Analysis Overview
Threat Level: Shows suspicious behavior
The file https://github.com/Wolfmyths/Myth-Mod-Manager/releases/download/1.5.2/Myth-Mod-Manager.zip was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Enumerates physical storage devices
Detects Pyinstaller
Modifies registry class
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-19 13:29
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-19 13:29
Reported
2024-06-19 13:32
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
139s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
Loads dropped DLL
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2444 wrote to memory of 3424 | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe |
| PID 2444 wrote to memory of 3424 | N/A | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe | C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Wolfmyths/Myth-Mod-Manager/releases/download/1.5.2/Myth-Mod-Manager.zip
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=3860,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=4924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --field-trial-handle=3872,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=4940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=5144,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5320,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5416,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=4296,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=6284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=5908,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=6336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=6624,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=6444 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --field-trial-handle=5840,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=5180,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5172 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Myth-Mod-Manager\" -ad -an -ai#7zMap27431:94:7zEvent15158
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5740,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=5512 /prefetch:8
C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe
"C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe"
C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe
"C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 2.20.12.101:443 | bzib.nelreports.net | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 2.21.189.233:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.189.21.2.in-addr.arpa | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| NL | 23.62.61.160:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | app-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
Files
C:\Users\Admin\Downloads\Myth-Mod-Manager\Myth Mod Manager\Myth Mod Manager.exe
| MD5 | 214730d2d6b9bf7867342bd9d4a5eb69 |
| SHA1 | 4a9130011e127e25c58c1dbb5887a3e14840379d |
| SHA256 | 662d84d1d1ddbcd070339fd5814cc7a98135ea62566ec3af3f133aac6129146f |
| SHA512 | 1307935c402de01d596d92c80704d105a941abd29e7cc95ac87b60c77d1e01d5311813096f897de3b0e00f3103a10338de440c6625801568f118e686899826ba |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\ucrtbase.dll
| MD5 | 637c17ad8bccc838b0cf83ffb8e2c7fd |
| SHA1 | b2dd2890668e589badb2ba61a27c1da503d73c39 |
| SHA256 | be7368df484688493fb49fb0c4ad641485070190db62a2c071c9c50612e43fed |
| SHA512 | f6b727c319ca2e85a9b5c5e0b9d8b9023f0cf4193fab983cfa26060923374c6abd6d11db1da2e524a8b04622a4e13beb4c48dc23f98886d4abb33eb09f3a0776 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\python311.dll
| MD5 | 387bb2c1e40bde1517f06b46313766be |
| SHA1 | 601f83ef61c7699652dec17edd5a45d6c20786c4 |
| SHA256 | 0817a2a657a24c0d5fbb60df56960f42fc66b3039d522ec952dab83e2d869364 |
| SHA512 | 521cde6eaa5d4a2e0ef6bbfdea50b00750ae022c1c7bd66b20654c035552b49c9d2fac18ef503bbd136a7a307bdeb97f759d45c25228a0bf0c37739b6e897bad |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\VCRUNTIME140.dll
| MD5 | be8dbe2dc77ebe7f88f910c61aec691a |
| SHA1 | a19f08bb2b1c1de5bb61daf9f2304531321e0e40 |
| SHA256 | 4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83 |
| SHA512 | 0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\python3.dll
| MD5 | 7e07c63636a01df77cd31cfca9a5c745 |
| SHA1 | 593765bc1729fdca66dd45bbb6ea9fcd882f42a6 |
| SHA256 | db84bc052cfb121fe4db36242ba5f1d2c031b600ef5d8d752cf25b7c02b6bac6 |
| SHA512 | 8c538625be972481c495c7271398993cfe188e2f0a71d38fb51eb18b62467205fe3944def156d0ff09a145670af375d2fc974c6b18313fa275ce6b420decc729 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\libffi-8.dll
| MD5 | 0f8e4992ca92baaf54cc0b43aaccce21 |
| SHA1 | c7300975df267b1d6adcbac0ac93fd7b1ab49bd2 |
| SHA256 | eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a |
| SHA512 | 6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\_elementtree.pyd
| MD5 | e31fd445c65aec18c32a99828732264a |
| SHA1 | 1e7e9505954b8143faeee6ce0b459712f73018b1 |
| SHA256 | 02e30b6a2bee5be5336e40a9c89575603051bde86f9c9cdc78b7fa7d9b7bd1f0 |
| SHA512 | 20802cae1b75f28a83e76b529caf16c8d00bc050e66f6d8665c4238c4579e391c78f121dccb369f64511fdf892619720f8c626a39a28c9aa44f2bff7472cf0f9 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\_decimal.pyd
| MD5 | c88282908ba54510eda3887c488198eb |
| SHA1 | 94ed1b44f99642b689f5f3824d2e490252936899 |
| SHA256 | 980a63f2b39cf16910f44384398e25f24482346a482addb00de42555b17d4278 |
| SHA512 | 312b081a90a275465787a539e48412d07f1a4c32bab0f3aa024e6e3fe534ac9c07595238d51dc4d6f13c8d03c2441f788dff9fe3d7ca2aad3940609501d273bd |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\_bz2.pyd
| MD5 | aa1083bde6d21cabfc630a18f51b1926 |
| SHA1 | e40e61dba19301817a48fd66ceeaade79a934389 |
| SHA256 | 00b8ca9a338d2b47285c9e56d6d893db2a999b47216756f18439997fb80a56e3 |
| SHA512 | 2df0d07065170fee50e0cd6208b0cc7baa3a295813f4ad02bec5315aa2a14b7345da4cdf7cac893da2c7fc21b201062271f655a85ceb51940f0acb99bb6a1d4c |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\VCRUNTIME140_1.dll
| MD5 | f8dfa78045620cf8a732e67d1b1eb53d |
| SHA1 | ff9a604d8c99405bfdbbf4295825d3fcbc792704 |
| SHA256 | a113f192195f245f17389e6ecbed8005990bcb2476ddad33f7c4c6c86327afe5 |
| SHA512 | ba7f8b7ab0deb7a7113124c28092b543e216ca08d1cf158d9f40a326fb69f4a2511a41a59ea8482a10c9ec4ec8ac69b70dfe9ca65e525097d93b819d498da371 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\unicodedata.pyd
| MD5 | fd9132f966ee6d214e0076bf0492fb30 |
| SHA1 | 89b95957f002bf382435d015e26962a42032cb97 |
| SHA256 | 37c68617fa02a2cadced17ef724e2d450ef12a8a37215da789a4679fde1c5c02 |
| SHA512 | e35729abc45e5561aae1fb9e0e7c711dd7d3c1491520aa5c44fcc50c955f549f81d90897959327e930d02a5356afe08d6195adf002c87801a7a11235670639b5 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\select.pyd
| MD5 | e4ab524f78a4cf31099b43b35d2faec3 |
| SHA1 | a9702669ef49b3a043ca5550383826d075167291 |
| SHA256 | bae0974390945520eb99ab32486c6a964691f8f4a028ac408d98fa8fb0db7d90 |
| SHA512 | 5fccfb3523c87ad5ab2cde4b9c104649c613388bc35b6561517ae573d3324f9191dd53c0f118b9808ba2907440cbc92aecfc77d0512ef81534e970118294cdee |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\pyexpat.pyd
| MD5 | 79561bc9f70383f8ae073802a321adfb |
| SHA1 | 5f378f47888e5092598c20c56827419d9f480fa7 |
| SHA256 | c7c7564f7f874fb660a46384980a2cf28bc3e245ca83628a197ccf861eab5560 |
| SHA512 | 476c839f544b730c5b133e2ae08112144cac07b6dfb8332535058f5cbf54ce7ed4a72efb38e6d56007ae755694b05e81e247d0a10210c993376484a057f2217c |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\libssl-3.dll
| MD5 | 19a2aba25456181d5fb572d88ac0e73e |
| SHA1 | 656ca8cdfc9c3a6379536e2027e93408851483db |
| SHA256 | 2e9fbcd8f7fdc13a5179533239811456554f2b3aa2fb10e1b17be0df81c79006 |
| SHA512 | df17dc8a882363a6c5a1b78ba3cf448437d1118ccc4a6275cc7681551b13c1a4e0f94e30ffb94c3530b688b62bff1c03e57c2c185a7df2bf3e5737a06e114337 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\libcrypto-3.dll
| MD5 | e547cf6d296a88f5b1c352c116df7c0c |
| SHA1 | cafa14e0367f7c13ad140fd556f10f320a039783 |
| SHA256 | 05fe080eab7fc535c51e10c1bd76a2f3e6217f9c91a25034774588881c3f99de |
| SHA512 | 9f42edf04c7af350a00fa4fdf92b8e2e6f47ab9d2d41491985b20cd0adde4f694253399f6a88f4bdd765c4f49792f25fb01e84ec03fd5d0be8bb61773d77d74d |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-utility-l1-1-0.dll
| MD5 | 3138b144c99759b77dbd488dc91134ae |
| SHA1 | 664718852f84ad49623ffd401fac7959eda57704 |
| SHA256 | 3f78ca473da2335c8f26e32ac5a12ab6a76e4c415d923a930abbc0ef5630c835 |
| SHA512 | 4e5c519facb1580eca906821d0956b750c63f8882acd5dd0be1531ee2ee45e8b0fb10de6db0f1cd254844131680e19206942d7be24e976bd34cf1ebfa434b16b |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-time-l1-1-0.dll
| MD5 | 7e767ac571d63bcaeb64e243b2600b8d |
| SHA1 | 995ce687f655ff937fdf80c1ac7bae043e23e45a |
| SHA256 | c7643c68c3a33a2f67edca02d713749cafeb200daf1f3db7bd2eb168809132ab |
| SHA512 | 10b0f0c4844b4beef38d9bd51bbde19ff83caa8e9ac2673528056535872b07e48515c973c50dea9da0ac335cf1a98374d31f52cb04bb0e95eb0e5e6337eee95e |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-string-l1-1-0.dll
| MD5 | 017cd4317c9ff229fe723b4cef459e06 |
| SHA1 | d4355b4257d2efd5b1fc1a8b1ec8fbcde2260c75 |
| SHA256 | 9800d19f55385efdb4bb215d7de0773fb9574fd5ce2773f0217973c780bb8ccf |
| SHA512 | 513e20936e54e179772669a5c097e61369e6b9e62b7a8c246e4bb518a190078968b6aa8c434418eae739b2081421faec4e396ae21803d383e853c77c8b914dc7 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-stdio-l1-1-0.dll
| MD5 | 7f21f2ae857b6ed53ba086feca60e4d9 |
| SHA1 | abf957cf28b85c48a86ae255c36a978b4f1e0744 |
| SHA256 | 479e452662de08c4f65572d78ad553d8a9ce0612e39e3b2aa274b77b40b398f2 |
| SHA512 | 1a2d46806b48cf91beb7dcc9219af80f02d622b1aa9af7785e6b92dca138781a04a3c1bcc15f166fff96ee6bf3be19ae63e32b74a57d0f281acc1685fbca8148 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-runtime-l1-1-0.dll
| MD5 | 9206d6bb749266ac31da559029003fbb |
| SHA1 | 496d3051b66d93951253686b73023b64350b521b |
| SHA256 | 19da9d0027faed99ef3685a706da4256a24bc705e1f3c0dfcb89df0508620814 |
| SHA512 | cd316a52b289e223f607a88033efe1de085a1fba3228a55900ef5908bd90c6342930bdfb73a1ae995c5e496977336186bb3c4e1a0f4f3de52a6465014ee917bf |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-process-l1-1-0.dll
| MD5 | e9208bf204cc2f705533328fa24f3a8b |
| SHA1 | d2d6549d7a85dfb4d5877c59f3ba110985a202c9 |
| SHA256 | c679988b7dac986ec8d92b994d92b9979e565f6adbfd356b66a920f20e9caa86 |
| SHA512 | fb648540545c25d15a19cb9605fd78cbb5a214ff4d91d925400632aca85b59611493db71c65182cc189529fe767bcee114ac7e6c7980afa64875ca622ff1b038 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-math-l1-1-0.dll
| MD5 | 0d517e23b98b6e465214a25b0e73a49b |
| SHA1 | 8900d523d919a42ef4750eee7ce87cfb835fa455 |
| SHA256 | 90d5f4615e9aadf8f38f98a8443ca3cdcee6f082d07ee2abd1a74204dbefe73a |
| SHA512 | d850881bd7b042051fecee9e2fb4be105184e678c82d25095f88dc3c4e6ca9eb4ef818eee36443a62a1f54225a5213363b5a058d3a70baa29dd83f44dc9a1eb4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-locale-l1-1-0.dll
| MD5 | ed7e63157d241abb713998265b3987d1 |
| SHA1 | 00d80cfe269434a4bbc7b2266e0e3d7f7ff72f2f |
| SHA256 | 3afe87a1dd2463fc3a9b5ba0bfc97fb3689764ac10d2c408f5a7b7d6caf06657 |
| SHA512 | 3e89d1c1c3fca451a3d693873ebf58cceb73720c4c56d7449a96192fd240ac285a3da4e200ec289bfd5cfcfbdac4d83671059ed672739ca83deef9c891d84165 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-heap-l1-1-0.dll
| MD5 | dd79fe03815d8d96a70955257b85d025 |
| SHA1 | d98f5a2d2d52fc361064427fdecffbe1620b1d68 |
| SHA256 | 505b61565d51d0c95d9bc77337d063cd18c97a575f5e318cc5a0458d10ef4638 |
| SHA512 | 3fa3d9a9cddb493786c557f0738c6fad181a862749447c8172093709c4e931708cce12c9d177dbc4f9a0de0f950ebeaf02271e7cbc2b1f177e9c7f838b9ad7d0 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-filesystem-l1-1-0.dll
| MD5 | 442a686b00c22cc9affcecb15a569267 |
| SHA1 | 10f02b15493737d30aacebad19ecadb8bab81817 |
| SHA256 | cb0be4a28ff15650353aa3ea778e7b4076f77d394b6c406b2d288a8ccdf88a05 |
| SHA512 | 3d1da7ce726a435629d492ee2191e9818ddc975fc686835d61f1259fbb123de522f419a4571fb24c2c5227a2d12a83db2815aca6b7360a75a4b0671ea212acbd |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-environment-l1-1-0.dll
| MD5 | 0ed33abfad3cedf07f538e2152443683 |
| SHA1 | 78eed147eb33efd14f03d8e2fbe0ec0f41ae4056 |
| SHA256 | f76d2547bfc429e14b49d030679fdefa12383c1f3a8e09fa69b760a89f469e9a |
| SHA512 | 42b9417b464f6ddd45294e85b3f9143e5c76f512ca70214d1fc302f0cd28c8b7c29d9e213c78861d10ef4316aa02c14ecec2d9bc5a8021880f4186798eb4e317 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-convert-l1-1-0.dll
| MD5 | d360a829d5376ff0961f62bbe5ac9e06 |
| SHA1 | 7965077b47bf9949570656df5160f55d27eed1a4 |
| SHA256 | 6db47157030960e7106cec7825601ce7a33ea58ece603c90ecd9532ece1d1afe |
| SHA512 | aaeed59b187bb277239a07e539e34520e8bc321e4f398e44ee396751e76c189c0180171202380974f12c1c302e77b533b7a93898dd8ddfd5c524143a22b3b748 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-crt-conio-l1-1-0.dll
| MD5 | 218334da1ed369d2b694d3dff42da6ce |
| SHA1 | afcb936ebfc7a2d6cd3b0c7f25a3fb125bcb8a8a |
| SHA256 | b6ff4feabbe5f1fdc56f2e4e440dd8258702c3fc2a314440100319a62304baff |
| SHA512 | 9f2d009935b0847f89639b80c79dbe0fdfd08aa0c958ff67665a90971d3b304edf0e87b99112ca3ce988c2065147a41b63f47cd107d3a02e1a164ceb9bc4c13d |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-util-l1-1-0.dll
| MD5 | fa11fa74380735a5b8d4b309de4854be |
| SHA1 | 328959db39043cf7591cb18faec351957695f788 |
| SHA256 | 167e6e08e570e1ce34854781463c218bf14124a4112216b5f93d38d3c204e62a |
| SHA512 | a82f457868374c92322f7508f2ed98504e62b670621ba17ad636044a8198f5be56be46b25426bec1b85dd79b3de7c2a00bec33bd9246bc136a208a6d6e5f335f |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-timezone-l1-1-0.dll
| MD5 | 59f3aeb2eda80ffc000b99f27ec99d14 |
| SHA1 | 2961c514b480424b3512d424dcd7d295477b243a |
| SHA256 | e1c41c6525ed510aa75ec671f86d22a005ffd9a856a74dcf09bf3256e301a8ab |
| SHA512 | ff1980c859c7a23ded484a51e596fd591df855e0266961c4620373d42190152f92df83683779a79561d46bd5d238d7d178cfa2952dee316a742a72835be44992 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-sysinfo-l1-1-0.dll
| MD5 | c7368f2e472ca3e428ce9793d69fa3cd |
| SHA1 | 8064438a9d36f6b4bae2931ffaacb512c9e52e82 |
| SHA256 | c5a070567d238a43818fcabe6f0a99c470f03ec54042b3c95e91a548be20bf38 |
| SHA512 | 0303c632b61b2b51950a45df7c0de6c215e950f7845dde6b58cb0f6a9af2b74cc77d49bcf79615e9a4a15ee2b2a4fa43a4a3a0adb2005b89ab16ab00e3717e72 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-synch-l1-2-0.dll
| MD5 | c64289ca3db488fd15f25a8762221633 |
| SHA1 | b61c550bbe975b3841d8f201a967c8c227512ce4 |
| SHA256 | 726155c1d1e1f1778bca4d3952f54ab50035b65750d69e3bdf73cf9c52213c22 |
| SHA512 | 81f7866185b3a7971ef4cf7c98dc6326c17191c36df753b57174c6766fe0b4a49d7ab7954f08d472d0bc9dcbb3329b6309475ec092cf4a174f0b8958847aaf3c |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-synch-l1-1-0.dll
| MD5 | de86a7505497ecf1be8c7aa6e8b1cb8d |
| SHA1 | 66220266ccf36a03b36f57b1f63f2e446349fbbd |
| SHA256 | 493072a7a15b11c5382394e98fa0007004f90aa533373e64f109273808d5251c |
| SHA512 | 07e323ad892304e4052fc46f2384c94dab4bb462ac9a5a2a7b6f8a411d98639324bd06146338d66cb295e4afd30942b5bd138bcb225496774b920d51572117dc |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-string-l1-1-0.dll
| MD5 | d5cc0ab1fe05976d71ae09911cef5a67 |
| SHA1 | 16c7af053e6b6d128a5d9c14479b398537e1e1b0 |
| SHA256 | 689c682fc9030ce9e228c8dea5fc981956bf78229ee8f30c5f63b2b9df813766 |
| SHA512 | 843634364539a861eb38c5516c8c18ee00173cff5f24ad567a17430b1b53132db06a4ccd18f041972b11956a85dbdefc18ad11c9a9b3a2954e2c93113099877b |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-rtlsupport-l1-1-0.dll
| MD5 | d3167bbc7d02d30bf9e5d60abd7bb05f |
| SHA1 | 33a5e59103d2049140f35945b377e6ee07e06b64 |
| SHA256 | 2c2851d20158b0023eda056c477a57853b6d648053d4d57cad49e5ed574843b4 |
| SHA512 | 243c55b57eab36bb468a187a973e1cbbc430ad29f5ed627d3f127817885704df57a3e9865b5e28c3811bada14e1942e5293b4ff8b382ea2ba242aec82c6c51c4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-profile-l1-1-0.dll
| MD5 | d3291c9be1092f7d29018e7e45eb41c8 |
| SHA1 | 8140fa723f59675ea8292b273edbc8892cb4b5bb |
| SHA256 | edf1d0a1c9175c0392be3f15a6ed0be753b6df2b303876117becf47563db6f7f |
| SHA512 | bc4626df89df4aad7e2524bf515934ab3b8bd7bba50853b8c6faec65967222feadce56a2f333758cea1b7b3a93eddde2865feab453c5f3bb9bdcc5a0cd3105f5 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-processthreads-l1-1-1.dll
| MD5 | 81a255549e9b3467276810f94a67512d |
| SHA1 | c3bf694f5d030d5a29ebb9ae70010be4571cec17 |
| SHA256 | 8447c3c56f83e5a9407bf446cfc037d149b945611f03798f731e49145fca81c2 |
| SHA512 | 05e6d83baa20b38d8710ed06c62ef8603c37d70fd0f6036f54a50ad041575d52f23c56bcebb12df8bf7cd9327c46522e59bcda47e2fcabfb0e5c11247708afa4 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-processthreads-l1-1-0.dll
| MD5 | 4039d2c04c32fa423cc6ce766f0532d9 |
| SHA1 | a8d0cac1bcfdc94289b2073c2a14422d929df62f |
| SHA256 | 979c28aab88b3a45eed546e2a857e1e9eb41cb035d78446ee668feb918227238 |
| SHA512 | c1a0f9920ce28d4a15e5543458f68cc64125dd1b24e7c9caad3eed2b13b8c903ca9f76c0ab82f5a688843626150d321c4353fab81697eae604acbfb920b464e5 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-processenvironment-l1-1-0.dll
| MD5 | cb39b789091823bbe8ea7c9a84343dcb |
| SHA1 | 4d0f56a3833abb4a52e9af6d8631ea443a407b3e |
| SHA256 | 3f5a60c6772417f286c89cc45fe97eeae69d1705fa65445230b71b53a0a1eee8 |
| SHA512 | 23d393de9f9d7092f7eb79dd4aa45bca386b454caa9e91d1f09699a79b3382adc0a7b7d972fb9dc41e1e082adde8640edcef7cf444f50e4f14df93b89c823ecf |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-namedpipe-l1-1-0.dll
| MD5 | 83d560d0c8844cd047ea818414ee43ab |
| SHA1 | 11fd30a76f3e0a0af294a4da15890a55a0de3528 |
| SHA256 | 93d08d10dc60968fe6df4257ad79911045aabce0d6babd9d0714abb104ac1309 |
| SHA512 | 06a293264dca9bf12309fbc56c3d5a0f62c3bc7a04986e55c8553b778c491d78f27f9bfbd22ad2ee6317bc985b41066db6e9cbc25b93d5137ae5da012afb55c2 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-memory-l1-1-0.dll
| MD5 | a241d82577b25ed4aa54ab02da7d82c9 |
| SHA1 | 6cbc888c22a104109af2f084678b15576edbe465 |
| SHA256 | 1b72a9b95e7d62c923f6b791c4251b63e6331660caf0f44385e6eb1901a9933e |
| SHA512 | e51c246b80b56ea3912e849e18dbe7ff40a4a3e189475c96c570e71e05acdf89e97ffc533810a65172fc05f742b39ee9ef90e3fa0e4c9488f839c4c82fbc8560 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-localization-l1-2-0.dll
| MD5 | 2395f675152f25bdc501c1b698b3f70a |
| SHA1 | 829eb4dee9604330072c124b9bddf4a4e96a7c98 |
| SHA256 | 4173e50962540ec0708930d7c456164d4e0fa96d49efb034621eb06e67ac0563 |
| SHA512 | 7c0125e248387d268a337fa2a0090e6b8713e6205d22fb23a4ce9635fb0f5b79a0e3d28aab3050cc0445ef065632052c23341b1ac22dbd947ac4262fd63a1b51 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-libraryloader-l1-1-0.dll
| MD5 | 06ec6d562b0609529e615e795f093512 |
| SHA1 | db7c78e4b3f8a0eb4b392c9eef5774a571719f15 |
| SHA256 | b120d94a585170f84230d2a6826e3f02d0eb7bde37f965c1fdaf2ba52c5d82bc |
| SHA512 | 10773d831d4096130305ee10d611fb28caec213dfe5dd109115c86f7c26df34d7daaea0e6b2eb9eac8f4d59421485e90d6e722c78a55132c25d7b3c7c7222ef5 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-interlocked-l1-1-0.dll
| MD5 | f438ac3307c0de580adf6fb3d4ef57f8 |
| SHA1 | 5d10ea60e004e583940a082b9157e801aa3c4674 |
| SHA256 | 03ccd250ed3ef09013114094068dd08c96f0763778e94523e020241f7b16312b |
| SHA512 | c323aae5bb8ce58f92fb8beceb5c60f1bec12f5aaac0c1a435e38de9a10226bdb92808bb2f4e7bf069aec435cb4aade6182d541de2174b8007f8a69a8aa0d264 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-heap-l1-1-0.dll
| MD5 | df603cd6cb0fe53fd77c065f2766b5e8 |
| SHA1 | 0698b7b97a6f5174cdca0849bec001127f9f0b16 |
| SHA256 | e488e688b75b9f95451ad9c65586783e37c32b9952cb48286572c90b150ebbdd |
| SHA512 | 929f4868015306e5b84a1e2f341c12a792fe98d82cbcfabbbe79f932f80d81b98f1b6543da7d23e9153a68b00a3768fa9cd112382092104bd4810e3071723933 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-handle-l1-1-0.dll
| MD5 | 7141a2a1640ac67e686778130ad8dd7d |
| SHA1 | 8f4ba743bc5df04b3075535507983cede7ed249d |
| SHA256 | 4a2265e71cd5c9b85f5c705755c23323c1c33aecd9ff72b6ba1b425b8170cf08 |
| SHA512 | 6906bcdf8474e1fc9f69457cbae6635b18ddda69e3e42ac3b2eaa26aadd717e11b4fcd14e6ed6b5c4e318705c203498d77af8717becf94fd159075093f431440 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-file-l2-1-0.dll
| MD5 | 621a34a36c202e4c4e59a6077c22cb5e |
| SHA1 | ec696fd4e8e5935a722e88a551593593a12e882e |
| SHA256 | 746cde47f460ab4ef45a3158cbc038b166c86b03114c259ea5c759001692c079 |
| SHA512 | 04e94784a70a576235d5bec58c57b8b3cfc01d7b292287f299deaf52523cef51c2790874116e666e5bc672453beafe173cf1afbe49a5f3076b83344298643ae0 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-file-l1-2-0.dll
| MD5 | fa6953700659b11c2d82fb521d2e8664 |
| SHA1 | 07c7d14fdfd1686a424820f77733d1d4f3c75e31 |
| SHA256 | 4dcc72554ffaa121decaf6e5bd3081198f017d735a07cc6d23d8a56b1383a61e |
| SHA512 | 1300c6ab6377e717dfac9e2f78c1218dee91e8fde25454f65ab32095a949c1be5b67aa3ed1c1d9f78d0c8bc9830f5c1dc0e6e01e91effec20ead6cdd9a3f639f |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-file-l1-1-0.dll
| MD5 | 8b03d7c248a3b8d5a3ad1029af37c889 |
| SHA1 | 868a0dde330fdcbf6d0d23900f2c65720ddf9a90 |
| SHA256 | 4358b538205e9637e8ded05e8490dc0b673e0f756803da451e933411b0e0cb9e |
| SHA512 | 76d7e1ea0762a51cd5597e06e98dbd6af17124af57d1729e71ac994ffe7bbbf8be02e57dde31f76a5ea5e7194cceb24185d14fe378780dd1f1afd228fc012d9a |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-errorhandling-l1-1-0.dll
| MD5 | da9189023a6b7872de881052f3b990f9 |
| SHA1 | 55bcebcfd6805ee5bdad78a425ac5e123ab7e807 |
| SHA256 | f38193429c05622df65bfa1428895197b851d981875737c55f1cfe04a88664ef |
| SHA512 | b9d60a5588d835fd7eea7b9bec6564377505b53169db281bf80fc994657e5a3dc506d58fdcdec5b6f79346fd7c172546b59315d276fa691d2b7b495ecc23c2e2 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-debug-l1-1-0.dll
| MD5 | 9936abac26b97057e61a5a8346bc26c9 |
| SHA1 | 16f37a510ecc2a9119e99797e99c4d2468eb39f6 |
| SHA256 | d4de4b05b001028456087425ff66044b62bfda3076bff084f9be7843f517c584 |
| SHA512 | 7404c4a2f884c952a9d0bca9dde757d05db9a74892823d239e70afa40360220896e22853dad19f6d3e8a130ef6a936ded1d53af99d0afd7fd23babd2e0b0842a |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-datetime-l1-1-0.dll
| MD5 | faecbfdacc6dc01b0455ea7b4576de99 |
| SHA1 | 62fe4962a5900ffb94a05e6577dc5d63d90b3000 |
| SHA256 | 2b2ed0fe1be4713b33d150828ec0813fd4ecdcac8021a39e37fd8fe64bd21157 |
| SHA512 | 68dca96b1cf711e5fa283c355183a3f8f2db84081f07fd534d36dc68b4ea6e32e58b9be38fd51d743212d2d698ae656474b30c85a86321d58d1c0947911602e6 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\api-ms-win-core-console-l1-1-0.dll
| MD5 | feb41d426bf3cdfcc7d21464c26aed53 |
| SHA1 | 97a56392ec04e202d59978dc6670d5e76a2be6c1 |
| SHA256 | 299bf8705f61598548975e0b122debedf5dc928fc874801d8988d64b7d623da1 |
| SHA512 | 2b962112bad1a754e2cbd3f3f29538dcf1132fa59e298bfa18d1b706d967735e02c524c3a993a2040a9ae94e387ede394c7f67d348e50e0ef40815ce67630866 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\_ctypes.pyd
| MD5 | 565d011ce1cee4d48e722c7421300090 |
| SHA1 | 9dc300e04e5e0075de4c0205be2e8aae2064ae19 |
| SHA256 | c148292328f0aab7863af82f54f613961e7cb95b7215f7a81cafaf45bd4c42b7 |
| SHA512 | 5af370884b5f82903fd93b566791a22e5b0cded7f743e6524880ea0c41ee73037b71df0be9f07d3224c733b076bec3be756e7e77f9e7ed5c2dd9505f35b0e4f5 |
C:\Users\Admin\AppData\Local\Temp\_MEI24442\base_library.zip
| MD5 | 4b011f052728ae5007f9ec4e97a4f625 |
| SHA1 | 9d940561f08104618ec9e901a9cd0cd13e8b355d |
| SHA256 | c88cd8549debc046a980b0be3bf27956ae72dcdcf1a448e55892194752c570e6 |
| SHA512 | be405d80d78a188a563086809c372c44bcd1ccab5a472d50714f559559795a1df49437c1712e15eb0403917c7f6cfaf872d6bb0c8e4dd67a512c2c4a5ae93055 |
memory/3424-275-0x00007FFC7CEF0000-0x00007FFC7D516000-memory.dmp
memory/3424-276-0x00007FFC7BA20000-0x00007FFC7C04B000-memory.dmp
memory/3424-278-0x00007FFC7D5D0000-0x00007FFC7D969000-memory.dmp
memory/3424-277-0x00007FFC7B5E0000-0x00007FFC7BA20000-memory.dmp
memory/328-396-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-398-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-397-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-408-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-407-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-406-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-405-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-404-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-403-0x000002788D0A0000-0x000002788D0A1000-memory.dmp
memory/328-402-0x000002788D0A0000-0x000002788D0A1000-memory.dmp