213862f7dadcf6eac9afb63851182ff52faba39856942d907b1996062d241a031626cd29f35235cea2fc4e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\googletest.CMakeLists.txt.in

MD5 32ce2111b30c892f3f7010502b367e6e
SHA1 33a23944e8c7ec7925f52b6a660e72566167e472
SHA256 9a778386a3d198afd7119c587f6f70f788dff0e61cccdd73ca26f4bcbe659ac4
SHA512 f0bab8c0cb23ed2983b0ee3612e2b542a65ad0019996a991ba1fcaa46dabd591aa16445cbd04112d8ef0abcbb120ca0a773cddd1acb1a3c10b6a3f7a8965c13e

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\CpuFeaturesNdkCompatConfig.cmake.in

MD5 f42d43e057e982418408e505db39478b
SHA1 32aee15773f05b9db9747278f3b0d51c8c5d2fb8
SHA256 8665646deb58ba8f9b42ab058fbe345f95c43be8c9e826ab477edca9929c0276
SHA512 f347ba30e277833be60783bfe34efd3b6f0bf90968408f882b525f78a3f6029db9ac4b58e6812d6734dc2d18b92f2e625caeb780e42a74507ec8c617e6902624

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\CpuFeaturesConfig.cmake.in

MD5 82b53c4a6024762ee9c4fe2ac5366971
SHA1 3c221e3d2e09e912ade31b0c579b96aba37eb01a
SHA256 b5fc45ee49bdbffdc602892c5063f827e280c6ca26d4dbec320a0cacefdf0d7c
SHA512 4e62960bf37d1288d9d37a74083734bd7d930349463f76cba9d43cf32008ccbf4fc5ca134372eeb012bda3c008993ffff5f520c2af6029caab6a43417ba06300

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\bazel\ci\README.md

MD5 90624141f74f851ea3c6d36b5ee6583f
SHA1 1e104f13df0b93d4ded458a816438cb9609a2cb4
SHA256 0ad23eeebc57ebe55e8377615258ba2ad79af54c5fd5cb395fd8c02c41da92f9
SHA512 65706f69ee62fe9e75a94db604fd00b50e95181f1072c4c2a2c128ca7eea689e440a162a57be539d070ec8b44a5ef903c86018e0c3b7fb42a8bad8a05a16df23

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\bazel\platforms.bzl

MD5 30e7ea16c925ecf10d110dc670a3f1f0
SHA1 0543f29ac283ac56024a124267576a046ea36a76
SHA256 72fa63f0feb9b65da3745e6cd4a252797d37d1df348a3b184337f5aa42102b90
SHA512 3a73f797b437de36d71c0a2a9d191479a9d7024db0ab55cbe4d120ed0c3b99484f9eecb944a13c1bbff9e028c3d527325e6fb709964161bbb6657db77576a4cb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\WORKSPACE

MD5 3c1f02d382e96bee4e566b7da3570e2f
SHA1 2c1248d40bcc20512b76b3b7fc2bf1360e17847e
SHA256 6fa2c3ea88550b1952fd5bc88c77fc09c9a72da643e7ff0b328e0acab841c798
SHA512 6558c02ff6d5ec41841cf8dab87a3eb15e4a616d7b13d5a93d6d68c4159a6ff67cb4d8dc60d6f21d466b3904d0855d50c96e25fb7f266f2ec1ce4a1f4d6c14ef

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\README.md

MD5 bb0e84bd90f20f8c6e1029971d32cce9
SHA1 a361085933868f03b8024c91347725538b224f38
SHA256 0f825056a2fecd9b10ba6af3f6faf702fe6b402d68b7e0182854f6e9ff591e92
SHA512 8a84198edcabeea07ca14146c8bd3ace25ba13010597cb24aec307e258c3355731d2fa3ce629c619eb216b79bf1290e4662241e37cd2cbd316f128ff973113a3

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\LICENSE

MD5 31a8379f6fe09baf921e654832ac5700
SHA1 05c9c329f6de4edcdc6d2e84fa466aaaeef3166f
SHA256 af272c1b4dd08dd61d43e001d3134119d03ca7a2b057a64f7355fdf27fbea3dd
SHA512 15bf6406004ea95aca02ab6031eb60d2a5f8d8af19817c101caa0e58fef94a18d47672931f6730038d437b23a11b7a61d2d7d941ca6979ae9842675683e31f41

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cpu_features.gyp

MD5 00a55b2662dba750111206993bbc49a7
SHA1 0d568bcddbb595bf2174cc0165ee3fdfcdd16faa
SHA256 42aaea69b0ca99e155563f0ca4c767de9131ce1da8886539c1b7c5e0c1268540
SHA512 74b905b4249664b7078229b07f52c3ab294d06cfbaf3d6991a237d2f6141c90153e4ce104f7ada816c29b65fb1fbc771572e27961c51855e8cbb57010f3714b2

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\CONTRIBUTING.md

MD5 2e0f084403b6e98898961ce6af73b635
SHA1 892f18b8a1bc5ca320ce5ab971dd35aa8a060616
SHA256 a8cf9af75c89c31372be3c69613533e0a98379b81bed84ed0f5abb5677678c30
SHA512 a1ac4ac42e416a8e9e1ee8dd85edf7f2f2e6d5e90d26566970ad37d76d258cae6c23117bdafaff229163c540a993555a30f1946afee1ff413c2fb457823f27c6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\CMakeLists.txt

MD5 9becf964b97fab96c4ddef0becaed166
SHA1 16ab050968aa40f38ce7bc899e153b3f2dca8855
SHA256 073745e7eb1dfe8194d2d79b6f64d7f089dafcc9b59d28f57879104a397f6b94
SHA512 9bc78ff978353452664434a1dbe1f819cdb33ab124f2b15f05e3a3bdffd4e114259275fd0abd78090922eb9297c05de014da1617ba51fabc4662474b543768ab

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\BUILD.bazel

MD5 6f374fbda5d4751afe8d753e0ad27d36
SHA1 581e12a9755110ef8bb93e25d1fc6a9fc9605e57
SHA256 34c63e24ec5299a3cb1cd0ad6b97e2f0801158efd0efbeef17ae1ced06ba3e71
SHA512 8d9b4165d4140de9547d0d187c2d3c2bd4245d8a682d02e707faede0fb1e28fed5fe514a79eb5d54667bbb23468766591310e601171e83a0fdad69601e3e11de

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.grenrc.yml

MD5 553f5f90d927d398d8f5daf75fd10b1d
SHA1 0d70551c69f9615c51a042dad9fec3ecbab8b34e
SHA256 a1c1175df21f002cbc1e1ea9978cec55aa06ca4d44f3a4ef0b3dc011202a4c94
SHA512 7d32b706f2e10ff00b9ea18b41280b55d8a62d5adeaf37a5623713ef0d0e7b7d870bc9041b86e8b9d83d70d39499f69f82644497e1788feed534a26aec135fec

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.dockerignore

MD5 bfd92ece8aefe62cc6cacc0bdbe762a5
SHA1 38b596cf1b8bed0eb800a3a7283be7233c8431fc
SHA256 c9d3ae1f17de303abbee13f957129402f79b0ebababc175ac4c9fc9670593356
SHA512 fb9065498d97e6b513b9e2999dbda8fc3c7f1d8df22b70b00ab614134718b9e6be450f4a01ae45b460ae6171bdb29a4988b4a96cf43b60f8f1821a8d0b8c3eea

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.clang-format

MD5 1a18f76e57c4df8e9597d46e71353b6f
SHA1 b136d42bba0cce139a424dfa25f8e6578e6ee7c5
SHA256 cd25bfb8127eecadfc680968435b58abde752791866cdd80e4030bfac9e39cfa
SHA512 c10047cbc103ca4204ee43fc8f47ace35447850725478946f7c9392e0a0faee0ced7b042354cfec34be653bf29369b592d9b330260c26bde9461bd401d932049

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\node_gyp_bins\python3

MD5 bf5622f66d62bfec943bae39c4cb4569
SHA1 672c65a8cd7640bd9638a2e12e6128f6bc7406b5
SHA256 b53b3dd0df204848ef894e1e93289ea2a879d4af45692b3478380fdde1976bf3
SHA512 a5612ac06654db8bc0b117ad26a72ea7384a8bd48a0dc68b6cd808e6ef2d54bb626b7b22c534fc59706b0fe776ec2ac58970c85522f6a3cf3c6e5dbb279a64e4

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\deps\cpu_features\cpu_features.Makefile

MD5 0da798836dfcdf605a3f3f1d03006e09
SHA1 9346c28ae305f88df74657aa6156f571b7dcdf77
SHA256 747fc7ce05687e6b9c9237ecbd6a9ba7bdfa4e237f1edcfb75be48e1c1dae8a4
SHA512 37d29cd2c1857c22d08509100c5b987de27da3013702d976971151c9b1b13c7b6afd6c039aede1e630a62cb4a84978d1d733e738fa2619449f35886d14c42ebe

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\bin\darwin-arm64-116\cpu-features.node

MD5 543431e1c257ef143a4bdb14db059104
SHA1 d1aef46ca13aebbe8fd7396dfc0a84eacf10086b
SHA256 916e33a75f845cb03543f5a994c975d65d08c71def06ad82ddd794da001c259a
SHA512 b6059556e71b54c2d1c0c655c8dc4d57cbef95f07f93e107ea8196c41e0d1f38fcde8789a8b42c2f37cc30a678fa51fb118ec31cde85e3e58e7233766722cfdb

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\package.json

MD5 e9dbd1692c82ab374d1ac8b25da73b37
SHA1 b7083aeb92a3e4b2d5064b3fd36312c041695015
SHA256 7f3d471f63d21971b694895399d019960bb2d11a2db3c21326430508e1d4fe80
SHA512 2165df509e2fa2f1ed0ddffea42815eda478c9cb6e971e05910541552cf0fa99c26bcc1623472fbf69b8d1c8581db03a8fe6916ae7afa9e8530b475605c84ef1

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\LICENSE

MD5 cbf7b3097b1484b7e6c118fc1d31f877
SHA1 f98aa1afa539a8f702d3477eb2ac35c7fe9d6127
SHA256 7c28463b739e2e73a49bf127d0bda427f8c55f0b37365a044c3c3f254716118b
SHA512 248fbb5f42b32737771289fe971a0b97e7fca683c1c3c631a24557fe76538542825602f61e923f302fb08ea8b940299dbbd989719f9d648700130eb12320a235

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

MD5 716f400b50493f6263e6a19efe1125a0
SHA1 4d44f2be4cb90a2da3509343020b2a3dda8c421d
SHA256 69bfa1f857933ea2059ae67eba3832f9b1604519996541a530174839eecd5ee0
SHA512 9708159536676d23c30fccaf13dd3013dc145dd08e475a3c387a64170e94a8d026cda2e378119b2ab7aacf8a84ac160cc8febb57ae5d1afa2b13b4d5c6995c29

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.gypi

MD5 26e8d8c01c3d883e732a7d171c775417
SHA1 c0f0793be904dfedac2043e29140638cdae8218a
SHA256 824b4756495e0a26effe2f17775f3daee1a285fe7ee392dd3c6747a2cf7342d5
SHA512 781fad81521e0e51ce746eb173348c7b345b00fa5ebcd627521b11136f2497afbc14c82a0b98ad08fa81f5c3bf404976bb9651c3c26ad6eff7037a31ba96450a

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

MD5 4845ca510ae2961e531fa41faed9d7bb
SHA1 f1c0cea2250d6e538658ce3b833d5505e1db1d80
SHA256 df85748adac0bd2d13fb6f3b3833d3cda0429e60296a111057dc05fbe3b00025
SHA512 367cedcb213dfcfbfa9a21afb36970064db1a9e7e57a9a0e7b1e9370a51142191ee183788fba9529d80598f9597dd823810d9b0e24ccf0d398bd48e5333be329

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\elevate.exe

MD5 aaedf59c04a668dc3ebbcf47d7d37faf
SHA1 a4f30f80ce1964a8a9a2e90a7e609b3996e9de8c
SHA256 de83d24e7eb104614bfff891d58bc32cb5fda9edc4fa63eae609d7496cbfeb87
SHA512 d9d13a827ad4703df87e5a460057072a1afb2a6fc819364d35016039ff82df92881672b542d66d28db895953fdadcda5709e205f05ff89bdc8d50bfa7b65f07b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\resources\app.asar

MD5 15cb268be8fe8658073fbb183c72363b
SHA1 97e83514cc0c8ececdc39936750ca37d675dd2de
SHA256 c4f8607aef243e7d6aa9918a0863a5e5439ddde606d5faea721d12469886fcdd
SHA512 ed34cd06f364eb2279745532b25bc0a8d38c201f3f8583af3f573aa94f2ac6c71064bbd430dc4082a1b3f4a9f912d7844b035e9e9c5a35a23ceee35c5bda8a0c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\zh-TW.pak

MD5 960e99a171c4ed4b6d787027ba88774d
SHA1 e3869aff0c52841c9df718133e7c4be2977de7fb
SHA256 e42640f5309add2ea7fd5a4db503b93e479ef14807710a06d7e53a0f261da8e6
SHA512 4e51d787aff8f425d101882bd70e71b88b253f2ca61ed54dd7ff77c7e3a1d6570b270f4eb91f2d03869ea4537d09e141f3e32ea3a27537295ec698bf26305cbf

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\tr.pak

MD5 0aedf5c2f6f4f49074a2adea454df4c9
SHA1 a48d9d8461e61170257897766dbd6906e754a0c3
SHA256 3f4658b3811b36f5cad794e48e6507335abfe78b0bfa0c80d1ef9c5d7bb410d0
SHA512 e359e446330fc154c16e34a7335174f372bce701faf85de8a5f4b432ce3e10c69f42c93b7182deac89bb4d29750d0dd525b6dcd74a5b7bd724f544d14ba44a79

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\th.pak

MD5 84ad3f888c0ec307bb7b8c278cd36757
SHA1 948a5f8b43d059280d5374ca6d66e8dfc6a76d49
SHA256 56665860fe6577fbe00543a47a15e10eceae83458815f2989d179e42af07f81b
SHA512 7001c0607df927145e40a605e2b97914d02712d11e09ca20339cb1aefb042a1f853fd06e78b76f6dc6f19b6df837bca12946a3470c6c064ca767af1db57042e5

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\te.pak

MD5 5f9b7a945638b88e75a3175a7923119d
SHA1 6af614f2cbd72da2224f48a203a6430a623fc7ed
SHA256 3b476d2ce7c72c3a10170808020dc3f1a87309f9f725b08217c4716b28d10888
SHA512 3b66c9152ec032d6f2372ae5075cbfe7d0fb398c4bf173a7f8c76d91d9eaa816e6f839b90884533b46a9224e9fb52c4d439b3d1907885b8e9f80c5c55a852b65

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ta.pak

MD5 2c0a9cc4a7c775ff13a6888234265cab
SHA1 497bde42737667fc833bbb9d8a9edaf014d99957
SHA256 1dd55659ef21082b9d58bed50f387c0e1fc0f28d0ede52251b9ada25ed2a657f
SHA512 b862221cf17d3f2ca0495a8a3e1f630ab915fd9b2a46ac16c71deffee9a6f71264a8550233781474d60cc6001a48c7c658c77d4e0dbd5b543e768928119d2f0f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\sw.pak

MD5 55241312a3aaba14a6b19a9012ca25b8
SHA1 69fadf0817faec3bc6b018f0af5f63378ade0939
SHA256 722c86bd857a93ae06ca0b7cfe2cc04237a7ed5a52586cab7246336c802abe37
SHA512 612f815c25e9f593d1f1c4de8e9016dce048cfe90f21319c4cdbb5772580cb8c71229e9ddba60852cd0bec80a07a783ace24f873d90dc3323e5fdcc44905f2c7

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\sv.pak

MD5 06c878c1538813e5938d087770058b44
SHA1 c8ab9b516b8470bdee86483151ae76368646bffc
SHA256 90dc45426bc1302aa05261f136881ddf038272e9ac315297aa8e5dae2b31109b
SHA512 6ddf615bcf0a8c62221233687bae1eeda5cfd749aa8acc179d6650987289201b405edd453fc181a1d250eba9bbdf61ea28fb7c694539fae3d320bfdea56665cc

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\sr.pak

MD5 48abf758a49e2e8aab013f2bf56091c0
SHA1 ca909bc28b03bf959ac32e218a318289e0badbf0
SHA256 b4cf2d19b5e443b57ca9d1189880458a7cacfe1c8b231265557a3fb58f597617
SHA512 22d65df1cd35a8127296420a699f26edf55813fd6a970050dc9b2b051aaf7da2cf2fe6314a94977587021c02aa7d8b42541e1d08d5940fb7e1af127e87268c68

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\sl.pak

MD5 e76e473c419c25768b08a95a2822918f
SHA1 0fa7e2fcabb03a8788f50f1d4b4eb383c833e9ba
SHA256 fcd27a9f5cb4b4be373da7076a8232006ebe020999fdf90d20745f16cd7ef223
SHA512 e39ae0acbb7d148d6ade676d92e83fa9fb433230bae4339c31693a538198bf0679adef51883b96f8dfbcc8593a982544c64a2b265897f35a693183b27070ea5b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\sk.pak

MD5 78bc785a75ee512391a9cb462a771c09
SHA1 229d39e017174dc0a8cefcfcc72b0feca94d6208
SHA256 ec15c82956ebddb7b246c78045ad414ed34ca97d890a915070e252c8715096b0
SHA512 96556f6072e69351e1bbce06bbf896b1ad53060c7cbaf7928eebbe0f610f5e8778b2b8b97a5a268b7942a1c8d1adc6bea0403383a2a5bb99049437e95d575ea0

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ru.pak

MD5 91379a583d22fa9343ed466c261366ff
SHA1 61e8c39235945c4f38807b14ac74da7d3257759a
SHA256 0d4d0b8052519848abd182c44dfbf444a77a0c6994965c4a3001f0a3a4d1459e
SHA512 dde26b59a1e5f94d5b245f47399d7a9d3db8d247037331a471c39b1d7e79e236c5a0732fea4c53b843d8eaff1f54ca155a816a193b7baa870fc458a5aadf76be

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\pt-PT.pak

MD5 002d5b37e68a0725dd7d89fe3fc7ec48
SHA1 545de8047d3f89150516b95031965adc8f17df68
SHA256 1fadff356a7e89a8ff2af3ddf84f70fd0ce69525c7787f8adae10beed9d76d4e
SHA512 abad6cbb30a958bb84a521a66636af4221a9f63774122d3ac3b552503930ad83d343ec4c8109c8031cab17c546ef7549aa0f87746e39a80f6758fad28ecee129

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\pt-BR.pak

MD5 de8ff9456ba9ea999d0d1bc9b831e7ce
SHA1 1d67c6dd97fcf221c71137cc8b1946368807aba8
SHA256 b32fe8f602ec9800d59806e097e369fd065d8fbf473da40fd29289493489930c
SHA512 5a3a48ddad801382ec9065c6160698dd746aae810374c2b772d521a1764e7e0fd2c28c5dd1cdccb50834d699ee19441713fe10a91dddead46ba0cff3edbd6984

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\pl.pak

MD5 b44fcf9fdc4ec7bb5e72cae30aa15c01
SHA1 daaae4aa7987bcce299995feea5c54f2d77b61d4
SHA256 7f1a8392fe3aff4e6bb4bacbc1f4b395f08ecafda9f81e36b41b77fb4ab0bc76
SHA512 52b46d7affac4949fa19841d26d2f4bf877e36cbda4b75f3ff289a7abe9a80c2a014b1ae23d3079f4d31ed5fa76c320103733284a2c13d99a451810407325674

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\nl.pak

MD5 5cde06a63c9dc07fdbb0fdc94e403d00
SHA1 11be56054908f1f9cd56ab77692fe3717ee91ee8
SHA256 3b9ed5ed0dd07d8fa67412a046ab085137542c156876dbfe6f83376571af91a3
SHA512 2716496dcbf76cc2dece938103813a8dbc17d4c795b4e3459a572de4f62f9ac0e1788de3a21f5fb287ad364decbd541a5e3bddd406e130d2a9c72118ccee5390

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\nb.pak

MD5 9c18dfa9e69c1d7810132800d084136c
SHA1 bbaa9576e1b012df33d79a5dc7776c00e67295e4
SHA256 4f3babcbec0d138654ec59fd8ab5fd58da2273237a587928b9687928c7ca10ff
SHA512 a82b1e340a25a3858906ded73624bd0be4b3ccd1f5728560480b4a4e3a78529f5a178d20cf7d95fd55ded7ca4fa95a5fff87d89f0520ea08b54e7b99c9057d6b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ms.pak

MD5 3d0dc94a638f98d9bf3c0f60f89a0c95
SHA1 a979b04c65832d908305fb0406cb0653271ad744
SHA256 a9f9ae23a3bc2ac919c5b46d16b7e1f3bff73698d2626260196210e101d119c2
SHA512 6d687f1eb9a7fda3791295487063393b8f0a7409b55461b185aaf106c596229de6988114230625d6504b869d25d7a624bc3b90d66a0bdf561cb05a57d5b87c15

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\mr.pak

MD5 eafb18d633064d0f02a3eff3eff9aadd
SHA1 a8846e473014be80125630f1c5b51366220ff018
SHA256 fcb7c4aeed28ae4d16fa7b82d9571165aab0fdd46eb65d3ab29007231630ccef
SHA512 d332a4b7f4cb1583a5bf5ce08fdb46661a5bccbf0a66f7f5ab6ce04367e9bc589588dcb32f443695a3ab129dc50d2962ed4c138f97858639d4ea37c117e23495

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\lv.pak

MD5 335158efe454819a0dc8de0edb0f0e90
SHA1 85871f85f626db1fc597ef24c79c84115a66c17e
SHA256 113073cf60ae3d2bcf8a61df655762e34ba28e4b35b97de33c18e13f959d76ff
SHA512 f81733bca3fa65c789630b55c4f414a8541e71c4e1aba56bdb9d231ce189677b3bff4dc57c92fbe1cbc88f1f2f7fbf1a7e4319a8918c50409fcba958d743ccbc

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\lt.pak

MD5 49201fae17b715a15fa03c4d89dd2176
SHA1 7c559c174850de48c4a2837fe32c58f74d8150b3
SHA256 4a80792cb9a401ebfa7ec3212182b5024d651ca6a5ead8fc9809d0d3ad4803cd
SHA512 3016f721d77206e13e275e7eea1adc95d403feaccf595eacf933940485031e9aac0c29b6f47a9ff5f73b08c354b7b82c72193c83e1ff09d84cb5b9b72b708166

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ko.pak

MD5 a9b446bb79b0e5d0b4af4f7243b1f3e2
SHA1 fcf962506b32b34a6315ed61acdece33df3dbf23
SHA256 507fc8d2a468456f2842b65a111fc0c74fe1f56d5f5ac0d6e743aef186b43b2f
SHA512 e7f281206bd481427a75b581f8b2a435eb8a29bd8b5586a8db78605b1c1bbc20dc1f4b2ff92d04c62fb509dc6e1e062d1d584c195e386c5c2ffda0f764276aa6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\kn.pak

MD5 56c5f63f439cc962b815bbc4f3f12c32
SHA1 c96248cafd869fef11bc37aefb1382d0f60a7855
SHA256 14b332541c2cce0835202372f8cc822aef30b3575b651c96219a88b8d1381648
SHA512 9210759d8e73266381fbf04280aad0bc5006f315ce3fca74fe304b3261af0ba399210f0b84620230d6aa0c667e60c0a6d9e67681fdfac401338e9331475bb7f6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ja.pak

MD5 74e2430cf18db7ecae2a9b1feeb049b5
SHA1 362a5f3e4d8a79b9d0b041d62a8a5233e20fb208
SHA256 1a726c500b5b3efdbc7b9e6626765dcb8957005f9c072c09d1f517587d6b673a
SHA512 324d0ba770c09cccac4c59e0e0605846a4e18f32cc79f14fbd4e5b0172f439ef8dee538f686458b3a07e5e8b4528ef67aa5d339ae25f7c601c9a302caa7970f9

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\it.pak

MD5 4e7ab6a5d407bf4d3f96671d65e467f9
SHA1 67f43053ccd167f2ce6d945202f64df29ee1ac49
SHA256 20408c09d9447f44aa920f2529d231072db8bb9c0c8b8fafa2db733561eb6964
SHA512 bf493e1a1c0898f7a54f8a5278dc0ca345e9937efe269b1bd3a3bc90645d767070ec9c117df001f8c3b51b4a383c30f025daf79606ac1840fcc5878ad4c53624

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\hu.pak

MD5 51b14b96d1b9fa99ed849347a8954133
SHA1 5259b749576a9612e429a665dfc8bf47651c39ea
SHA256 70d4a0724a2e0e80ec047e7683eec7715c0fb5f88795cc97a63e4c2ee2237800
SHA512 b68d4bc792f29df210602a557d0b3333a95e30cd03a0a4cb5f537c9c51da9937119391f2a359c03fb874c1f540c23f44bef121e45f048f32b1db06d67a0bad1b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\hr.pak

MD5 ef62a50cc098afcf3fab69c7502219e9
SHA1 db474cf332c90de660fc575ef897d5389b65784c
SHA256 07effa557c8bc822626c05a4d299296f88d3da0654248c326d796f7c2de3ec64
SHA512 7ae6f40c7bf404532df0bc2ffa449e0d99debc2b9816450ed0d015b1634dd96cd5650ab6af5a6d44d52d0e3c9c81836ee350210c4f8a13be6cc0cb796a630350

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\hi.pak

MD5 cd91036827739441e4cc849aa30706d6
SHA1 cc8e4c53e18db16876f855c2377f3cf0e2abf95a
SHA256 0936587aa072339f8dc347506e5553159319a686010ca1912bed1d830e107c6e
SHA512 553773bdc11be94f495b88e0587d572455ef68c182d51c9e1ae0e3aa23744f836996a446ed136afc562eb9a110e435b494d5955d2792a364a619111e7b3550e6

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\he.pak

MD5 9fccb330d8b07ca54661407cf737d847
SHA1 2c6f52801b66aac7d08acb60d9736f9149e48ae5
SHA256 bb06d364a91b8641724254822b2eec5d0675e262a4cbf93b92494f601807dbef
SHA512 0cbf36643cc7b1d85dc7cb7825bc816a8538d0cc50b137dd27d5a9703324ae7ff271d38dc0cd6e4a99c6b391070690b90eb8ddb1cc511bc8d84d49a32d36c34c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\gu.pak

MD5 02bfa1114fd5b75261c24d6c0e6441f7
SHA1 d48b80339405cb8c8ec7a19b688e8d544938c4c7
SHA256 bbb17268412fb3e13584ca4dc90a94f984177d3c97ee89af2a57324709f8ed1d
SHA512 751b91d381c882a5dc0c0ee6313cf3e7ef51b4d369330a169cf9625de99e6019233109e815fc474fae44d79235940ba2ce68af7033f4c4c994e2774bbd8105be

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\fr.pak

MD5 a1de4ad3d9b7aa8f122ba00cb983e49c
SHA1 323d6e1b4ed75f9406bb8488d7ffc7e12fa96886
SHA256 a69f52162f6081a06f835ede10818218df6e211f00d0ef24561e6221f4696e61
SHA512 542f0818ea4517fdea929f3d4938f7de75e2a5e6d872607e548f87de7e9cd0737fab3f5e82ab7895f44e809279d81c490999ed055acbddafe84f85e60ce2e23b

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\fi.pak

MD5 1cbfa553a5b1de642ea4c248dfe1edba
SHA1 5de05b3c11fdd59ff5064a153a6dcbda33350971
SHA256 8f3e8ec0fbb471b45db65a77dc1013e3363f387d3d0c6a458c90f371907d0085
SHA512 ea3b99be7da893be8c3b228d1d3d7b644a1f5425b5380dc3e0ae0ba1bd29cf39dabe73819bcc4fa67f10a488f018e9fa2328995cb78f40ae8fdb66aa514188aa

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\fa.pak

MD5 f7da0d07b54698bf8a213d0ccf1942c0
SHA1 d64fff18274ebe71a4aaa4754f9bb99d616fa000
SHA256 33bdd6eb52f648d475306f35b6103500b864672cbf39cc0fbd8c4ac84c997dec
SHA512 ce7a7b3df4c814a26e3fd9fddafc01ac1a4b2a87ef2d2893db5d0edf8e5b8bfe34afb6e91ff94306248361d57c6b3bd63d116635fb756aab74c4aed38f31c88f

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\et.pak

MD5 5b169234895d929930140b4869a0b81a
SHA1 f58ba50d1e19ce191a0f8117f3e70f7f3dcb7362
SHA256 c465da80b14981bdbc687b7c37bf70d2bd4b8e03293c04ae5410f84c91ef980e
SHA512 c4297e272b5c04a0ee0956b873d5246591bee98c3b340e72202f3448381c691096a5bc540fdbcf61fb40d6a69270afa7198c1f0ccf3b2e84cabc906e23eb022c

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\es-419.pak

MD5 c8f488b85c17431360e531aa507be979
SHA1 bea5d66bdcc05869a0389e051a9217fd49e48fcd
SHA256 536339d99dee6e8c01f018d4700ddd92ce063f765766a48073aeb256669680c1
SHA512 1d7f9f84a8d7c055bf705c71efaea817f1b9dedd5ba314fec6ce5324f578d3130b5541bb52fa55db9f6e46efa8e152d50199a61c7e2466844a4414df65d61c22

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\en-US.pak

MD5 c9c2abcb04e1ad5f1a20244da8d595a8
SHA1 89ca81da21900074a5ccdcdc852768277b2b620b
SHA256 0364c73f320e441b03cb2afcaaca3ffbfac51a3559dcd0ff99a1accf82c7f762
SHA512 96bbf21174f56a111a2fc6ec024ab2f143945306797e77d773367a7fad42b7828ebb7b08d0dab76858d9fa340bf3205be403bc53df9e5e4e390058c94a751ffd

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\en-GB.pak

MD5 745918a5a74c7b6f4818a8bb8813f456
SHA1 031f50286d003844425ddac557e13e2ea4554bc2
SHA256 91bdbf5f1f6bcbcaf16e47865f72ec97d72c74174fb929f089d14c00989f91f4
SHA512 5a1eb0231352705bab527ab27543612d75cb00c522620828ce2a0fdb0b47be9daa2dd7a192f8b4bf299007c5af1d9515f900b9586ba44dd2bd9f4cd4436aa681

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\el.pak

MD5 2b391b2b35f7e096f696faf5dc093366
SHA1 1409134a46fcb84457a0e332edde98f7666246bd
SHA256 f1fe39af50f4bfe9edcea3af6c132e87d464d7277fb491ed95d7189b3157d20d
SHA512 aa640ca41dc9d4f60392b61bbead215345abd32369b0de90ed1d7ca2ff7a838d04689d538789a1adc0324fe4539c34db26b6c245155e51fb0308af13b60bfdae

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\da.pak

MD5 5b033c206820ace5eb4c6f82aed34a5d
SHA1 28017cfc13259273022059f02564ffc99dcd75a4
SHA256 1a51de04cb205c708520f1b013447f1a89f0b1330dbce6d1e71cf355319d1108
SHA512 e423069f7a895179ea17be5774284e9e2e27f02c40bac7d7211cab77348800622796f04c3e6618905364e189ca5ec772ed7dbd285872777d163d3ebec08a64d4

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\ca.pak

MD5 a0b45b122241cf0c11a081eefb9cb4c6
SHA1 91fd660a4688aaa70fee42e783b8b1863b4d11d7
SHA256 7d911cda51564500dd7a6de43a1e347869427c035b15fa25cad0526be9e055b1
SHA512 abcb3bcb96934189cdfd52528cd7c65ea870c9b997bf6349599b7064fe6f4bef0d34809f0f958e4d4e46486e7c0a41f86b5ed0a132bbf20743d41f3af64788b4

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\bg.pak

MD5 01dfb1a7815613fa0a5411235f45b27b
SHA1 3bf1ea5597ac77b26bd30caa1efea7cb4f7a1b19
SHA256 13d08d2c4972cd18bb8ea8a57587dad29684c2336f73282dd3284b0649377cf8
SHA512 5d8a65e5a17aa163fb679e003e1837ea96e515b105c9977029a5ca4854845289de5d65c0edfd473cb74410c5cacdb5b360f25a69776705fb05f48688d92680da

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\am.pak

MD5 39a396fce4d93f744b3c786d62d2686c
SHA1 7ec8176e652b666b6ab9fffb6cb9b7dcfdd1a2a2
SHA256 0b1d326be9dabcda8e37740017383f2d8f1bec7a8fdb1f11ebe538c3632453fd
SHA512 798063b51f745fc2c9e7f852f72ce55939ed41305d070d1844c790755f7ab42a6830406ba2485237d37a0c46b804512e7dc37c65b7f03249c28741a4f706017a

C:\Users\Admin\AppData\Local\Temp\nso18DF.tmp\7z-out\locales\af.pak

MD5 d16ef573959cf5cf0a6eea20136b9c0b
SHA1 e3384ae3ee92e1dae47a48e45589372e940aab33
SHA256 73a8401e6dc17c4daf86b42c65b81359348f7e6b4d62d8637138e747bb3ff0ae
SHA512 064c2912f766f10ec042adf82709ac9582cb8430e3550690fc17343c380dcbabadc0084e08aa5f3eb6faf79a652d26e1fe2606625a180b7f47808df07a566933

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240611-en

Max time kernel

1563s

Max time network

1575s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

Signatures

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2408 wrote to memory of 1728 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240221-en

Max time kernel

1563s

Max time network

1567s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

Network

N/A

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsel-20240611-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsbe-20240418-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1799s

Max time network

1751s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133632538659027921" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4748 wrote to memory of 5096 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 4748 wrote to memory of 5096 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 4748 wrote to memory of 5096 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 2860 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 4516 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 1508 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 1508 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2860 wrote to memory of 3596 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5096 -ip 5096

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5096 -s 612

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8411bab58,0x7ff8411bab68,0x7ff8411bab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2280 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4412 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6531aae48,0x7ff6531aae58,0x7ff6531aae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4228 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4480 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4568 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4940 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4852 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5172 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3416 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5228 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5708 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4640 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5728 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5772 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3116 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5536 --field-trial-handle=1704,i,5429871066771971700,7160891578930327538,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 node.minepi.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 addcb3e06ae19a60a9177ab4ae943aaa
SHA1 20bc05c2a24af6f22e395439ca7530d2e6b067b3
SHA256 42c877ce14761330ed822885e8d6faf7558fc904131fc17a4ddd1389d6743627
SHA512 0434d8431c162f22ed1ff045b79906e3777f03093e95cf0ce919d10a5df8a87d41288de0cf23e988c047b80ec27708c3f7f44bb6d9043a5233bad99e083637af

\??\pipe\crashpad_2860_CKPECPREIAXBQRYL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 91a1d6f4bd2dc46e77596340c4324a64
SHA1 234bbf65d47bedf35a9529c71c2354beef27ff61
SHA256 bbfc423eeba230bfe31bbb22284151843bdbdeb2b3319b902dda1b74e8a500ec
SHA512 848bf0a50dccf8532541a1f807ff4f46dc581c7630b9ce1dc65851cbea7efd015e93e50a33bf9a8a2a092122808b7bd2871da6d689d7bc8a6bf7ef1f7e22afb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a2f5d6a9756c0142e335bef318299da
SHA1 1734e3ad0ba8487ad6666dd4176fc7ba8a95abec
SHA256 a4e69c8767f2b2634a17a87dfaaef437a6ae4f5ce3cdedf778af107a996b526f
SHA512 2d24ca0f29d21198277d44f7cacb77ace12886a1ce4089f5c4f412803fa748b40a972dcc07604027ebee303a66db244a50404685fde768ef367c168e90fab9f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0effe526d809b186e7cc5de0f1aa79c
SHA1 7a11855faf748eff2e97a07fabac30f16d435160
SHA256 76b82eeabec4778732c7b2d68b08671cf30c94af5370f370ed8952bcac126789
SHA512 325d18375c345432724dd631d87db698a580c917f4dcc2e21181e2452b70eda7f46d475c89c5e228511807ece456143d8b54ba47126b80d80ce3fe0f303393ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c1400241cecfe1077e87086f59c48bd9
SHA1 06681f91a15a6b3486e317c6ec52c4d5fd270113
SHA256 6edaa01e945907a7112db38f065d67a8ce4cb8186a9a5b7f8be799614d6ab32a
SHA512 2bc6cabadf40e795478cb4e99289719f752d4ac5ea7f003bcc46934c88389aca2150c2695f959d1fea86879c41ff7ce59f17506dabe045b598cd522a12d72608

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58e78c.TMP

MD5 0f331257f708b75f8ccbd911a2528668
SHA1 c6665add59098adff9bb2a243a9dd51ddd18f7ac
SHA256 6f1a7ae5ae7bc0044be5eaa95539780b50aa88ad7b0fab34812d3bc47d55587c
SHA512 124b6176f09d9942fa81cb5bfa0c65fbaf52a99cd519fc690a4545f5f1b32d8c27b7faf261a7a32555d3ff8de32b93b0f2dae7d069c5e9e927fd5d47f8c47470

C:\Program Files\Google\Chrome\Application\SetupMetrics\20240619065749.pma

MD5 6d971ce11af4a6a93a4311841da1a178
SHA1 cbfdbc9b184f340cbad764abc4d8a31b9c250176
SHA256 338ddefb963d5042cae01de7b87ac40f4d78d1bfa2014ff774036f4bc7486783
SHA512 c58b59b9677f70a5bb5efd0ecbf59d2ac21cbc52e661980241d3be33663825e2a7a77adafbcec195e1d9d89d05b9ccb5e5be1a201f92cb1c1f54c258af16e29f

Analysis: behavioral21

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsel-20240611-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:27

Platform

debian9-armhf-20240611-en

Max time network

1679s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 1.1.1.1:53 debian9-armhf-20240611-en-5 udp
US 1.1.1.1:53 debian9-armhf-20240611-en-5 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240226-en

Max time kernel

1784s

Max time network

1802s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

Signatures

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4452 wrote to memory of 4464 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 4452 wrote to memory of 4464 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 4452 wrote to memory of 4464 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4832 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4292 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
GB 142.250.200.42:443 tcp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 13.107.246.64:443 tcp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1343s

Max time network

1173s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3952 wrote to memory of 4888 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3952 wrote to memory of 4888 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3952 wrote to memory of 4888 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4888 -ip 4888

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4888 -s 612

Network

Country Destination Domain Proto
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
IE 52.111.236.23:443 tcp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 25.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

1681s

Command Line

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

Signatures

N/A

Processes

/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/usr/local/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/usr/local/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/usr/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/usr/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/cmake/ci/doc/generate_image.sh]

/bin/rm

[rm -f ./docker.svg ./*.png]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.129.91:443 tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.129.91:443 tcp
GB 89.187.167.3:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.6:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

1681s

Command Line

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

Signatures

N/A

Processes

/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/usr/local/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/usr/local/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/usr/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/usr/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/make_release.sh]

Network

Country Destination Domain Proto
US 151.101.193.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
GB 195.181.164.21:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.6:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.96:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1625s

Max time network

1639s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

Network

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1796s

Max time network

1804s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

Network

Country Destination Domain Proto
US 138.91.171.81:80 tcp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240508-en

Max time kernel

1556s

Max time network

1561s

Command Line

"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A

Office loads VBA resources, possible macro or embedded object present

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts = "1" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\COMMAND C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ = "res://C:\\PROGRA~2\\MICROS~1\\Office14\\ONBttnIE.dll/105" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ = "res://C:\\PROGRA~2\\MICROS~1\\Office14\\EXCEL.EXE/3000" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\COMMAND C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\ShowDiscussionButton = "Yes" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\Contexts = "55" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec\application\ = "Excel" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\DefaultIcon\ = "\"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec\application\ = "Excel" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\14\ = "C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\WinWord.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\DefaultIcon C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\ShellEx C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\MSPub.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\htmlfile C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\WinWord.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ddeexec\topic\ = "system" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel\shell\edit\ddeexec\application\ = "Excel" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\14 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Word\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe\" %1" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\EXCEL.EXE\" /dde" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSPUB.EXE\" %1" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0045005800430045004c00460069006c00650073003e00560069006a00710042006f006600280059003800270077002100460049006400310067004c00510020002f0064006400650000000000 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Print\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Print\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe\" /p %1" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597} C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\EXCEL.EXE\" /dde" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\mhtmlfile C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Publisher\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe\" %1" C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel\shell\edit\ddeexec C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Publisher C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shellex\IconHandler C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\ShellEx C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ddeexec\application C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print\command C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE N/A

Processes

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot"

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

Network

N/A

Files

memory/3004-0-0x000000002FEA1000-0x000000002FEA2000-memory.dmp

memory/3004-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

memory/3004-2-0x0000000070D6D000-0x0000000070D78000-memory.dmp

memory/3004-11-0x0000000070D6D000-0x0000000070D78000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Templates\Normal.dotm

MD5 96d5d694689fce709d63a31ceef7d949
SHA1 0811bcccdda802e47b326326a98aec2589d7f49a
SHA256 b244e8b2f9bfd5f2c60d1ee975ebfc914d720c7f14908c3b9a0f6ff13f66c029
SHA512 d549e85ca4abbb823b393578e4d9cab7f6969bababdcc2fd0b6cb13d5a0313e32b1131ae866c9e8ad880f0f24974c7edfbdd82b03aef0aef658acd653979e542

memory/3004-26-0x000000005FFF0000-0x0000000060000000-memory.dmp

memory/3004-27-0x0000000070D6D000-0x0000000070D78000-memory.dmp

Analysis: behavioral22

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240508-en

Max time kernel

1563s

Max time network

1567s

Command Line

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile.vbs"

Signatures

N/A

Processes

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile.vbs"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1800s

Max time network

1805s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\electron.app.Pi Network = "C:\\Users\\Admin\\AppData\\Local\\Programs\\pi-network-desktop\\Pi Network.exe" C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Checks installed software on the system

discovery

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Enumerates processes with tasklist

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\tasklist.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 388 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe C:\Windows\SysWOW64\cmd.exe
PID 388 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe C:\Windows\SysWOW64\cmd.exe
PID 388 wrote to memory of 2360 N/A C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe C:\Windows\SysWOW64\cmd.exe
PID 2360 wrote to memory of 2288 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\tasklist.exe
PID 2360 wrote to memory of 2288 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\tasklist.exe
PID 2360 wrote to memory of 2288 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\tasklist.exe
PID 2360 wrote to memory of 916 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\find.exe
PID 2360 wrote to memory of 916 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\find.exe
PID 2360 wrote to memory of 916 N/A C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\find.exe
PID 2728 wrote to memory of 3512 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 3512 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 1620 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 1620 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5588 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5728 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 5728 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 1620 wrote to memory of 1336 N/A C:\Windows\system32\cmd.exe C:\Windows\System32\Wbem\WMIC.exe
PID 1620 wrote to memory of 1336 N/A C:\Windows\system32\cmd.exe C:\Windows\System32\Wbem\WMIC.exe
PID 2728 wrote to memory of 4568 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 4568 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 868 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 868 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 2592 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 2592 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Windows\system32\cmd.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe
PID 2728 wrote to memory of 2352 N/A C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe

"C:\Users\Admin\AppData\Local\Temp\Pi Network Setup 0.4.11.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Pi Network.exe" | %SYSTEMROOT%\System32\find.exe "Pi Network.exe"

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Pi Network.exe"

C:\Windows\SysWOW64\find.exe

C:\Windows\System32\find.exe "Pi Network.exe"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Roaming\Pi Network" /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Pi Network\Crashpad" --url=https://f.a.k/e "--annotation=_productName=Pi Network" --annotation=_version=0.4.11 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=26.6.10 --initial-client-data=0x4c8,0x4ec,0x4f4,0x428,0x4f8,0x7ff6c1a38e38,0x7ff6c1a38e48,0x7ff6c1a38e58

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "wmic os get caption"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1852 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=2068 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Windows\System32\Wbem\WMIC.exe

wmic os get caption

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --app-user-model-id="electron.app.Pi Network" --app-path="C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2496 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --app-user-model-id="electron.app.Pi Network" --app-path="C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\resources\app.asar" --enable-sandbox --enable-blink-features --disable-blink-features --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3420 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --app-user-model-id="electron.app.Pi Network" --app-path="C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\resources\app.asar" --enable-sandbox --enable-blink-features --disable-blink-features --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3536 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --app-user-model-id="electron.app.Pi Network" --app-path="C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\resources\app.asar" --enable-sandbox --enable-blink-features --disable-blink-features --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3652 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe

"C:\Users\Admin\AppData\Local\Programs\pi-network-desktop\Pi Network.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Pi Network" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=3440 --field-trial-handle=1856,i,2466836313363611359,8858792844742014896,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "LC_ALL="en_US.UTF-8";LANG="en_US.UTF-8";LANGUAGE="en_US:en";df -kP"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker stats pi-consensus --no-stream"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker exec -t pi-consensus supervisorctl status horizon"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "docker logs --tail 250 pi-consensus"

Network

Country Destination Domain Proto
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 app-cdn.minepi.com udp
US 8.8.8.8:53 app-cdn.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 app-cdn.minepi.com udp
US 8.8.8.8:53 app-cdn.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 app-cdn.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 downloads.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 sync.minepi.com udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 o517344.ingest.sentry.io udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp

Files

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\SpiderBanner.dll

MD5 17309e33b596ba3a5693b4d3e85cf8d7
SHA1 7d361836cf53df42021c7f2b148aec9458818c01
SHA256 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
SHA512 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\nsExec.dll

MD5 ec0504e6b8a11d5aad43b296beeb84b2
SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c
SHA256 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
SHA512 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\nsis7z.dll

MD5 80e44ce4895304c6a3a831310fbf8cd0
SHA1 36bd49ae21c460be5753a904b4501f1abca53508
SHA256 b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512 c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\chrome_100_percent.pak

MD5 e4cbb48c438622a4298c7bdd75cc04f6
SHA1 6f756d31ef95fd745ba0e9c22aadb506f3a78471
SHA256 24d92bbeb63d06b01010fe230c1e3a31e667a159be7e570a8efe68f83ed9ad40
SHA512 8d3ea1b5ca74c20a336eaa29630fd76ecd32f5a56bb66e8cef2bce0fa19024ea917562fd31365081f7027dde9c8464742b833d08c8f41fdddc5bd1a74b9bc766

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\chrome_200_percent.pak

MD5 99b95d59d6817b46e9572e3354c97317
SHA1 6809db4ca8e10edd316261a3490d5fc657372c12
SHA256 55d873a9f3ac69bbf6eb6940443df8331ebd7aa57138681d615f3b89902447e7
SHA512 3071cfeb74d5058c4b7c01bfe3c6717d9bb426f3354c4d8a35bd3e16e15cde2f2c48238cb6382b0703b1cc257d87fcecfb84fbf4f597f58e64463ceede4366dd

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\d3dcompiler_47.dll

MD5 2191e768cc2e19009dad20dc999135a3
SHA1 f49a46ba0e954e657aaed1c9019a53d194272b6a
SHA256 7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d
SHA512 5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\ffmpeg.dll

MD5 ce613fb05afd722fac05a28d6e935cd4
SHA1 d96ae5969cb134a8686d8ae72be304848a4d1f0e
SHA256 742c956f892ad0833a5b8c52d19aa69940bc15bedbb42890598df61b263f6fed
SHA512 c886e1e1e24e4b3320842127a7464a1baae93b0f791c7fff06af3ae1d7c312ae490f7d5f41c6d857b1be9da39c63e468b7ac6493ba7ee9e2ebf5e6344acda7d3

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\icudtl.dat

MD5 62880b7d351a9f547b62b8da6c97ce25
SHA1 057f11003013cfb3f1c63e6bdd4f2f9949ff0104
SHA256 7c40c811d30d459dbf04a04c141b60eb4247cd58a008fb836605317df665748f
SHA512 0d6f83175a91d90f4cc3ec4d9071b7acd0cd8ebbcc592322e46fde2adb7198e035af62c45a11a622f2a908e26d4dd8b8d1af023e634a74d0824d02c791ba3c1a

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\libEGL.dll

MD5 874b49121773393e5ab748e52c630089
SHA1 f35c93744cd2f0c178fc250116588654772d1339
SHA256 d9773c57e821ef87891375d687c68c0be75222316a666e8c49640aad80f60959
SHA512 ac8a09d44d7242d0e897ea84fa8f3f3c1d0e203fc3c03d5e62fba75f0c5e88189037145fb3548eba54c6c657af9126da96b6fa224dcbebbaa51f84f74dfa427b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\libGLESv2.dll

MD5 47fd3da85f490e65b3252c83c76e63a9
SHA1 6f799b2d5f1768682cb6d8c2407110410142444e
SHA256 49ace76d838e02994a03354e557ae65a305d9c5c8441774fa174177451e26dc9
SHA512 8df107a48ff17000ff0a59139fc545276a12355a052658d933a2681172d5bbabde48b2e17925680a80006587c318876d494096d27f0c41b281e39a5bdbd14fb7

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\LICENSE.electron.txt

MD5 4d42118d35941e0f664dddbd83f633c5
SHA1 2b21ec5f20fe961d15f2b58efb1368e66d202e5c
SHA256 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
SHA512 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\LICENSES.chromium.html

MD5 e400cd908b8fb7c13985e2f5cc7a7044
SHA1 bbafebdf5b067a7d7da130025851eaa52ec3c9d7
SHA256 ee3b1ab8794c749673ce9bd2dd302f12d69f0a1a4adfe40a64247746cc311829
SHA512 e7ca440f0e042d7fcfa99367426bf19899a2b227c6d7b6e2c25d4f1a40113250f21ebeaaf91067d8569dfbad1415d4fe3e5626d7254722f2778497fcb22e5d6e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources.pak

MD5 4f1e4a359a66a46eb55313e04090e102
SHA1 e3f971830be08bf10638ec136e7b9a7990abe4d2
SHA256 50dfd64b881b8ff256c7fc4d3743389e6e2f95cf6da453629557812ddc0f7004
SHA512 7762848e8404dacce11a83195ab4e8d1cf391d9916f27e165ee257a6ba7d6a73fc12c855be74c734eacc897cf64655b949557ea12275f3d488cc3680d7fb5e7e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\snapshot_blob.bin

MD5 40a3c2200e4126e8c47a7802532c9236
SHA1 212a4686dea5a467b7b6fa54397e42122b235f1e
SHA256 94aa518fc892ee9a0f1eb5fe35b60123ee61a5f848864b00519b96d8d5d9786d
SHA512 fa1a943822abe3737587d520654078117cae86c58fefe6dd6a09f4a08c09293e9547a0ad79c52f8638dfbb1c496df3d0e828ce414176c8fbb77113be41212866

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\v8_context_snapshot.bin

MD5 264e3b574e4f86b1fc47b2427402e779
SHA1 4a4f9e7c3da262713e4cf7af6ac51822c56b5ef3
SHA256 ed559c6e81b6003b2057e5c1b0bdb5b28ca094b895ca86c69fe11c5c9e014f06
SHA512 144365d0fb83576aaa02ea6ecea51d7ba2cacb044eea568a08f65b98a83d3e7d7e693738e065e22f94bfd1165d0ea93a749dd1325d829257a9bb6607a9a927db

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\vk_swiftshader_icd.json

MD5 8642dd3a87e2de6e991fae08458e302b
SHA1 9c06735c31cec00600fd763a92f8112d085bd12a
SHA256 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9
SHA512 f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\vulkan-1.dll

MD5 5148e286ea76b5c3a01656a84548d035
SHA1 9f90b7523c64c62d7b0adf4511b49a3f2bb022eb
SHA256 7fb87a7f0d50007dca64bf845d444fc66116a57edecdd8487c91d6879b578a0f
SHA512 23527f9eedc4873320c65b91afd90873febce3f666470dbaaa42e1165c4b864f1df19038bb272954eb2281bb103c15199c6ff25ca44c0ecbfebfa1f5b34c01d6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\vk_swiftshader.dll

MD5 e53fd0779465c910b275f93abafa6e3e
SHA1 f38f2711805d08b4b6d29b0a49253db0da939fcd
SHA256 58e2b5ab33366550207ed8e1f420b24c94b19fbe8e753f5a6c038beb829533a7
SHA512 934e8e68042d1adcf17efc1fbe728930ecb2d6cbc0fd60ad064e28e18ed2a57fffc7331b2eb807f6972c0c37bb9acc69c97a137b264efab67e180a8fe0d1cdc3

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\af.pak

MD5 d16ef573959cf5cf0a6eea20136b9c0b
SHA1 e3384ae3ee92e1dae47a48e45589372e940aab33
SHA256 73a8401e6dc17c4daf86b42c65b81359348f7e6b4d62d8637138e747bb3ff0ae
SHA512 064c2912f766f10ec042adf82709ac9582cb8430e3550690fc17343c380dcbabadc0084e08aa5f3eb6faf79a652d26e1fe2606625a180b7f47808df07a566933

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\cs.pak

MD5 1101c784521a550b0561b363722086de
SHA1 838f2bfe3432b87b950a2ec5d9862d2f58fde3e5
SHA256 cc6ff937d1c9fec4634db4e2f6c0718d2606fe2d5d25addf1314e110c5b78772
SHA512 eca3ce2075d3c920116c9e34957631e0617a869467bb76b09873ae96f7803f20032a6dd0a0f785f9e59dcfce3a4ccecdab2d445a860bee20d42e140b45e74089

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\hi.pak

MD5 cd91036827739441e4cc849aa30706d6
SHA1 cc8e4c53e18db16876f855c2377f3cf0e2abf95a
SHA256 0936587aa072339f8dc347506e5553159319a686010ca1912bed1d830e107c6e
SHA512 553773bdc11be94f495b88e0587d572455ef68c182d51c9e1ae0e3aa23744f836996a446ed136afc562eb9a110e435b494d5955d2792a364a619111e7b3550e6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\he.pak

MD5 9fccb330d8b07ca54661407cf737d847
SHA1 2c6f52801b66aac7d08acb60d9736f9149e48ae5
SHA256 bb06d364a91b8641724254822b2eec5d0675e262a4cbf93b92494f601807dbef
SHA512 0cbf36643cc7b1d85dc7cb7825bc816a8538d0cc50b137dd27d5a9703324ae7ff271d38dc0cd6e4a99c6b391070690b90eb8ddb1cc511bc8d84d49a32d36c34c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\gu.pak

MD5 02bfa1114fd5b75261c24d6c0e6441f7
SHA1 d48b80339405cb8c8ec7a19b688e8d544938c4c7
SHA256 bbb17268412fb3e13584ca4dc90a94f984177d3c97ee89af2a57324709f8ed1d
SHA512 751b91d381c882a5dc0c0ee6313cf3e7ef51b4d369330a169cf9625de99e6019233109e815fc474fae44d79235940ba2ce68af7033f4c4c994e2774bbd8105be

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\kn.pak

MD5 56c5f63f439cc962b815bbc4f3f12c32
SHA1 c96248cafd869fef11bc37aefb1382d0f60a7855
SHA256 14b332541c2cce0835202372f8cc822aef30b3575b651c96219a88b8d1381648
SHA512 9210759d8e73266381fbf04280aad0bc5006f315ce3fca74fe304b3261af0ba399210f0b84620230d6aa0c667e60c0a6d9e67681fdfac401338e9331475bb7f6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\sr.pak

MD5 48abf758a49e2e8aab013f2bf56091c0
SHA1 ca909bc28b03bf959ac32e218a318289e0badbf0
SHA256 b4cf2d19b5e443b57ca9d1189880458a7cacfe1c8b231265557a3fb58f597617
SHA512 22d65df1cd35a8127296420a699f26edf55813fd6a970050dc9b2b051aaf7da2cf2fe6314a94977587021c02aa7d8b42541e1d08d5940fb7e1af127e87268c68

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\elevate.exe

MD5 aaedf59c04a668dc3ebbcf47d7d37faf
SHA1 a4f30f80ce1964a8a9a2e90a7e609b3996e9de8c
SHA256 de83d24e7eb104614bfff891d58bc32cb5fda9edc4fa63eae609d7496cbfeb87
SHA512 d9d13a827ad4703df87e5a460057072a1afb2a6fc819364d35016039ff82df92881672b542d66d28db895953fdadcda5709e205f05ff89bdc8d50bfa7b65f07b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\CMakeLists.txt

MD5 9becf964b97fab96c4ddef0becaed166
SHA1 16ab050968aa40f38ce7bc899e153b3f2dca8855
SHA256 073745e7eb1dfe8194d2d79b6f64d7f089dafcc9b59d28f57879104a397f6b94
SHA512 9bc78ff978353452664434a1dbe1f819cdb33ab124f2b15f05e3a3bdffd4e114259275fd0abd78090922eb9297c05de014da1617ba51fabc4662474b543768ab

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\filesystem.h

MD5 3004811ba5ef799952cacc837a4edf95
SHA1 9625bcceda9df04e0d11b860ce2709c2b106d379
SHA256 fa89e83792ae259a458e3e43c11195de367be0db97747676ac579e9556028f63
SHA512 8121282a475b8db2f812ceb767c14fe89349b0e41bb45a0ac94ee45084236b5cfa963d12aafd33a4e2db06937186b82f3ce4263f67e48e4e84bc6d8ba666038c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\install.js

MD5 4b1149f77de8b7f90dbc1967b4705f10
SHA1 df90983b41fb921c9ef0402c6647593d9667a1e8
SHA256 52c970cf01ed6e93f04300a2e9f68d1b9a00a4d0dcfaa77aa5d520fc8e2a0a73
SHA512 08686ca2cd3fb8df28a8c7b5af3666831515f624ff1025fab7a3689d423085b1f8a20ba73a5dafbff5d935ceae30315c7698004cae8642ab8c64bf3511fd7d5e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\assets\icon.png

MD5 8e90acbb09f0af880b8f9aa87b9c4445
SHA1 8ecfcb8ec2a9dce18bece3ed4c40c10bc7499460
SHA256 192890b6ab906f3f2cd4894c9c107f4a18aa6c8574e0fda78abfe95b92acfadd
SHA512 44aaeedcd49defce6e5da72c89cafaa9102eb4ba25379bdecc82d87576c705ce00c9988f30827c9b9707974f34f2b7c91bfce55c1a1752adaaae8719b23fdf9e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\assets\entitlements.mac.plist

MD5 9920b60c89256ceca825062dc9c53c53
SHA1 0f1d847ef4067022c69fd82c135f3dfd2e4d352d
SHA256 f4b2891dc2b1239191cecf7cd5b9a36ea4edaec33c1cc091e09380d669e8fb63
SHA512 93ef0a66d6aa8091af3ab8af4b1ced502ded11f658aa77b6a5fe9e3d36bd5d01231060a0a656ea627c0fa32313b7a3438c75e1eb96f4f07692ee4d0f53ce9a90

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\WinShell.dll

MD5 1cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA1 0b9519763be6625bd5abce175dcc59c96d100d4c
SHA256 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA512 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\assets\assets.d.ts

MD5 b9d1467e2b8b9e67630f784255b565dd
SHA1 67f2a748753e51c6b782c2a257a9e3b088cffacd
SHA256 d1688c0a786e3d9c4dd1a71178fcd06230eb5eba9cd64421015b98c170cdeec6
SHA512 f29bd26c1f3e7c685c9e85acd62b78e0880bd58b00094e01088beaaf141ae8ad5b74589e164b7f4a2882de40f98158443c9dfe6b90ad2a7ba8a957d4202bcb10

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\pagent.exe

MD5 4fe4084b2ca508abb3e7c4df980998fe
SHA1 b34fcf53fba9850ebe58ef2ac6e6e7c48674705b
SHA256 8176da517f23122ecffcb85440ac4da50aed2923040f7d21a3ab172da6924c60
SHA512 3d084136ae59365be135a126a05cc7574cac82399d111ea5fa6280c708fae0dca5a4f79a91c708582b9957260d108fdce86daaad0045c54ea14e50e415df55a4

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\pagent.c

MD5 f0c117a351df8e532fc227e8d60403d6
SHA1 76cf0f3eebf6a01cd780e6d527708776173e1e08
SHA256 6a4825742849e5b1ee0b79e860746e8ceab511ef896d585ae4fc8e50567cfa46
SHA512 1025800e606d4d19d634d8c4679837638fb7dc50c04118b21a436efc2a56a0aa615ab813f2afe1071f99c8db82a6cacd9962324e7929d183d2fe5bfd784336cb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\util\build_pagent.bat

MD5 bed30ff5dac655070584704c6a306f4c
SHA1 9ee01d85dcbb43721ebdd3b148507810c2d9366c
SHA256 a53d135864c0049e1ba1e956a99f31bddaccddb49aebf15b1dc39c0e0fcf2284
SHA512 528288b0b5130f2b86721c12d85ea355d3ce1f295004088fe05a0ad15a9a638209cf32114c42da4399607c258cb4c4e66c7e6e6679166e08f5f3e5a54c8d6040

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\crypto\poly1305.js

MD5 ca36b7462ea0f4f5ce9e68c9ac67c573
SHA1 ae86026ca6d9c64db23373e8becedf822765b1c4
SHA256 55a579ed6a30022054fd1dd822b1b49e2fc51bfbdfa933bfe441de8b7e4dce40
SHA512 e519717d8f653a11e786c396e1d2d0809dcb4fa5b72e9ac0cec7ae46c1c686ddfdd58ad122f7a2b37d295b30f725bcd6b35498b2c3a83900e77430fe900e03bb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\zlib.js

MD5 9c0f8722a3b3eab38efd8d2ee6ddd378
SHA1 4d424e4adf177b4caa1189c10255676f6c9f83a1
SHA256 8cd9f4c1825cbc394ddf9cf076a5ba9195ec255db9e904182ae9c25a1036e2d6
SHA512 2d05e11f0ee01a552c6bc007850d722b7a5afd626553242a056019f939b3d152e4ab72f43d55b51a24059fa13845b32bc333208657e959885a46e32507feb8ab

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\utils.js

MD5 389d455fc1274f5ce6f385af1ca026bb
SHA1 d73d6f3823f842eb0786208d2bfdb3824f462c61
SHA256 402b39e75ede9e3dc99af5e8af008602546f35aa1472bd4232c06f606987f053
SHA512 42c78ebedb062a9161dc103a5370412f75b4465e6ab078370489b9db8d913047175fd5026c063cdd25a50d180efe70443153f1d52ad3e8cb6bbdce99b5c8cedd

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\SFTP.js

MD5 eb5fd378ac8125245e296c308cca69c8
SHA1 61023cfa39304488688d229d8b32daddc2a49be7
SHA256 812df65b1a573609f718c8c42339c036883a238a97ba4b3e6c263b7f906fedac
SHA512 3c67ae5d96fd747c1e5710b8f230d9dea03d9ce33916e79c80ffe3ecdc47f1d514e801be66ee4bde16d47d302d32c02ca07e783316263cd4328223ec9a5a4d31

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\Protocol.js

MD5 04f10f3253aa1ab3da1e4afb3cdefbd6
SHA1 9daf952ec971dd9b179c27c43bee73ca0dc9c22c
SHA256 c1104b49087de7a91cd3ffaac8807c05eebf49f61effd084d0b0caf29fde6af4
SHA512 316b7ac066979272b3499629fa2f32b23ddb72c9c405ad3e58ece3c5eb52179f24034eeb96c753b5a3dccdc357423cff36ea28d2598fd4dde99330c533990128

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\node-fs-compat.js

MD5 6bdcef6a38d4eea3135f1a0dbf59241f
SHA1 d87f78800ca333e33a63e12ba53628410b4a8791
SHA256 d46a25cc158456c4a82b686ceed9a8267dc7d1bb69b6fd1d1f9b09d467951b4d
SHA512 3e2ee0a667f7f1d2f104d9c6d8d9cd88356fa14d792ba2d4455779c5e84a3bd05704e3e13462694c99d51bfcd8aa9c6d386fe4186ac8159bed779f529644be32

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\keyParser.js

MD5 6b026334dbf0edf6506d67bcb1f84d82
SHA1 6e444031f461989444078ae6f9b637101ad6e627
SHA256 2c4063fe095c9deb5803dc4f730487958217e8540fa61085ecfef9a4c3b6ebea
SHA512 dafeecc9a9f3df1c1dba1963224717e4ae3de8f63817049ecf04e1438c1b3ca10759aaff54b85591fd7a3b82963b70874adec24406969ef3eaf331dacb2e93a2

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\kex.js

MD5 c75354f8d1fa6b72a3b23b38963f8f49
SHA1 7656530d8f81480238207aa259af4aefb1787fb7
SHA256 054ba4b81801596350f0e2e939746d2966297cffd4303b342c25b2fd5d295755
SHA512 ca47d24c263361617ad8e8fc687ad258c5b4d9c155253a5f54c12b4be89c35a4d1ead2157ad8635ee39747514848d1b392407f7fa9051e35136c1bb0f8b02f81

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\handlers.misc.js

MD5 077fdb63d14df171828ca5e0efe2355d
SHA1 65c8e54422351efd0ad2da59638bb05a89f0417c
SHA256 8927c504c3c338187f36f0304a3452d6396ec9fc907af3db2be46a5f175c36a1
SHA512 c2430526635282b685252321f23dbee71752b4ba463080fd230155382e863079fff4018c6630efd9cc936960f8b7c867afa824aa46f29e46ef713d6dedd20fe1

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\handlers.js

MD5 0f9d21c84ce6c492c35a94dfaf288294
SHA1 ec47b16e35903a25e34b3483e3da05e46c191b75
SHA256 b15f990134a4f69b7492d0b875d80d8c28228907045619b01ec30871ac711df9
SHA512 8c74079b5d2ae11c6d8e9dfed44cfdc3c2d4c9ea25b5250dbb11ae847186dde52d2706c3b3a003347da5b35b8d3f61e3a03004b22da58c20e02249a95d6ab38c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\crypto.js

MD5 d904e7c17a12f07b22afac8011a37ab3
SHA1 e41449122c04b8c8bc958ec7ea19836baaf03643
SHA256 a729d2064e787e2a4589c25a284444fe54a58b7434a4e6e5e8e9c73c6d91e28e
SHA512 0a5a48118781cb332d45e90853af31c9da21f881b0a7bf9b3a1f9033c282c9ecd8c0baf363500e96889000bb6be75bb9ac57ba2ceef74f1432f2a20c5e20b110

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\protocol\constants.js

MD5 9fbf77bc0fc671c50b80f69f85c823ae
SHA1 0126e79cbff82786e8b5270c624a6499b3df9943
SHA256 a3894fdd8e294109b55f06fbda69e467741f15a250801b744b6b0487bbf32529
SHA512 9364b7325c3af0d7147ca255a1409e905f9a49fb22f4946f3b2732362edb5f6a587cb58a9d5efd0a1e8f4188ad76bf5ebd3469f8875173fca439414a654069d1

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\utils.js

MD5 103897a34b15aa2bae141a1f247865a5
SHA1 efa953c79411813ef1bd56ab1d0822cdeedfca5e
SHA256 bbae8286bc64b049499ce353e8dc4eefbbedefca8f50591432c1057276097aee
SHA512 76b6cd18a55b87ba1c1912f96a09c07282adee154deb6ee39ae4f1a1e931e3104c56f093bbfc9e0aca05525b1f58bcde7d62c7fc35d52c2cc9103234d2726386

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\server.js

MD5 7eec308e893780d9370a60eb43af9d52
SHA1 7eb2b897a480f2ca46d640f9ffa1d3d05c0fba0d
SHA256 128b58ee54cf97a5ae17e18836ff4472de4a5e4e591f2862a5c9ec7f148befe5
SHA512 98c32bece427a7a5b679460bdf80d3d631bc895f104e894c366d831d0c1a7cd81015e4aaf09aa32549b0287d99ac8ab63bab486b0734238ddf90f5aa3b22adfb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\keygen.js

MD5 4044cede88a77ca08a00038307720c8d
SHA1 693f7c79ae070d9d6a529a70cdb7bd3933be1919
SHA256 03d0be43e78ca4f82d4c96d084a39c0242f9c56f343da17a819f8bd0d873f06c
SHA512 b39628558fd9c0e21192e0fc39bc17183488449df1deaf6bae5ad2f94b5a62b4a7648df876a314d9bf00ec807a3748996badfba9ff82614a0815d4310b682bb9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\index.js

MD5 6b94ee4dad05ed6ef8685656b6024d68
SHA1 6c5d1510a77a9aba743748ed50379f6d9192bba3
SHA256 27e942aba52a13d7b72a846a4b3fd98d69b65431725b651e7523b74499a2ed26
SHA512 cb854309d25cc4cab1d85d9cfaff85448380f9a842dc0e7d9c6e7fe7d2f8454ec80e53fb3783fe00509b4f4d824b9dc6b75e864ab37a6b033f8d4f583439d8d7

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\http-agents.js

MD5 e90ade66c6a686afe6c7881bafd28669
SHA1 48c2a28aca7d5349674131ce79692585118b3589
SHA256 477d34701116572f2af06ac545994f3e2d2f14b26c5ae76bff2b13de2289339d
SHA512 05d62973c7745dd4c03867a868a9587c179d0ae8f23f66d4a950229bd13f013430f13f2e8f7511b1fcf5dafaa760a49a26de8cd04e29c81b593501df2fb9dabd

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\client.js

MD5 d94bb5213ac675564793cd0450b96118
SHA1 174eca9d97e6ba0c676c5b3b76a14b10937429b4
SHA256 631d0eb1e44c69aa31e495a715228b0a918d83a39589992597be0c90e1b0e8cc
SHA512 a005942829a83335dbec4611ff133be97c615296a27773247ce47458a0e1b5d33dbe4b999c4bc77a91dab44d5c9121322e21a2a1f406dedd2330efcc24f89aba

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\Channel.js

MD5 54b15fa9a2480dbd86595410341ad0a3
SHA1 76cd2594a8432d254225fc563e462bf60554afc7
SHA256 53e92988a025009b192b72be110bd240b5653f88dbdec93e515e3e401e7f94aa
SHA512 fe351d6431f13560aa8629ab865538bcf230b104ced81306f018af5991f1ccbc88677151c1ec4fe6d9dc2a25b816b9b2cd3764c4cb8a4c4882c7ef85b126a7cf

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\lib\agent.js

MD5 4f928fb220e194783bb7dddb525ff687
SHA1 6639e5e4d93cc283548ed6854d0f423326cc7297
SHA256 cc6987488bf45f73e0ac5d8bbe59912b70a144cd73b53c83919f188f4cc3f2be
SHA512 82c332ba7d49db0bfea15746730c9cca1dd34902a5723773cc51fbdbe4bb8c2ec33852fa6f620025abae9dbb02b6f4b51486072109ce177d3ed30ff8ec62c6c8

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\SFTP.md

MD5 e68976959cf80897fb47a79dfab94e17
SHA1 b7f157e32626f9b57f5107f5c0086dd1f773553d
SHA256 9648b6c7da1b011b5cf2c4505e6bceb09ee11716a61941ae5d7bffa40f4ab95f
SHA512 76c90f96f3ce23425f56273461afab014fa679d68411bcbc7d252f49a34732a9ee7fba486fe51bad7c75df665b7d5db113901f352ec6e3c9e8f0b6c3207b2b14

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\package.json

MD5 8fd99ddb58ed77adf9a06d9006c79e54
SHA1 671965538eb630a8067dd6ec2c952d92e50f9439
SHA256 bd8735180fac647270e058da78cee5d6816ab88f26110aa97e57391d09dddc74
SHA512 3e8fb61375a2c956789cd28c3c7238a2f6d77f75a9b7857ea030e09c2100bd8e4d61d87bb96df123d1052af54cad3177369cb38c37258a2bafeaa74307647eaf

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\LICENSE

MD5 df3ad145c2acbfc4f246fa834a6675c7
SHA1 7601ea2d9d1ee9c68dfd8f2d0bfffbb002565db9
SHA256 d06b5d27bbbbe22c36b1fd88406b1208876e2d37d795f5b8eaed951a459a3111
SHA512 1444380f0b33906114c402d4fae723212e5ca7ae14db7feac0bfd5d0947429ad200aa9457486a49a25b86de0e2f0f0f6c4e4a8c7256f254324459828c33570d0

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\ssh2\.eslintignore

MD5 8ff7ca2ba114e8b6cf3103830f215147
SHA1 eea26c964f956bd639fbd6ce4060196637c81a41
SHA256 e32f444e9b9da9883e7cc37eff35c03da954f7c85c1388e0922aa5347193ae2d
SHA512 4ab86cc22741b50cfd2a8b94ee155fa5f83b0fea3d5f0ad3075767101861e1667fa217df683dd62b03f8f4c0e97d78cb41fbaca16d8d8860ee810165bb695f09

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\lib\index.js

MD5 0afaa2068999ceb2a1d4cc42392beb9e
SHA1 ec3cfb6aaf2a97eb31d9fa61e7fe447f9cdbfe7c
SHA256 fbdd49dfead22e1fbd0cfee47457dc343d3a5950092cf7922a671b2d40595771
SHA512 f32f803c10ed400aacab560608a31da26624bc1dfcc4bd281eea0b6c0f8a62262d652cbe2740876324465ecacc182c9144bebf9851f2e1f882a3fbcf75c60ccd

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\hwcaps_for_testing.h

MD5 0c59d8f5b756620ab3ed2b255181b9d4
SHA1 f8ab068c6f5d8b41348919937b2236a41b9a9354
SHA256 641a1a177703f3e31f4dcd49872ffa1198253abfcdd740ca9ecb6d19b8e490a5
SHA512 c5e8f29036aa76d5038723d9f839032d954c10f233dbcfc6de3d113f510b2fa3f752357a2b83d418f24e36b767ec690b270e598ba7c306df59c7743dea330866

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\filesystem_for_testing.h

MD5 18a0d28929d2146268aedc74f57ae33d
SHA1 6d4ac0cbff30fc622e156ff7ce187e9d207dd720
SHA256 febed8193e311b85ed3e094555352f1136905cacec87ad7b523ca326b97579a1
SHA512 51e8605cdf1ee5c02785e0819bd1c8ba3ab0a659693dca88e3ba38d7f4645f1b5f8dc1e1f7fa49a592de5e22ab6a156566238c7fbddbd6f2740d01f35f18c307

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\test\CMakeLists.txt

MD5 319d800633610cc5e857df891b0fa9d3
SHA1 21d421ddebd5b0ee197e3334e6385e7a730bea52
SHA256 4d03829124c7ef6f0368d60ed464c50cc582b88ab3f586049f10af3d52636eb7
SHA512 b15a41d5f834f932065da43d47bfe9bfc47b00ba5497cec942c128be0f4c1fb1a8a44b18da35d30bf66e6c9b112826e6e0dd78f0797798c8d56d035bb5e1b0e2

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\utils\list_cpu_features.c

MD5 2eac1432387a52495f8235ef014f54b7
SHA1 971a9c47e5c6df56acd99f771405a2dd9def101f
SHA256 f756bd53642c97b6eada5fe7979af80f7b4a9f3b0cf5ba090284d4433ae1b22d
SHA512 d70acc036a3fe708b7ee380ae5d38ca0aea3c474d92416f136dbcbf56ef7728a855c784b19c0304f946d18b368afe78ebc2bd450ee4e1a664018bef934c25a5c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\string_view.c

MD5 b14d9b836a42ec8ecfb2b0ec1c9c1a8e
SHA1 3d1b6df12c74bb6e19ff1cadec5d31d661f5f87c
SHA256 2dae10784257dddb3c78bf4066d6509e1916821f4ec249f493969fab3f62bf55
SHA512 4441e1b82139cb35f38b5d5d8a03578358167b8224ec75f19fab458c4fc5ab7291c7c0efab28cbe15004f4f67cedba22168b77ac7aef27ba81604de185ca3e3b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\stack_line_reader.c

MD5 c1c91d0522f8bfd984a47ec711d62784
SHA1 9dd6d835f4b86a3e991020db7855d08375cab7b1
SHA256 5bfffd626483cf0ba6739641b9a0051b31d78bad2da7d639bfb7422867129235
SHA512 e3488f564e3b1f240e65e9be5d5e3d11a28f1a78abdc0a454a20966571f6740e97dd24dbd6d577776122c9e39270f7e500a6fa70e4bb75e144ac862e0b46f4d2

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86__base_implementation.inl

MD5 a75f5cb1dc009d1e1f336f98c1c98b9c
SHA1 4402bc29e1acc7adc13b27992705525fea5e25ff
SHA256 404fa4d7fb20532133a2d675b77062057636fcef8a1890c5a683c0204e351885
SHA512 126f4b00f271e49b459bba70ce00e00a2b1f44a6eed22ec49ba80f350fe0160ddb2dece58a6a7b2511c006cca842b7f7765705e06f104d291eb360f90b64411f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_windows.c

MD5 bc183ddfb98780e49bc78dc9f9ba2567
SHA1 15e9d2112d82813baf38f7a94a645fef77f98163
SHA256 fe4b6730f132d842475545f274cb1b4ab8378546e9f7c03bfaf761a65db4a005
SHA512 d91afcf11bdf646c78c9ddc63941a7d905ae022e9a6c978038f2e32dd51390e068de9057ff4b8eaec83bd51c322aa060a8220cc0a3077144ed68644dba65e63b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_macos.c

MD5 1b2d9a4e4ed7bbce77b688daea6fc711
SHA1 ddf32917995c1d5c02211739da564a8665bf59ff
SHA256 06ed5cd7bbfdda099fe8559584daf138c44392b9bb53c22468859eb203abe628
SHA512 19e52a37fe1f39a81daed5edd1e247391156a9e227dc7e33a8dd311b6eef5e5260ea7e5ae8f9374c0c2e71ceee3aae43730d64b99ed306c8dba91709159abe81

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_linux_or_android.c

MD5 30392ed5d1ead2df6b9cb55e9928551d
SHA1 602e74d6e4f6a7d1ffb1c68595e371bc40630b43
SHA256 49b9afa41966172cf7e37412b80b37cacfaa419e597387c86d1af0556d29aaec
SHA512 22729d01e68cf6c405bd68d04a840d9b24d9a1ed7425932f0eaad50c7c70fde84baf8b47a7507eb87ee317dafeaadcf8e01d82fa23b284c3c38b34c20f9df302

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_x86_freebsd.c

MD5 fcf4dab22eb843d8f4a775816ec6d761
SHA1 e09dacae2fe1cd44b8167fca32757400b57daf00
SHA256 28ba193941e6d76c523771e9ef6bbe8b975a3b164062484dcf6bf41bf4bb88c9
SHA512 8c6f46abcdfeb012b67934f9c8f38ab435fc65d35ae375af8fe5ef223ddb89ea4021e556c0fae41fab9f37d906c8508fc4d5f6813707280513f1710073b8b060

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_s390x_linux.c

MD5 b3fd8ee61eb4f95a9b9301d0cea9d4e0
SHA1 bc263716636f72548c89a07cf1a791d9f87f06bd
SHA256 1fb582bc463e9ac926c6348f579437c842d11837ba97847e8f32dfc507b854ff
SHA512 85b741789987fbe1030bfd219a67a99ea0ed83929f7bdbfbc8dadb2831765eb35aa156d1b1447396fcbad8f5680d6d8d4985474344743b8dbf7424caa82daba8

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_riscv_linux.c

MD5 612cddb0399f9f71c5eac8ad2e59d535
SHA1 58013d0af52a323796140f31d5f7bc4ccb16f08d
SHA256 5777a6ecd1b3867f3df85d5cc54f01511429f328e94095b884c0733605761954
SHA512 ee27427ea989f82754f9c18c5929ca0d0eb027e0f87c49437ca31ccace74b7dc0b9c2d79154625e5d9e80ba1d0098c6792051fde5420c5d5c70381a08c0a9dd9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_ppc_linux.c

MD5 d1b39103ec0160957c4172ae4d5c9e61
SHA1 dc4af9b99665524f9a8271c8e31e9209ad3542a2
SHA256 221d909ed3d426a63f2a94660cea4233b41a78f9e299a10d3d6bf33626425b52
SHA512 625d61d389195521195f7f58e3b626c1d644f378cfb4f79037675698217067e7d65c75e0f4f67892f84e320d3dfbae6a38de96cb8257bced15ce1c058be7d044

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_mips_linux_or_android.c

MD5 022027dc99f206512b3a59e81025a701
SHA1 8ffae82ada3707f9af364b86a984f31875e68ddf
SHA256 a7430a4c310c3802e2e55a5b8373434ec1e42289188e69f21e5af3fd1fea8412
SHA512 e3c6e7f9f5d5c1696a8675300ed2566c88dd173621bd97e97206c70f5263eaac4ac6cc462254d5bd9519e859e3618eecbb7c7d2246e647c80accce770067ecae

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_arm_linux_or_android.c

MD5 431a1c15bdcacf39db451d3cf681389d
SHA1 8b9700fcc2c152d802df3cd70be3b581c95b0782
SHA256 09622942aa099565fb1b400908c8dc16f863e70ca5e5e3b867731ace40a38039
SHA512 3bacc45443dc62dc9079fa5362ffd9404a64b611c704b44087290869e00d716428047e5aeb5b876d779b8af1b470a89edd399b50cc1fbf5668e5743d38c5433a

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64__base_implementation.inl

MD5 d48e760aca067b3b29368b2b65c9f357
SHA1 c8815fe3a85c638314b413e7c51d0bc34aaad806
SHA256 ec2100f6dead0dff18bbbcdc86440df36389fd9ae3329abbaefde8410a4b3373
SHA512 197c5166679c58c255eb82fb584a6d4e141ec11b57dc70b584b33b9cb927b6d59c6c31a8247ec3d345161b4575a71fbdf49f7af8612ecd0ccb314e9000211d22

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_windows.c

MD5 15b15037e6b166a10f0407668164a9df
SHA1 738ba3b19e7113f751c817275856e7b897c7dc41
SHA256 a00d032157940b05e79ac4f2202229fff52c818a270d7550ea94bbf43f331f60
SHA512 687818bcbfa7b4c8fc0dec014d09810c5f33b985f22f0b3ae5b8b50559ef6b72a3318145d47da7abfbb05f015d5d35479e7f51a17f8e8f90fc9ee446a3b25b61

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_macos_or_iphone.c

MD5 85a84d465b11d3d510ac555b45b3cea1
SHA1 657a8c4ccb21c2003b48a69f05a2bbeb5893e9eb
SHA256 7313496fec1ebbb4ee86cdef502f1f912ebe3aa3df3e1e6cc9af1bbf609093d0
SHA512 77fb18309ccebc1640877a5035b4fdf33df0116749597fc39420360a5a2bec67dae8ad5ff8b4042e80c1cd8bb3aebb4025d59c478076b0b2911b8a06327730ab

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\impl_aarch64_linux_or_android.c

MD5 ff0e5886d3c9380e8345d18cfcac9462
SHA1 922c631af6e80552347bd3a8f38cf9bec53d2565
SHA256 f352cb5a9ac66e00cbc0addb0d962746586128f883a27a9d8ea488b5b0cf97aa
SHA512 1bf8f608dddf472320f57e00d5297a15b4d2ab27be76808a8a205a5d2c7ed8b5bd7da66958be0ceaabb3267ae41211696f070e19649cb43addcf0506e118515f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\hwcaps.c

MD5 743ffcfdec0b32de99f04f2129dc097b
SHA1 db3a5a20302a6894a64639dc272c1834760316f6
SHA256 3761e1ee3566acd5fc3c2737cf75c63b3e134e340d7d09c60d4c0ee5a5aad892
SHA512 dd563a04ed77fe67755c669b99a7e5ee142777800817d6d6a9fc5ffa7d264039296f2bf19d58101517d2fb10d1d25084653c0bafd5d86ef55306505027cc7057

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\filesystem.c

MD5 1652ace8927b8029b899a4c72f601ec2
SHA1 d7212a26292e97d40436dae0b774f1a0d1bc07fe
SHA256 ba6a9ce5c4f3a810fa4e9407b8dc21e6314bc1b6a7399c4c349e52f87aa5c3eb
SHA512 72076667f44b10c77f67cb3ab836f89e6ba66a355f4a4714836f8723bd2f12bffc37e3890c41119ef23bf7c85e4ca17e659fa9cbf964f24b02297dde2c547daa

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\equals.inl

MD5 16f35cdd2a2d5d8895b1bae6f1b74f66
SHA1 c12db2aeee8a0c71a092ccbb58b0eae14702f236
SHA256 8b84162d9e1f05d28490d67f12f1ae6b7d78e8103396726b2384048238cf6c68
SHA512 c891d2c61fa667300fc75c1eec92f9f3e910dfb6e56257da4fd940d1e77a0163ff1e8d47f504193995b0fdab2454fb74d181c28440c989ba721127eed381e6c6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\define_introspection_and_hwcaps.inl

MD5 48b170668666f946aebbaf299418ca6f
SHA1 bb3e9ac606a01f69e8ac7757475ea9250107ed17
SHA256 d179a7239204f9e1b4f25b74c7950edb7fa5ba65197011fef3846522f8014c33
SHA512 2d847501cdd58324a474e8edeb3c5dba657a17db797b721aad60ef24a9224062d9007a82878d9d036d05d354f7aeda5827f6c5f64d2aebd97cb0492742461c0e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\define_introspection.inl

MD5 21ae82e621ce2d4da357218978e35b96
SHA1 f6df5fe8eaf95c765411292c84f5c1842c1ad4d4
SHA256 502cee0d1cffe99bd4a8863d577b372e2cb5a370fdd2f6f1990f8cdf20a3cdbf
SHA512 f3ea810d6a68db7b6be385c0ace8a33a65cba56596ab563f0ab30aa938dd11ab058197242410d851077fcc464505d339d9ce6bfcd6ebfc4b79a3afa02f34666a

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\src\copy.inl

MD5 ecb28c55f47046099d780508037b88ed
SHA1 946d20ba0889e2f4a21109226e027d95b5a1e1e4
SHA256 17aeacabd35a380bdda0f713ec2332b84b31ffcc12cab68b55008e63931aec33
SHA512 72d4bbaa4045a72ca2c51c4e80d22f864f9fc71d6502a41299e94299b6d6d67e77a4b89cc1e76bef6a2776a29272530686bf3c892f4ba888d1cf53d5c23a5daa

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\test_integration.sh

MD5 aeb8c2319337d8d4a2c32cba5930cca1
SHA1 9602838c045401745d9079d47edf2db864b9dca8
SHA256 6e59badc2f3a0f709b886e6f0901758a48f68f99b9facc3cd090b9eb96b3fce0
SHA512 75a848a99b0c44deae32d3d95f53380d4ab9ee16389eeee94ed0eeaebd3eac506eb225c5dec83e06019303669582f0a760bc6e386ba4849ff0b67b092c89183d

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\run_integration.sh

MD5 145ee0e6c4959dc1982ae7c9afe8b261
SHA1 42f2ec205c6ee2a87238b2f4f323939db7c9e0dc
SHA256 2acbcf066d2b20c398b9a02b6f3eb11592396c41b5a19981aa660b8af74edbd4
SHA512 e48dc931e3422da3cf20d68124de4b93d14648f8b0324f966cca9e1a9e122fc52403a696cdf162fe50ff04287ecd98780bce7175ee036401c893869afd0a81e3

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\make_release.sh

MD5 83c8e840ea43817c25029f0fbbf9c076
SHA1 a857e900536bcf7b0f03ee240f6452b595728ada
SHA256 98fbb6633c72414462d3328e1c9e3dc56559aa525beae5de62d9c8f2c6209caf
SHA512 c3ff13886dcf0dcd2058ea3a09dcfab0356ed1ba717df56d9af508336087c22d2365cae24bd8895732c3cd7313bb4c505dd83861e7241c2c8ffc1fffcf9b323e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\scripts\generate_badges.d

MD5 227e3becbc51e44d2e04d230990cd06c
SHA1 2a04bbf87aa791015381b090da6519d1a66ca804
SHA256 a741a15db1297e253f61481178ccd1d4e5052ee65541137b730342070c96d718
SHA512 04f963a9a937a146ec65808ac58bd5285d8d51b33d21dcb2ad0565181aa2b64d88628cde4868f5b9a25dba67515876b8819044213cca7e80c8dde1ccb10d30e5

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\patches\0001-Add-Apple-Silicon-Support.patch

MD5 042ebb8d2f5ff5ebed93e9aff74dc305
SHA1 28f37f1255aa4deb78b9604e945d08a1a4d8aaa8
SHA256 a31b912f63cea87dd6c3d21cd2b6822f982676316a63a2a8d4ec8a99a95472e8
SHA512 c7a08f1aea31c5731f2ea45bc807aa89d2b93b354016bd76a066a3f55d66ad83b0443d9e7dde0c1657a7de4a7fce075adab133f48f18dac1b7234c40ba4c45b1

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\README.md

MD5 77e3bc98053f16f732a33b19bf5215e1
SHA1 6aad228052171d4796922493df188c614eacb01a
SHA256 86ea69fc248fe1f7f69ef4827c1a15f54035f6dcf08a13135878ca98e8f81319
SHA512 e6d26dfaf6946d6e286807531a793465abd2a33b7c190661d392a3b4d1109065471a16ec1f11bacd3eebc099dad8a26466c062644c5378204bfed30187f106ac

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\ndk-compat-test.c

MD5 949f45a859ed70c8ad276eef02a78a5c
SHA1 bdb28e5f31a0f501e3e2557ad12261caf0af0614
SHA256 9ba64daf56af38e72ef407060755a30c7257c6909249eb61ad962f348607c8fb
SHA512 395876d6ee213e2dbbccdf5d5636fe93141ee2107e104efd0c034594fe40e7179064c63c10e0364ebe88ee339a3760259e163b4291e7600fed8dcf5a4345b9f5

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\cpu-features.h

MD5 12e94cc59acb2b5ce47b48bf80e6aea6
SHA1 6d8f39295a499409e18b1c1065ba73139bd86e55
SHA256 0cdf2c0ddfbf125e022f0d7a69965975b4c9861eda898bad5b0fa9627eb34229
SHA512 ecdfb7e6f173c0c649cf8f312e2840a570edba750c24d284e608857ace306420392e497bd3dacc874f1959571a5c86a663c11752228df86e56ffdbff78e7665d

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\cpu-features.c

MD5 c91b1c7ac4036d35c9475938e04b140a
SHA1 b198b57e421803e6727317d6421034d5d8186eec
SHA256 9e8f3e26e30085d007d04c25983e0db39c6a77e1b80d11e1f1a5c3d1967ce4fe
SHA512 5596012d8c239260dd2420236bc4d55c59e2c7425c7c1bd00168e1ea053cd21a30ff746577d4f152e2788bd31a8889a9af94b2213b54f2e30a622afa84ba0bc0

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\ndk_compat\CMakeLists.txt

MD5 5b7e632500b0357162a43dd8cb850926
SHA1 6f1d2876bfa8fe6fd3859d12d5e78dd11f9edf47
SHA256 2f012871958b162f54c0f03b782bba03a729a2d8354cbc718056938e7e229074
SHA512 ce2602ed4ff0ddbfabcc88646e297e955f43a03217f243c4edfef53f62b5b2f89cf6f1668deaa1a686e301bbb5f8cb3f10d3a66675eef826162243754f91f485

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\windows_utils.h

MD5 1c19bdbceacc92328a2c282803f9cfac
SHA1 21229c103cf2b5f4dc1512420b8e21fae1e92bd7
SHA256 a359d4c914dfd18c8b02b101276afae2606b825e31a28f3a06b60f1c5d103fc1
SHA512 73cc800d326adb68f3ee7a8a34a685a551f89562bb863b64c2d79a78c021455049426cedcf0d82cbc6b4be6fe08c23081fc2836f4c5f5817f9b6ee568a71fc7d

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\string_view.h

MD5 ae36afe1cfd716abd93deaca9877279d
SHA1 914ea6a1db0b01e6e7bd24f0be9602dc9cdda6fc
SHA256 be910b66b0693c691c8c15cb83ae436b0aad6865f9b03d33d108c398e5adda00
SHA512 be74029adeabc52ce95e470a09288b37dbb55faade38c453b119f4e089aa02bd943c90fd99c4fe4bcab905c107c604801fe964fe795e3a64549fea0de51f241f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\stack_line_reader.h

MD5 20d327f9a7cb149ef43c957025e3d8da
SHA1 71c52ec8762f550fca472c576961d9692e805e70
SHA256 23f7e45950e27802a2c15fc77aaf92a9f1a97571db8bf75bfc5aa9f398571ff9
SHA512 a637b0df01d766301e032a2df69d0238ebd32d3b266b74a8e3cc53500ade055d4ff20d9219c2dbb27ae89c992233253a89c03b72adda0825c2edbf7385a4e372

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\hwcaps.h

MD5 0001cfa87d49bd71f379c6d19f11510e
SHA1 4281448c7abe8b228566bc53c18acff1b68d7051
SHA256 95657ac7fc32748a9ace7bce66e11b96925d9279aaac959b5f28ad89cc8c017e
SHA512 3d49a47d3c1d0cc7988806a1aae210bb5abe9afe9117951f5ae2aa615d180ecbc1da618bb24b6485a1efbc92a9480b1037d40685d04db0e2ddcd74f7fb61580e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\cpuid_x86.h

MD5 8848de7baeb25034122d9da2bfa11687
SHA1 7c2a758fbaa26396df5660aad285b5a9a8060276
SHA256 daaccb823289f9c9b11c78066895b5d18904eb27619584a157077b679ec13d29
SHA512 ff16696fec73884f42caee6b32e9eb13a558c1a83aebc676a77eabb31e32cc4edd0f25abf13f3c1294f6e86893cff5bcdaa4b329cffe54618346fdc5a518b24f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\internal\bit_utils.h

MD5 412aa92f5ba22cbcd7ba32ef078323d1
SHA1 b479a74529df6668891c1c07debcaa022eea06ab
SHA256 866d308bc0dd754b836cb37d062cb687b2e835c04f111bdbfc313ee06731eedc
SHA512 25fa2a906baba165223e9845e484f8935d39864c410edffc051ef2619907082b70f99fb8a55b565dd9fcc8db4f4938832c2b1b211525d05e11812f17222e69f5

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpu_features_macros.h

MD5 85c86c1300f945cf484c26beedae3ab6
SHA1 12374e81172b22cb5292620d73d45ddaf6590ad2
SHA256 3c94fef7c305b6886c1356aca96f73fdc22586ca2ad926bec9688e3938fd4666
SHA512 518f07b98c57dd7909b7c36a03da01cbf6c69f0223deef229d4fdf8a1b8b5555c86915ad03479c5a993a8c3101d6a11b589d138d4da5d65a504c7229336cf507

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpu_features_cache_info.h

MD5 a48e5f8a9097ca62b5597c96adc56f31
SHA1 43565cfaccbb9e0f8b723ab7e91ddbeb40f5ac7b
SHA256 6d9d7456fd182d598a10d098f6f5f9ba0abc9abcd1849088adb07c5ddd8653ab
SHA512 fce4f6be0bec6c9c0b4b6f5b1e2dcf919cc4c06a37fa3a342ff3034e7ab8b906825664b76d2048af8b4b58ff7be34dacc141b419da7dfc0a265cc7239a51fda8

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_x86.h

MD5 ef0fa79230a4a5b423a609bde2b6e1ae
SHA1 4237dd9dc4e81a64b1d2d060376d1171d20cf3e7
SHA256 c48393860d65580d6a06e8ae9c03caf8abc71f9cf044c198e55c083f491adea1
SHA512 325bce8e4cdef5ecf294007d1338c3db7e83ea0542c1df3c20efeb9f005b27718e09ddb9a072c141dd09c5dd185e384fbdf1fa747c1ecd703aac036f7de05cba

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_s390x.h

MD5 4eeb9bcea946fbaaf70aaa6ce5eab1e4
SHA1 aa88ae76689d08244b9b79e67ab44c55c0553cde
SHA256 ddaefedf6f01e68fb8e76b2aae85a26ca98819b0bcefab54d1d4f0d6f204f366
SHA512 a48eb489a7fc6ec7f57e499d4fcb731431d7528e0aae1feca7dab01bfc65b15e97eb54431865fd22c4f382c7b20d8da15cf145d86f42e3c3bfc5201fa98271ae

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_riscv.h

MD5 795e2105cd661ee5bf8b46c9a60d499c
SHA1 f01be15613eded183a44de669c2d0c57dd0542c5
SHA256 0fa06f542ca0214c7b260e662ea352d4dc7992924800457c4f61f60310da9e0e
SHA512 c80237a715f35ae9b72b4fad7916df0e9409cc29de7d2b86ae6cf862c63f19b22a10f23dccf0e39236b1ec54e4f5d47af3d6b7d6f870f11bb2261d467709d468

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_ppc.h

MD5 944e99f7ba6f54c8d86d8686af794bb6
SHA1 39cc177b74f221a72846fbaacb08bb698d7c7737
SHA256 defd6bcb8739c2865f72e437cd79790564e0b152ebb7f71caea0c373ab807fd2
SHA512 70839eeed60edd9d964ce6bfdce6f70c4e1973ebfe4ade666c21d55c6e856b210e20949b24b45c24b710056b13754b8a3d698c8d510e36e3ee97f51e5e5a2281

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_mips.h

MD5 821551b35b4fbb7e6722b2221fa6b5af
SHA1 9608308eb7c13455f6e10248ecc01ac8b84c77cd
SHA256 b7169d8b24ed76d192449e0377b9279ac4255d3c5819ab7fe3b7476013b49d92
SHA512 8a93f047422a33fc4c2d21be57f0563b30b8d393d54fb8df11007ef197b2b0148bd170412b64c268fe88ff9ce83437334ae56de397eecc3c1cc4a440372f33d9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_arm.h

MD5 153d394a7c06d377b0e4f77a7a39e97c
SHA1 510810128749ccfb6d9df925b8b2f79e7486a39e
SHA256 97a6ccee97fa06cd91a66c1e49cf679b059ba85d04f27d84564082fa9ecdc715
SHA512 f264629c46931b231630c5645ade61f8eaf6fba4f3d17e4dc4f02d9b14943f44f6d3494f87e691d94d59a6ae4859f146a1ba2029b9f69d1bca96b56eb71366b6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\include\cpuinfo_aarch64.h

MD5 d152e7f9ec2883d781c05551a92e56ab
SHA1 aa4fc66a6300da1903ad08f2f3a9bd7be003b6a2
SHA256 19658304aaccba251a5a971f4918f3b15288f65fe7cefe4bb89d908b70b87933
SHA512 fe99fa3ae944a2616d89908953da65287f5256bc1f03eef2c8b89ef4e778d2f2936e15536018f60751ee83afb7a8b354a315ce2009fe52f498fb5a3196267239

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile

MD5 a14f2a80eb72dda41cc26fdfe1a4e7ed
SHA1 ad327c651a5b25e124da5bb18e8982a58571f985
SHA256 3920f312fe4c4f17405921a9ea25e102362ec55f5dd67eb3c99fe4e35352f882
SHA512 b704b3a01ba41ec26dbeadc43d13294966ebf48e06fb2f0e4b33971922bf5ae2cdf134a591678ce2f7726b227e7f54ea4a72ab0816744a7e563c65e5569afd9f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\sample\main.cpp

MD5 58f1f21ad9305b6df4b2cc5b4588488f
SHA1 bd9ba6c1f7ddd3491b5cf99ab964f2238e6bd02f
SHA256 b4a8cb688aada97fbb1fa24bf6c8ef24bf2b24b4b3f8829f63b04f46f24c1646
SHA512 44884567b1b2ceecbb4b300759304a7a3dab61db20b348d89844b985db7a89dd54f9eb305a31e783c28193fc68962c765e04f49f1d21ce9ccbe33e7ff6f0a021

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\sample\CMakeLists.txt

MD5 353375c4680c09b949faecdc3ebbf5b3
SHA1 b13267db330ee8c0857c799162f0ba16d7da63f9
SHA256 da1b8787d87e97eaea85417dc58e9b68b273eee5262a3b97c90db5d99f19b4b6
SHA512 462b0a868d3f33cdc885c203d002963a2ef6dbcae05d704c1d8ae11b9361db89aa9170c1f4b2c0aab9735c6c3667583c2d61e5b6bad4cc6060e634c17bff231c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\docker\toolchain\Dockerfile

MD5 6a302d096ad751d7ff1090ff9d21222c
SHA1 19fe29c007302e0718756d8ec863fb5018471103
SHA256 f2ea6b990345ed10a4dcb14a2e6124f1585f623cee6a1ab1a5a3fd69c49a7e4f
SHA512 6a0f4a7f8e69b776cc4c73e4808549dc893383c812290abf479b7b54048de8e1eff8d93f7162ed25ac8eb62371db9bd0d4b9d4846efc666a6ab38d7663014e4c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\docker\amd64\Dockerfile

MD5 979f59c96e785a20e9d8d8a39f5b5889
SHA1 9b7a43c12315f4591a53981af62b9dbd2a5a4cab
SHA256 916e8b8a8ed393bb3955b986f96d58e30fadf35b0dd5d13aeaafcbda5ab93392
SHA512 96872ac642fe2245d4ed8767ffda026629a16d5f33e69905d6b6aee5267ac5d0ec4109c9428fa39e388f7ae1f312075122cbb067cb65232032c58db5f0779348

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\generate_image.sh

MD5 30bf65c949ede15b3796330b7e5d22e7
SHA1 02d765bebb30288375f8abd09b72e10de3269341
SHA256 debb342125c2a4f9c53d8bfe2924b862ff22ce298709614f63a0fec348690f19
SHA512 78b2f8ac53c7e354f0ee211d174821ebd93db387e2e6e25941bf3aee3d626bc733c7cde5bc2518f3298fe4066178cdd9ad23e75a37ebfb91f7b046ea185e8482

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.svg

MD5 5766a4bafcab33fe47e6fdd6677ea449
SHA1 52e5182364b0b4a09109e9c608e0b3ebc8ea977c
SHA256 2e5f44b2f1fd39d4f7b136f3d327f9c7fa3f1669fbed4a91833319a1a679977b
SHA512 dd12ff8d72541946d4e0619e74802b73622fcaf84114e86793236da5e078b45e24c2136cc845d5fd2b870f42fd2c99ebebe539cdd78ab275d224d3430b09b9ff

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot

MD5 d08fb2358d40bf05064a753171090227
SHA1 16cfac24e2dfc61f282799e6cc5d2e53eec2320f
SHA256 0426787a95f70006ffef1c1b881c6e857d7adf84abd7b3c2e26368eb7509f58c
SHA512 851eae4f8f704a804876456252ae1bc7cffa45981a0343ab925d4e9f89ccb58225f8c09ff9b2f10eb3e032eec460ee950348d53a810e0ab106b82339579ec397

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\README.md

MD5 a000e6085f97043dda5e9a8c6481171e
SHA1 c856c1d66a9165e591ff4a8ef979534a3cf4c791
SHA256 08c0db85f13f3b3e38248a684fb21a1f66d5a2e39500fdf4e5e9964d2b7058e9
SHA512 8236285c38cb0d625ab73050a0d5dddc94bbb1a99b3bbddac89d9ba76caf892e19bf450c5028b3fb20866f310e8eea550c9cb019a689b6ba14cc680b44c09b0c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\Makefile

MD5 7ddd1f93eb840e1a1e20e01b4ea914aa
SHA1 a96e7ffc26f0abe0034ff1ef6a3f18c272e471e8
SHA256 e3625bcca471894e5bd534b0a95e956ca8f8363d0b573133f9ef2f21cdcda994
SHA512 595de2f3c120c82a92303bf2ea4ad0256f1a58054179cbeb38c92b6bede3e5871f3124f0bbdc008ecbc46ad6e45713552cb3748e272a7b27a41616e0ec71a109

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\README.md

MD5 ac007aa8c0504c0adbfd3e5632132978
SHA1 82506715ea29796a1269e2c7d20a792d1b432f72
SHA256 273aacc7d3dab4f4ff444b751e58a1a90f243fe8db7316a46c995e6f45856945
SHA512 0dc1b11dcfa9af238016729bc2bf2f60adc1b14839213862f7dadcf6eac9afb63851182ff52faba39856942d907b1996062d241a031626cd29f35235cea2fc4e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\googletest.CMakeLists.txt.in

MD5 32ce2111b30c892f3f7010502b367e6e
SHA1 33a23944e8c7ec7925f52b6a660e72566167e472
SHA256 9a778386a3d198afd7119c587f6f70f788dff0e61cccdd73ca26f4bcbe659ac4
SHA512 f0bab8c0cb23ed2983b0ee3612e2b542a65ad0019996a991ba1fcaa46dabd591aa16445cbd04112d8ef0abcbb120ca0a773cddd1acb1a3c10b6a3f7a8965c13e

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\CpuFeaturesNdkCompatConfig.cmake.in

MD5 f42d43e057e982418408e505db39478b
SHA1 32aee15773f05b9db9747278f3b0d51c8c5d2fb8
SHA256 8665646deb58ba8f9b42ab058fbe345f95c43be8c9e826ab477edca9929c0276
SHA512 f347ba30e277833be60783bfe34efd3b6f0bf90968408f882b525f78a3f6029db9ac4b58e6812d6734dc2d18b92f2e625caeb780e42a74507ec8c617e6902624

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\CpuFeaturesConfig.cmake.in

MD5 82b53c4a6024762ee9c4fe2ac5366971
SHA1 3c221e3d2e09e912ade31b0c579b96aba37eb01a
SHA256 b5fc45ee49bdbffdc602892c5063f827e280c6ca26d4dbec320a0cacefdf0d7c
SHA512 4e62960bf37d1288d9d37a74083734bd7d930349463f76cba9d43cf32008ccbf4fc5ca134372eeb012bda3c008993ffff5f520c2af6029caab6a43417ba06300

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\bazel\ci\README.md

MD5 90624141f74f851ea3c6d36b5ee6583f
SHA1 1e104f13df0b93d4ded458a816438cb9609a2cb4
SHA256 0ad23eeebc57ebe55e8377615258ba2ad79af54c5fd5cb395fd8c02c41da92f9
SHA512 65706f69ee62fe9e75a94db604fd00b50e95181f1072c4c2a2c128ca7eea689e440a162a57be539d070ec8b44a5ef903c86018e0c3b7fb42a8bad8a05a16df23

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\bazel\platforms.bzl

MD5 30e7ea16c925ecf10d110dc670a3f1f0
SHA1 0543f29ac283ac56024a124267576a046ea36a76
SHA256 72fa63f0feb9b65da3745e6cd4a252797d37d1df348a3b184337f5aa42102b90
SHA512 3a73f797b437de36d71c0a2a9d191479a9d7024db0ab55cbe4d120ed0c3b99484f9eecb944a13c1bbff9e028c3d527325e6fb709964161bbb6657db77576a4cb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\WORKSPACE

MD5 3c1f02d382e96bee4e566b7da3570e2f
SHA1 2c1248d40bcc20512b76b3b7fc2bf1360e17847e
SHA256 6fa2c3ea88550b1952fd5bc88c77fc09c9a72da643e7ff0b328e0acab841c798
SHA512 6558c02ff6d5ec41841cf8dab87a3eb15e4a616d7b13d5a93d6d68c4159a6ff67cb4d8dc60d6f21d466b3904d0855d50c96e25fb7f266f2ec1ce4a1f4d6c14ef

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\README.md

MD5 bb0e84bd90f20f8c6e1029971d32cce9
SHA1 a361085933868f03b8024c91347725538b224f38
SHA256 0f825056a2fecd9b10ba6af3f6faf702fe6b402d68b7e0182854f6e9ff591e92
SHA512 8a84198edcabeea07ca14146c8bd3ace25ba13010597cb24aec307e258c3355731d2fa3ce629c619eb216b79bf1290e4662241e37cd2cbd316f128ff973113a3

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\LICENSE

MD5 31a8379f6fe09baf921e654832ac5700
SHA1 05c9c329f6de4edcdc6d2e84fa466aaaeef3166f
SHA256 af272c1b4dd08dd61d43e001d3134119d03ca7a2b057a64f7355fdf27fbea3dd
SHA512 15bf6406004ea95aca02ab6031eb60d2a5f8d8af19817c101caa0e58fef94a18d47672931f6730038d437b23a11b7a61d2d7d941ca6979ae9842675683e31f41

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cpu_features.gyp

MD5 00a55b2662dba750111206993bbc49a7
SHA1 0d568bcddbb595bf2174cc0165ee3fdfcdd16faa
SHA256 42aaea69b0ca99e155563f0ca4c767de9131ce1da8886539c1b7c5e0c1268540
SHA512 74b905b4249664b7078229b07f52c3ab294d06cfbaf3d6991a237d2f6141c90153e4ce104f7ada816c29b65fb1fbc771572e27961c51855e8cbb57010f3714b2

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\CONTRIBUTING.md

MD5 2e0f084403b6e98898961ce6af73b635
SHA1 892f18b8a1bc5ca320ce5ab971dd35aa8a060616
SHA256 a8cf9af75c89c31372be3c69613533e0a98379b81bed84ed0f5abb5677678c30
SHA512 a1ac4ac42e416a8e9e1ee8dd85edf7f2f2e6d5e90d26566970ad37d76d258cae6c23117bdafaff229163c540a993555a30f1946afee1ff413c2fb457823f27c6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\BUILD.bazel

MD5 6f374fbda5d4751afe8d753e0ad27d36
SHA1 581e12a9755110ef8bb93e25d1fc6a9fc9605e57
SHA256 34c63e24ec5299a3cb1cd0ad6b97e2f0801158efd0efbeef17ae1ced06ba3e71
SHA512 8d9b4165d4140de9547d0d187c2d3c2bd4245d8a682d02e707faede0fb1e28fed5fe514a79eb5d54667bbb23468766591310e601171e83a0fdad69601e3e11de

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.grenrc.yml

MD5 553f5f90d927d398d8f5daf75fd10b1d
SHA1 0d70551c69f9615c51a042dad9fec3ecbab8b34e
SHA256 a1c1175df21f002cbc1e1ea9978cec55aa06ca4d44f3a4ef0b3dc011202a4c94
SHA512 7d32b706f2e10ff00b9ea18b41280b55d8a62d5adeaf37a5623713ef0d0e7b7d870bc9041b86e8b9d83d70d39499f69f82644497e1788feed534a26aec135fec

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.dockerignore

MD5 bfd92ece8aefe62cc6cacc0bdbe762a5
SHA1 38b596cf1b8bed0eb800a3a7283be7233c8431fc
SHA256 c9d3ae1f17de303abbee13f957129402f79b0ebababc175ac4c9fc9670593356
SHA512 fb9065498d97e6b513b9e2999dbda8fc3c7f1d8df22b70b00ab614134718b9e6be450f4a01ae45b460ae6171bdb29a4988b4a96cf43b60f8f1821a8d0b8c3eea

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\.clang-format

MD5 1a18f76e57c4df8e9597d46e71353b6f
SHA1 b136d42bba0cce139a424dfa25f8e6578e6ee7c5
SHA256 cd25bfb8127eecadfc680968435b58abde752791866cdd80e4030bfac9e39cfa
SHA512 c10047cbc103ca4204ee43fc8f47ace35447850725478946f7c9392e0a0faee0ced7b042354cfec34be653bf29369b592d9b330260c26bde9461bd401d932049

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\Release\cpufeatures.node

MD5 43155ffd930b3122ce49572de56dad56
SHA1 7c486bf505534bdd3d791bbd807e76ad8df4b364
SHA256 07a149c9f9c34483030036e56f7049469bd0c1c85d575fe31f06366ffb8ef635
SHA512 d57f0a66e1e89b0f799ea08ca0080cd843780ce7aefc9c37741ce0b6fc8cd8cd5fbcec73a599a270cd2100e194e0f4435c731423a1b093ba0057b42d55f4443f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\node_gyp_bins\python3

MD5 bf5622f66d62bfec943bae39c4cb4569
SHA1 672c65a8cd7640bd9638a2e12e6128f6bc7406b5
SHA256 b53b3dd0df204848ef894e1e93289ea2a879d4af45692b3478380fdde1976bf3
SHA512 a5612ac06654db8bc0b117ad26a72ea7384a8bd48a0dc68b6cd808e6ef2d54bb626b7b22c534fc59706b0fe776ec2ac58970c85522f6a3cf3c6e5dbb279a64e4

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\build\deps\cpu_features\cpu_features.Makefile

MD5 0da798836dfcdf605a3f3f1d03006e09
SHA1 9346c28ae305f88df74657aa6156f571b7dcdf77
SHA256 747fc7ce05687e6b9c9237ecbd6a9ba7bdfa4e237f1edcfb75be48e1c1dae8a4
SHA512 37d29cd2c1857c22d08509100c5b987de27da3013702d976971151c9b1b13c7b6afd6c039aede1e630a62cb4a84978d1d733e738fa2619449f35886d14c42ebe

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\bin\darwin-arm64-116\cpu-features.node

MD5 543431e1c257ef143a4bdb14db059104
SHA1 d1aef46ca13aebbe8fd7396dfc0a84eacf10086b
SHA256 916e33a75f845cb03543f5a994c975d65d08c71def06ad82ddd794da001c259a
SHA512 b6059556e71b54c2d1c0c655c8dc4d57cbef95f07f93e107ea8196c41e0d1f38fcde8789a8b42c2f37cc30a678fa51fb118ec31cde85e3e58e7233766722cfdb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\package.json

MD5 e9dbd1692c82ab374d1ac8b25da73b37
SHA1 b7083aeb92a3e4b2d5064b3fd36312c041695015
SHA256 7f3d471f63d21971b694895399d019960bb2d11a2db3c21326430508e1d4fe80
SHA512 2165df509e2fa2f1ed0ddffea42815eda478c9cb6e971e05910541552cf0fa99c26bcc1623472fbf69b8d1c8581db03a8fe6916ae7afa9e8530b475605c84ef1

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\LICENSE

MD5 cbf7b3097b1484b7e6c118fc1d31f877
SHA1 f98aa1afa539a8f702d3477eb2ac35c7fe9d6127
SHA256 7c28463b739e2e73a49bf127d0bda427f8c55f0b37365a044c3c3f254716118b
SHA512 248fbb5f42b32737771289fe971a0b97e7fca683c1c3c631a24557fe76538542825602f61e923f302fb08ea8b940299dbbd989719f9d648700130eb12320a235

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.js

MD5 716f400b50493f6263e6a19efe1125a0
SHA1 4d44f2be4cb90a2da3509343020b2a3dda8c421d
SHA256 69bfa1f857933ea2059ae67eba3832f9b1604519996541a530174839eecd5ee0
SHA512 9708159536676d23c30fccaf13dd3013dc145dd08e475a3c387a64170e94a8d026cda2e378119b2ab7aacf8a84ac160cc8febb57ae5d1afa2b13b4d5c6995c29

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\buildcheck.gypi

MD5 26e8d8c01c3d883e732a7d171c775417
SHA1 c0f0793be904dfedac2043e29140638cdae8218a
SHA256 824b4756495e0a26effe2f17775f3daee1a285fe7ee392dd3c6747a2cf7342d5
SHA512 781fad81521e0e51ce746eb173348c7b345b00fa5ebcd627521b11136f2497afbc14c82a0b98ad08fa81f5c3bf404976bb9651c3c26ad6eff7037a31ba96450a

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar.unpacked\node_modules\cpu-features\.eslintrc.js

MD5 4845ca510ae2961e531fa41faed9d7bb
SHA1 f1c0cea2250d6e538658ce3b833d5505e1db1d80
SHA256 df85748adac0bd2d13fb6f3b3833d3cda0429e60296a111057dc05fbe3b00025
SHA512 367cedcb213dfcfbfa9a21afb36970064db1a9e7e57a9a0e7b1e9370a51142191ee183788fba9529d80598f9597dd823810d9b0e24ccf0d398bd48e5333be329

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app.asar

MD5 15cb268be8fe8658073fbb183c72363b
SHA1 97e83514cc0c8ececdc39936750ca37d675dd2de
SHA256 c4f8607aef243e7d6aa9918a0863a5e5439ddde606d5faea721d12469886fcdd
SHA512 ed34cd06f364eb2279745532b25bc0a8d38c201f3f8583af3f573aa94f2ac6c71064bbd430dc4082a1b3f4a9f912d7844b035e9e9c5a35a23ceee35c5bda8a0c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\resources\app-update.yml

MD5 9949e10f3400c5e2c9d9a5393893f552
SHA1 bae264c21805b24fca84d3e9f141578fefa448de
SHA256 8a8ec6f73f5789155a1d85bab2e2582fd9c275e00e0fe1f7fc7ce3227fb81285
SHA512 3c8b65c02ee513ea6a0b313bbd42a92a318c9e86fa2782abf9d667704aaefe5c6f15b2549f90d4fc621682a2bb261ad31bbdb1ac656b08c16726a0a978905bb7

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\zh-TW.pak

MD5 960e99a171c4ed4b6d787027ba88774d
SHA1 e3869aff0c52841c9df718133e7c4be2977de7fb
SHA256 e42640f5309add2ea7fd5a4db503b93e479ef14807710a06d7e53a0f261da8e6
SHA512 4e51d787aff8f425d101882bd70e71b88b253f2ca61ed54dd7ff77c7e3a1d6570b270f4eb91f2d03869ea4537d09e141f3e32ea3a27537295ec698bf26305cbf

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\zh-CN.pak

MD5 07b6c43d87dbf93ac8abe6837f3c2103
SHA1 79e033179b445609b3f1756c3f4184d5efacf1c2
SHA256 7f85b35938fadca91bfd8f92ca53613718e375ef010c340947dd27a4ff66594c
SHA512 38ef8f8a8a950b11c18eb7a40da721b888ef792a49e1371dc8c1eb22058a6791f95bf9b25df4ba190a7aa6cb62ce38b0bfaea83c71b62cde6980d12cf9da53f9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\vi.pak

MD5 4c5c09cb7e6eb120c8019fe94e1ac716
SHA1 f018e7f095605e21db24944b828cc3580cba863f
SHA256 e7319ca18eba379772954132493bbabb448d4e97d755b85360ed337216b48800
SHA512 d171ee83cf02a8904290a74df1224556887e41333b8a01fbd95f0cacc88d230195fbfb6f99f9e02573d4864b3c95b570a77c2a0b1e19324d2599925e40684807

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ur.pak

MD5 88eef2798dee8a361c3ea9bafaa02a35
SHA1 6f8d4ce422336ca5048ef35d6ece360a9b416d8a
SHA256 91318006c880e427417a2b2fff81fd451769a5536fa16d1dc185972137bc2d6a
SHA512 db36b58186f165ff3f746ac483f75b6fed596fad9b3f335e86b374b359e563407acf58ac7cded9420e4fcb91f31eebc8a91c7777ea59bafced8cff2f1c0e9a53

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\uk.pak

MD5 64aa9344abd9a32f10d6c05a58eda4eb
SHA1 3286ee43f36e2232677b4573e8b4a3303c7df048
SHA256 ca20af5982ae706f5029467901d7d66f90b261f03c7d240d0d1ab2fca2b50a7b
SHA512 dd768b314da50b8ba5a006a4e56d70044c1af79960834722894d930f5347194ae7f9f5697bc4cd0790a79341635cb1df8c74ff45f74d1736049161af5b163efb

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\tr.pak

MD5 0aedf5c2f6f4f49074a2adea454df4c9
SHA1 a48d9d8461e61170257897766dbd6906e754a0c3
SHA256 3f4658b3811b36f5cad794e48e6507335abfe78b0bfa0c80d1ef9c5d7bb410d0
SHA512 e359e446330fc154c16e34a7335174f372bce701faf85de8a5f4b432ce3e10c69f42c93b7182deac89bb4d29750d0dd525b6dcd74a5b7bd724f544d14ba44a79

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\th.pak

MD5 84ad3f888c0ec307bb7b8c278cd36757
SHA1 948a5f8b43d059280d5374ca6d66e8dfc6a76d49
SHA256 56665860fe6577fbe00543a47a15e10eceae83458815f2989d179e42af07f81b
SHA512 7001c0607df927145e40a605e2b97914d02712d11e09ca20339cb1aefb042a1f853fd06e78b76f6dc6f19b6df837bca12946a3470c6c064ca767af1db57042e5

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\te.pak

MD5 5f9b7a945638b88e75a3175a7923119d
SHA1 6af614f2cbd72da2224f48a203a6430a623fc7ed
SHA256 3b476d2ce7c72c3a10170808020dc3f1a87309f9f725b08217c4716b28d10888
SHA512 3b66c9152ec032d6f2372ae5075cbfe7d0fb398c4bf173a7f8c76d91d9eaa816e6f839b90884533b46a9224e9fb52c4d439b3d1907885b8e9f80c5c55a852b65

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ta.pak

MD5 2c0a9cc4a7c775ff13a6888234265cab
SHA1 497bde42737667fc833bbb9d8a9edaf014d99957
SHA256 1dd55659ef21082b9d58bed50f387c0e1fc0f28d0ede52251b9ada25ed2a657f
SHA512 b862221cf17d3f2ca0495a8a3e1f630ab915fd9b2a46ac16c71deffee9a6f71264a8550233781474d60cc6001a48c7c658c77d4e0dbd5b543e768928119d2f0f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\sw.pak

MD5 55241312a3aaba14a6b19a9012ca25b8
SHA1 69fadf0817faec3bc6b018f0af5f63378ade0939
SHA256 722c86bd857a93ae06ca0b7cfe2cc04237a7ed5a52586cab7246336c802abe37
SHA512 612f815c25e9f593d1f1c4de8e9016dce048cfe90f21319c4cdbb5772580cb8c71229e9ddba60852cd0bec80a07a783ace24f873d90dc3323e5fdcc44905f2c7

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\sv.pak

MD5 06c878c1538813e5938d087770058b44
SHA1 c8ab9b516b8470bdee86483151ae76368646bffc
SHA256 90dc45426bc1302aa05261f136881ddf038272e9ac315297aa8e5dae2b31109b
SHA512 6ddf615bcf0a8c62221233687bae1eeda5cfd749aa8acc179d6650987289201b405edd453fc181a1d250eba9bbdf61ea28fb7c694539fae3d320bfdea56665cc

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\sl.pak

MD5 e76e473c419c25768b08a95a2822918f
SHA1 0fa7e2fcabb03a8788f50f1d4b4eb383c833e9ba
SHA256 fcd27a9f5cb4b4be373da7076a8232006ebe020999fdf90d20745f16cd7ef223
SHA512 e39ae0acbb7d148d6ade676d92e83fa9fb433230bae4339c31693a538198bf0679adef51883b96f8dfbcc8593a982544c64a2b265897f35a693183b27070ea5b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\sk.pak

MD5 78bc785a75ee512391a9cb462a771c09
SHA1 229d39e017174dc0a8cefcfcc72b0feca94d6208
SHA256 ec15c82956ebddb7b246c78045ad414ed34ca97d890a915070e252c8715096b0
SHA512 96556f6072e69351e1bbce06bbf896b1ad53060c7cbaf7928eebbe0f610f5e8778b2b8b97a5a268b7942a1c8d1adc6bea0403383a2a5bb99049437e95d575ea0

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ru.pak

MD5 91379a583d22fa9343ed466c261366ff
SHA1 61e8c39235945c4f38807b14ac74da7d3257759a
SHA256 0d4d0b8052519848abd182c44dfbf444a77a0c6994965c4a3001f0a3a4d1459e
SHA512 dde26b59a1e5f94d5b245f47399d7a9d3db8d247037331a471c39b1d7e79e236c5a0732fea4c53b843d8eaff1f54ca155a816a193b7baa870fc458a5aadf76be

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ro.pak

MD5 7056fc61de4a16c7f4f5bf44d2e87f8a
SHA1 99d16dcb3b1aefc472601439f630e1244b1aa277
SHA256 b7ba9435d82f6bedd7005b6e868ee86f0bb6c4d7b312fe5f5d4afbd440ad5b85
SHA512 529152da39f7ade6713206fa9f767b35b9bf03816387579522eea78ac7d0e150bad557fcdbef51e76d52e39f61a0b4e54ff6a3b592eb7e34fafdb98afe460f7c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\pt-PT.pak

MD5 002d5b37e68a0725dd7d89fe3fc7ec48
SHA1 545de8047d3f89150516b95031965adc8f17df68
SHA256 1fadff356a7e89a8ff2af3ddf84f70fd0ce69525c7787f8adae10beed9d76d4e
SHA512 abad6cbb30a958bb84a521a66636af4221a9f63774122d3ac3b552503930ad83d343ec4c8109c8031cab17c546ef7549aa0f87746e39a80f6758fad28ecee129

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\pt-BR.pak

MD5 de8ff9456ba9ea999d0d1bc9b831e7ce
SHA1 1d67c6dd97fcf221c71137cc8b1946368807aba8
SHA256 b32fe8f602ec9800d59806e097e369fd065d8fbf473da40fd29289493489930c
SHA512 5a3a48ddad801382ec9065c6160698dd746aae810374c2b772d521a1764e7e0fd2c28c5dd1cdccb50834d699ee19441713fe10a91dddead46ba0cff3edbd6984

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\pl.pak

MD5 b44fcf9fdc4ec7bb5e72cae30aa15c01
SHA1 daaae4aa7987bcce299995feea5c54f2d77b61d4
SHA256 7f1a8392fe3aff4e6bb4bacbc1f4b395f08ecafda9f81e36b41b77fb4ab0bc76
SHA512 52b46d7affac4949fa19841d26d2f4bf877e36cbda4b75f3ff289a7abe9a80c2a014b1ae23d3079f4d31ed5fa76c320103733284a2c13d99a451810407325674

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\nl.pak

MD5 5cde06a63c9dc07fdbb0fdc94e403d00
SHA1 11be56054908f1f9cd56ab77692fe3717ee91ee8
SHA256 3b9ed5ed0dd07d8fa67412a046ab085137542c156876dbfe6f83376571af91a3
SHA512 2716496dcbf76cc2dece938103813a8dbc17d4c795b4e3459a572de4f62f9ac0e1788de3a21f5fb287ad364decbd541a5e3bddd406e130d2a9c72118ccee5390

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\nb.pak

MD5 9c18dfa9e69c1d7810132800d084136c
SHA1 bbaa9576e1b012df33d79a5dc7776c00e67295e4
SHA256 4f3babcbec0d138654ec59fd8ab5fd58da2273237a587928b9687928c7ca10ff
SHA512 a82b1e340a25a3858906ded73624bd0be4b3ccd1f5728560480b4a4e3a78529f5a178d20cf7d95fd55ded7ca4fa95a5fff87d89f0520ea08b54e7b99c9057d6b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ms.pak

MD5 3d0dc94a638f98d9bf3c0f60f89a0c95
SHA1 a979b04c65832d908305fb0406cb0653271ad744
SHA256 a9f9ae23a3bc2ac919c5b46d16b7e1f3bff73698d2626260196210e101d119c2
SHA512 6d687f1eb9a7fda3791295487063393b8f0a7409b55461b185aaf106c596229de6988114230625d6504b869d25d7a624bc3b90d66a0bdf561cb05a57d5b87c15

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\mr.pak

MD5 eafb18d633064d0f02a3eff3eff9aadd
SHA1 a8846e473014be80125630f1c5b51366220ff018
SHA256 fcb7c4aeed28ae4d16fa7b82d9571165aab0fdd46eb65d3ab29007231630ccef
SHA512 d332a4b7f4cb1583a5bf5ce08fdb46661a5bccbf0a66f7f5ab6ce04367e9bc589588dcb32f443695a3ab129dc50d2962ed4c138f97858639d4ea37c117e23495

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ml.pak

MD5 1030c08ffbbe7366ce5b7d55bc8ecc0f
SHA1 b45b53c1e47a0051560c607874357130c499563d
SHA256 e1f97ce3011d9231f23fe033bdbb0905c173921b18402d362bfc35224ff67db7
SHA512 3b9127a0eec02f75f79c66f5f7845b65c4ebe2e6a33989c7686815ffe0651be47d42f55c2f32a67a221495a8bebf043d853df7b244a68f89390044210e52dd3d

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\lv.pak

MD5 335158efe454819a0dc8de0edb0f0e90
SHA1 85871f85f626db1fc597ef24c79c84115a66c17e
SHA256 113073cf60ae3d2bcf8a61df655762e34ba28e4b35b97de33c18e13f959d76ff
SHA512 f81733bca3fa65c789630b55c4f414a8541e71c4e1aba56bdb9d231ce189677b3bff4dc57c92fbe1cbc88f1f2f7fbf1a7e4319a8918c50409fcba958d743ccbc

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\lt.pak

MD5 49201fae17b715a15fa03c4d89dd2176
SHA1 7c559c174850de48c4a2837fe32c58f74d8150b3
SHA256 4a80792cb9a401ebfa7ec3212182b5024d651ca6a5ead8fc9809d0d3ad4803cd
SHA512 3016f721d77206e13e275e7eea1adc95d403feaccf595eacf933940485031e9aac0c29b6f47a9ff5f73b08c354b7b82c72193c83e1ff09d84cb5b9b72b708166

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ko.pak

MD5 a9b446bb79b0e5d0b4af4f7243b1f3e2
SHA1 fcf962506b32b34a6315ed61acdece33df3dbf23
SHA256 507fc8d2a468456f2842b65a111fc0c74fe1f56d5f5ac0d6e743aef186b43b2f
SHA512 e7f281206bd481427a75b581f8b2a435eb8a29bd8b5586a8db78605b1c1bbc20dc1f4b2ff92d04c62fb509dc6e1e062d1d584c195e386c5c2ffda0f764276aa6

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ja.pak

MD5 74e2430cf18db7ecae2a9b1feeb049b5
SHA1 362a5f3e4d8a79b9d0b041d62a8a5233e20fb208
SHA256 1a726c500b5b3efdbc7b9e6626765dcb8957005f9c072c09d1f517587d6b673a
SHA512 324d0ba770c09cccac4c59e0e0605846a4e18f32cc79f14fbd4e5b0172f439ef8dee538f686458b3a07e5e8b4528ef67aa5d339ae25f7c601c9a302caa7970f9

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\it.pak

MD5 4e7ab6a5d407bf4d3f96671d65e467f9
SHA1 67f43053ccd167f2ce6d945202f64df29ee1ac49
SHA256 20408c09d9447f44aa920f2529d231072db8bb9c0c8b8fafa2db733561eb6964
SHA512 bf493e1a1c0898f7a54f8a5278dc0ca345e9937efe269b1bd3a3bc90645d767070ec9c117df001f8c3b51b4a383c30f025daf79606ac1840fcc5878ad4c53624

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\id.pak

MD5 3b5e08406059d1a76566e9a5d4c9b15a
SHA1 6bf45f2647e959ec1b545763180e8f29961ab3e1
SHA256 60409d8b785dd057e3495190b18e6d6d235d8313555341cba5f64327e3d8c3aa
SHA512 6c4150c064edf6ed0b83b216ce62134bbab12137e6b45749dad08d1d1734b3365309414900615137c6acdd12250add5c69a222daa7984a94ee850aaa55af1b8f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\hu.pak

MD5 51b14b96d1b9fa99ed849347a8954133
SHA1 5259b749576a9612e429a665dfc8bf47651c39ea
SHA256 70d4a0724a2e0e80ec047e7683eec7715c0fb5f88795cc97a63e4c2ee2237800
SHA512 b68d4bc792f29df210602a557d0b3333a95e30cd03a0a4cb5f537c9c51da9937119391f2a359c03fb874c1f540c23f44bef121e45f048f32b1db06d67a0bad1b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\hr.pak

MD5 ef62a50cc098afcf3fab69c7502219e9
SHA1 db474cf332c90de660fc575ef897d5389b65784c
SHA256 07effa557c8bc822626c05a4d299296f88d3da0654248c326d796f7c2de3ec64
SHA512 7ae6f40c7bf404532df0bc2ffa449e0d99debc2b9816450ed0d015b1634dd96cd5650ab6af5a6d44d52d0e3c9c81836ee350210c4f8a13be6cc0cb796a630350

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\fr.pak

MD5 a1de4ad3d9b7aa8f122ba00cb983e49c
SHA1 323d6e1b4ed75f9406bb8488d7ffc7e12fa96886
SHA256 a69f52162f6081a06f835ede10818218df6e211f00d0ef24561e6221f4696e61
SHA512 542f0818ea4517fdea929f3d4938f7de75e2a5e6d872607e548f87de7e9cd0737fab3f5e82ab7895f44e809279d81c490999ed055acbddafe84f85e60ce2e23b

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\fil.pak

MD5 8ce446cac9221f07f912be59534d86ec
SHA1 15cd1b902b26abbe665fed518575748483a9c3e4
SHA256 b6ce37b1aeb4ca17a7f78ebc8f97c2807f588dfc4ad3e0639005c626b5c9b939
SHA512 20be2b5c7e8fca897109b1dc8219931eaaa1c8296b1d26dcc7f9058168fef371d7955fb0f6c5693399b83fa81d27369efac8c3742059eea2333bd66d20b8d0d8

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\fi.pak

MD5 1cbfa553a5b1de642ea4c248dfe1edba
SHA1 5de05b3c11fdd59ff5064a153a6dcbda33350971
SHA256 8f3e8ec0fbb471b45db65a77dc1013e3363f387d3d0c6a458c90f371907d0085
SHA512 ea3b99be7da893be8c3b228d1d3d7b644a1f5425b5380dc3e0ae0ba1bd29cf39dabe73819bcc4fa67f10a488f018e9fa2328995cb78f40ae8fdb66aa514188aa

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\fa.pak

MD5 f7da0d07b54698bf8a213d0ccf1942c0
SHA1 d64fff18274ebe71a4aaa4754f9bb99d616fa000
SHA256 33bdd6eb52f648d475306f35b6103500b864672cbf39cc0fbd8c4ac84c997dec
SHA512 ce7a7b3df4c814a26e3fd9fddafc01ac1a4b2a87ef2d2893db5d0edf8e5b8bfe34afb6e91ff94306248361d57c6b3bd63d116635fb756aab74c4aed38f31c88f

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\et.pak

MD5 5b169234895d929930140b4869a0b81a
SHA1 f58ba50d1e19ce191a0f8117f3e70f7f3dcb7362
SHA256 c465da80b14981bdbc687b7c37bf70d2bd4b8e03293c04ae5410f84c91ef980e
SHA512 c4297e272b5c04a0ee0956b873d5246591bee98c3b340e72202f3448381c691096a5bc540fdbcf61fb40d6a69270afa7198c1f0ccf3b2e84cabc906e23eb022c

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\es.pak

MD5 29cbdcc2168f1bb29532122c39e67a1a
SHA1 f086c79d60daf2b0a7df91916387efa461795dcb
SHA256 232f41ab5996c917687276e82c177de208b36e77aa834bb5d94d6a331f4180fe
SHA512 b603edf2a18f5893ab482b0c34e4126f824fbdd1b669927d7bc30d68e2e5bdf78d7d4b2aabdbe257987e8e19f440d9396a3683340b94c3fd844c70e34e93d8a8

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\es-419.pak

MD5 c8f488b85c17431360e531aa507be979
SHA1 bea5d66bdcc05869a0389e051a9217fd49e48fcd
SHA256 536339d99dee6e8c01f018d4700ddd92ce063f765766a48073aeb256669680c1
SHA512 1d7f9f84a8d7c055bf705c71efaea817f1b9dedd5ba314fec6ce5324f578d3130b5541bb52fa55db9f6e46efa8e152d50199a61c7e2466844a4414df65d61c22

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\en-US.pak

MD5 c9c2abcb04e1ad5f1a20244da8d595a8
SHA1 89ca81da21900074a5ccdcdc852768277b2b620b
SHA256 0364c73f320e441b03cb2afcaaca3ffbfac51a3559dcd0ff99a1accf82c7f762
SHA512 96bbf21174f56a111a2fc6ec024ab2f143945306797e77d773367a7fad42b7828ebb7b08d0dab76858d9fa340bf3205be403bc53df9e5e4e390058c94a751ffd

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\en-GB.pak

MD5 745918a5a74c7b6f4818a8bb8813f456
SHA1 031f50286d003844425ddac557e13e2ea4554bc2
SHA256 91bdbf5f1f6bcbcaf16e47865f72ec97d72c74174fb929f089d14c00989f91f4
SHA512 5a1eb0231352705bab527ab27543612d75cb00c522620828ce2a0fdb0b47be9daa2dd7a192f8b4bf299007c5af1d9515f900b9586ba44dd2bd9f4cd4436aa681

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\el.pak

MD5 2b391b2b35f7e096f696faf5dc093366
SHA1 1409134a46fcb84457a0e332edde98f7666246bd
SHA256 f1fe39af50f4bfe9edcea3af6c132e87d464d7277fb491ed95d7189b3157d20d
SHA512 aa640ca41dc9d4f60392b61bbead215345abd32369b0de90ed1d7ca2ff7a838d04689d538789a1adc0324fe4539c34db26b6c245155e51fb0308af13b60bfdae

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\de.pak

MD5 7ccdc41a3dbdf89058d71629225664ae
SHA1 e15c35b18685d9573349ff4247733b5f5ada8717
SHA256 163ea4c2cf67edd0526a8e18d3810872e92a1d4e17b5cf4f04107fda5967b0c9
SHA512 13b20b0db02a0a7480c56c79304ef594353507e1a30da0130b73aa8e9ec7636f306315a6f40729b10dc725f936642d2e2b282ed3040a079a6f25a7f9f7f1ae28

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\da.pak

MD5 5b033c206820ace5eb4c6f82aed34a5d
SHA1 28017cfc13259273022059f02564ffc99dcd75a4
SHA256 1a51de04cb205c708520f1b013447f1a89f0b1330dbce6d1e71cf355319d1108
SHA512 e423069f7a895179ea17be5774284e9e2e27f02c40bac7d7211cab77348800622796f04c3e6618905364e189ca5ec772ed7dbd285872777d163d3ebec08a64d4

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ca.pak

MD5 a0b45b122241cf0c11a081eefb9cb4c6
SHA1 91fd660a4688aaa70fee42e783b8b1863b4d11d7
SHA256 7d911cda51564500dd7a6de43a1e347869427c035b15fa25cad0526be9e055b1
SHA512 abcb3bcb96934189cdfd52528cd7c65ea870c9b997bf6349599b7064fe6f4bef0d34809f0f958e4d4e46486e7c0a41f86b5ed0a132bbf20743d41f3af64788b4

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\bn.pak

MD5 ff4f966849b4107535e41d037d9144c7
SHA1 3a973857b061914e8905bda7e8f2bdafa384588e
SHA256 2dc26dee345271f4606650912b0b7b5df68f621f2920864e0e36c1d1b22459b1
SHA512 98772f266f9553f77f91b11dc4589ec8a0930554e9e0b381bbacd8d23ce794c04f6fe821388a6e87cb14cb59c7522c18c06b1af11fc177c7e40ef71242adcba7

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\bg.pak

MD5 01dfb1a7815613fa0a5411235f45b27b
SHA1 3bf1ea5597ac77b26bd30caa1efea7cb4f7a1b19
SHA256 13d08d2c4972cd18bb8ea8a57587dad29684c2336f73282dd3284b0649377cf8
SHA512 5d8a65e5a17aa163fb679e003e1837ea96e515b105c9977029a5ca4854845289de5d65c0edfd473cb74410c5cacdb5b360f25a69776705fb05f48688d92680da

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\ar.pak

MD5 14b15761cb9d4e1956812df8b42c2aea
SHA1 7c25580d892711b9eff1a3ace4e6699ea64e0706
SHA256 c8d405127b032587e6ae6426a35cb766139bae26170ca08d811354486ab667f8
SHA512 ec9a6e6e715c817726ad744fadca4d1af3015d95421774ccfe54d616225b7a17e862e086fe0aebb3a903d2ebfb27779cffcd713d3042ecdf9761c24c5a56cdcf

C:\Users\Admin\AppData\Local\Temp\nsr5768.tmp\7z-out\locales\am.pak

MD5 39a396fce4d93f744b3c786d62d2686c
SHA1 7ec8176e652b666b6ab9fffb6cb9b7dcfdd1a2a2
SHA256 0b1d326be9dabcda8e37740017383f2d8f1bec7a8fdb1f11ebe538c3632453fd
SHA512 798063b51f745fc2c9e7f852f72ce55939ed41305d070d1844c790755f7ab42a6830406ba2485237d37a0c46b804512e7dc37c65b7f03249c28741a4f706017a

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 c6faa7b5fadfea396b7f48ca75455e7a
SHA1 382800707905fda9423b5d961b997578982d9182
SHA256 0446885f538be002cf6eb9b5746e7d693581e512e7dee1acf4f1e7cf716c9fbd
SHA512 30b257f4fd642826ef6cb01b32011d5e0836293acb8952116708021995efb900ba9ae955918825eb3ad8af329d260f4b29efb85a962502a1354923bebbb0d1bf

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 134dc93aa68663ab98f2fb4ec767fe01
SHA1 652b459790f92ba4d97008dd8986a01ce884183e
SHA256 f1a78f8f1cc133699230b98d006125f87989e46b0f053125bfb0814efcf5135c
SHA512 3ceece9857b129c4e2514863593bcfbee078b526bafa78735c45cf83e1eda40b6648169078aac3eb0be2c492d2a2829dae6a16d63f4b9a03e9335d1dfa64da24

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 103c3401287e2615ae383a6f99d4d57a
SHA1 ee9fdce2976831d4d3dea830ae5bb84d9089bc00
SHA256 f1fa6d4708f71379cfe5b8406ff2906f6ceba8f250b4ec3c3e7655addd2e0270
SHA512 09915460fcfca928a3aaa62a51f45b57b97def3a6bbddbb89909d6ec43da8108f35272dde4aa35055e6406614fd3d5f294625e04b86b3f3cd5bb43bd20936258

\??\pipe\crashpad_2728_LHGBZLVFIFCMDONI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 762150098ebed394de405726a75381be
SHA1 11fe8f60d19c59247f525ac26adc9c373ea6e2b2
SHA256 18cbe2cf7d46a5467bd4624be80a27b0f3e11eb8a49c2811b5ce20155435b87e
SHA512 c9f2daa47846365ddb2c0c6a2185e8023e2c31c3ae1d0dfa73220a730a23d0edd42e8874ecff2329e88e276c74e26f70144666104cdec0013ff827c9b85d4fdf

C:\Users\Admin\AppData\Roaming\Pi Network\electron-log-preload.js

MD5 4e18daf1928410feb0425976f19d5773
SHA1 aed79f000f120da789bbd7ca2b50fca088ac3d91
SHA256 8d3c42b05d7b0ae7940f6be58c9e21d258353e1d77fd3e683bb858bc05cff707
SHA512 8707d835621f4330fd1bca40561266d62f0f7dd95bc6e86682bf5997d502dced8e7478506374759ec2424d7892ec33a28fa4db2cbb32faa8f6c1ce9bead9946a

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 99b047c88110e1672989051c0f30ae94
SHA1 a61f7f72270c88f52af3908f221ec3d69139e72c
SHA256 29ad29d195e1323f1bfd61bf0a5d851f9fcbb27f90c8c8d9bef5e2f9dd36e81d
SHA512 94f280e3cfe8d9c74f7321547c4a591845d972e538baf74158642e6076def63d95392dd8c1f7e72c385de0955d0bce067036cb72e9bda17de96f5a2cda07a4dc

memory/4024-1992-0x00007FFD25EF0000-0x00007FFD25EF1000-memory.dmp

memory/4024-1991-0x00007FFD260B0000-0x00007FFD260B1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Pi Network\5092333c-c194-4e4e-aec9-8f067dffcfd6.tmp

MD5 58127c59cb9e1da127904c341d15372b
SHA1 62445484661d8036ce9788baeaba31d204e9a5fc
SHA256 be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de
SHA512 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

C:\Users\Admin\AppData\Roaming\Pi Network\sentry\scope_v3.json

MD5 7e6edcb6d813be033d9d6a03969fe4f5
SHA1 621407eb79aaae6cc802ecf15ee28b9f25a34ddd
SHA256 05d7b8a1ad573a007f1c3d24673df0035db115d69054241b762bab047825f6de
SHA512 5f6aa8ebe1afb71912b778965ae1460b9224dfd1d50bb7fe3e067c116c2f806f3ed845c1216a25bce392932f361d6578267833f8ed0868a96e7234bb1c250c28

memory/32-2297-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2299-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2298-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2303-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2305-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2309-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2308-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2307-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2306-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

memory/32-2304-0x000001B0D1F90000-0x000001B0D1F91000-memory.dmp

C:\Users\Admin\AppData\Roaming\Pi Network\logs\main.log

MD5 e9b39005f3dcf9106e2cfc57214f7b64
SHA1 20eaeecb10e2f3b222f7dea67e566b07eed69a99
SHA256 5cdbd26bc194d304fb8ff8d6d4fd3f2f3dee4073541f21729ea64a6be5597e47
SHA512 ebaef0c03c91be9e3a6611aa76522d0f2d213b41f6f40c62a75b5ff07e2b73e6b1964dac7f40f2f6fa104f0531656e0bbaf89fe96eae50d0e219489791cc0c72

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240611-en

Max time kernel

1721s

Max time network

1178s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

Signatures

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\rundll32.exe

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3108 wrote to memory of 3140 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3108 wrote to memory of 3140 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe
PID 3108 wrote to memory of 3140 N/A C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3140 -ip 3140

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3140 -s 628

Network

Country Destination Domain Proto
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

macos-20240611-en

Max time kernel

943s

Max time network

1542s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A sudo /bin/zsh -c /Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3 N/A N/A
N/A /bin/zsh -c /Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3 N/A N/A
N/A /Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3 N/A N/A
N/A /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy N/A N/A
N/A sh -c "sudo /bin/zsh -c \"/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3\"" N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3]

/bin/zsh

[/bin/zsh -c /Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3]

/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3

[/Users/run/resources/app.asar.unpacked/node_modules/cpu-features/build/node_gyp_bins/python3]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.security.cloudkeychainproxy3]

/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy

[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/usr/bin/pluginkit

[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]

/usr/sbin/spctl

[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater2E18A62F/OneDrive.app]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.ContactsAccountsService]

/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService

[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.suggestd]

/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd

[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.knowledge-agent]

/usr/libexec/knowledge-agent

[/usr/libexec/knowledge-agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.routined]

/usr/libexec/routined

[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Maps.mapspushd]

/System/Library/CoreServices/mapspushd

[/System/Library/CoreServices/mapspushd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]

/usr/libexec/neagent

[/usr/libexec/neagent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.siri.context.service]

/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService

[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]

/usr/sbin/spctl

[/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app]

/usr/libexec/xpcproxy

[xpcproxy com.apple.assistantd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.bird]

/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird

[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]

/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd

[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pbs]

/System/Library/CoreServices/pbs

[/System/Library/CoreServices/pbs]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon]

/usr/libexec/xpcproxy

[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService

[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CoreAuthentication.agent]

/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd

[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.akd]

/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd

[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AccountPolicyHelper]

/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper

[/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

Network

Country Destination Domain Proto
US 8.8.8.8:53 bag-cdn.itunes-apple.com.akadns.net udp
US 8.8.8.8:53 mobile.events.data.trafficmanager.net udp
US 20.189.173.6:443 tcp
US 8.8.8.8:53 api.apple-cloudkit.fe2.apple-dns.net udp
US 8.8.8.8:53 gspe1-ssl.ls.apple.com.edgesuite.net udp
GB 104.77.118.129:443 gspe1-ssl.ls.apple.com.edgesuite.net tcp
US 8.8.8.8:53 e4686.dsce9.akamaiedge.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 cds.apple.com udp
BE 104.68.86.71:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
GB 104.120.141.107:443 help.apple.com tcp
GB 104.120.141.107:443 help.apple.com tcp
US 8.8.8.8:53 gspe35-ssl.ls-apple.com.akadns.net udp
US 8.8.8.8:53 gsp-ssl.ls.apple.com udp
GB 17.253.77.204:443 gsp-ssl.ls.apple.com tcp
US 8.8.8.8:53 gsp64-ssl.ls-apple.com.akadns.net udp
GB 17.57.146.13:5223 tcp
US 8.8.8.8:53 10-courier.push.apple.com udp
GB 17.57.146.8:5223 10-courier.push.apple.com tcp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp

Files

/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd

MD5 e528863522ec78e22d41392c18c81054
SHA1 09689eb0fc8e0e2f2f6c1bae2c0fac7d24983f62
SHA256 d5beb39e6137d1fbe62dcfaa559174116c5400e3b2786f174ce21b33bcd2322c
SHA512 20a3298fe4b09e1c606c24807e40f15a4d8694b31796a0dd276b63586c4f56563e95fec1e121b85a288a2d8c270e8fafad4f2d66908af25202f05bf051b7ac26

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/assistantd//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/assistantd//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/Users/run/Library/Caches/GeoServices/Experiments.pbd

MD5 e2a729c07e1df8e16aa7abbc0f18402c
SHA1 8ad6ff2c72732f1b3b2bfc4cbc8d4c25994a5f9a
SHA256 8d2fbd6fa8c4ec91032c0bac56aec59fc18dbb456a0416802964696bac55acf6
SHA512 e5861b81c4de34374df98f0ac7e41e5f625e802a2cc39ac951b569be6f40ecdbf9e14877b624b92879c877d949d690235258b450e96ab6f9deaf3856e89670ec

Analysis: behavioral17

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:27

Platform

win10v2004-20240226-en

Max time kernel

1783s

Max time network

1803s

Command Line

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot" /o ""

Signatures

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Processes

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\doc\docker.dot" /o ""

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3636 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1032 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 46.28.109.52.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 26.178.89.13.in-addr.arpa udp
US 13.107.246.64:443 tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 174.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 216.58.213.10:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp

Files

memory/1272-0-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-3-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-2-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-1-0x00007FF9F578D000-0x00007FF9F578E000-memory.dmp

memory/1272-5-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-4-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-6-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-7-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-8-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-9-0x00007FF9B35C0000-0x00007FF9B35D0000-memory.dmp

memory/1272-10-0x00007FF9B35C0000-0x00007FF9B35D0000-memory.dmp

memory/1272-22-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-23-0x00007FF9F578D000-0x00007FF9F578E000-memory.dmp

memory/1272-26-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-24-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-27-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-29-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-32-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-34-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-35-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-33-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-31-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-30-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-36-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-37-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

memory/1272-56-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-57-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-59-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-58-0x00007FF9B5770000-0x00007FF9B5780000-memory.dmp

memory/1272-60-0x00007FF9F56F0000-0x00007FF9F58E5000-memory.dmp

Analysis: behavioral28

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

0s

Max time network

1679s

Command Line

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

Signatures

N/A

Processes

/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/usr/local/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/usr/local/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/usr/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/usr/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

Network

Country Destination Domain Proto
US 151.101.129.91:443 tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.129.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 89.187.167.6:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.6:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

1679s

Command Line

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

Signatures

N/A

Processes

/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh

[/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/usr/local/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/usr/local/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/usr/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/usr/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/sbin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/bin/bash

[bash /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/usr/bin/dirname

[dirname -- /tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/test_integration.sh]

/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh

[.//tmp/resources/app.asar.unpacked/node_modules/cpu-features/deps/cpu_features/scripts/run_integration.sh]

Network

Country Destination Domain Proto
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.65.91:443 tcp
US 151.101.65.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 195.181.164.19:443 tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.18:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win10v2004-20240508-en

Max time kernel

1345s

Max time network

1175s

Command Line

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile.vbs"

Signatures

N/A

Processes

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\cpu-features\deps\cpu_features\cmake\ci\vagrant\freebsd\Vagrantfile.vbs"

Network

Country Destination Domain Proto
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsbe-20240611-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:26

Platform

win7-20240508-en

Max time kernel

1560s

Max time network

1564s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

Signatures

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1660 -s 220

Network

N/A

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsbe-20240418-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 07:27

Platform

debian9-armhf-20240418-en

Max time network

1694s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 1.1.1.1:53 debian9-armhf-20240418-en-14 udp
US 1.1.1.1:53 debian9-armhf-20240418-en-14 udp

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2024-06-19 06:51

Reported

2024-06-19 06:57

Platform

debian9-mipsel-20240418-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A