Analysis Overview
SHA256
fe6419e521cc0612602566c0d7babfecdbd286453ef918ecdc441d0a38ccc118
Threat Level: Shows suspicious behavior
The file MiniGo Launcher Setup.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped DLL
Executes dropped EXE
Checks installed software on the system
Drops file in Program Files directory
Unsigned PE
Detects Pyinstaller
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: AddClipboardFormatListener
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-20 07:20
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-20 07:20
Reported
2024-06-20 07:23
Platform
win11-20240508-en
Max time kernel
169s
Max time network
164s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| N/A | N/A | C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe | N/A |
Loads dropped DLL
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\MiniLAU\assets\is-2FCRU.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-6B64A.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-KA8DH.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-LG4UB.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-MANCL.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140_1.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-S9UDI.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-70BEK.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-SCE7Q.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Qml.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-71OFT.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-32P6G.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-1EHLU.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7AB35.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qjpeg.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qicns.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-4DM8L.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-CQAE5.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\is-8E6O6.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\is-L90FA.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-DIA2K.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-1R3AM.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platformthemes\qxdgdesktopportal.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\assets\is-DC885.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7R03T.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qwindows.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\is-3I0O0.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-5J6O1.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-56IVG.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-FDR1E.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-GOQ5G.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Core.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-6H1J3.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-4LDJV.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-KC5Q2.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-S4SD3.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\styles\qwindowsvistastyle.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-B6UM6.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-6VLIO.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-EH9QM.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qwebp.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-UGA2R.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-54U32.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-326GM.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-P3O5I.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-A5BHU.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-EURBG.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qwbmp.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qsvg.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-5U6VQ.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-5IVTB.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-MAQ4K.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\python3.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5DBus.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\iconengines\is-4GQA1.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-Q0FO2.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-E10Q8.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-RNRL3.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\VCRUNTIME140_1.dll | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\is-L6G1A.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| File created | C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-NNRIT.tmp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates physical storage devices
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\ = "MiniLauncher" | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open\command | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe\SupportedTypes\.myp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.myp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids\MiniLauncher.myp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe\SupportedTypes | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp\shell\open\command | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Applications\MiniGo Launcher.exe\SupportedTypes | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\DefaultIcon\ = "C:\\Program Files (x86)\\MiniLAU\\MiniGo Launcher.exe,0" | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open\command\ = "\"C:\\Program Files (x86)\\MiniLAU\\MiniGo Launcher.exe\" \"%1\"" | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.myp\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe
"C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp" /SL5="$30234,25656669,783360,C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe"
C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe
"C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | launchermeta.mojang.com | udp |
Files
memory/1204-0-0x0000000000400000-0x00000000004CC000-memory.dmp
memory/1204-2-0x0000000000401000-0x00000000004B7000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp
| MD5 | 1b96c7fbdf7cb74c4e94fdb2fb6dc03a |
| SHA1 | 57bf7ee5e408aff950ef188892fb28a3f156aaa8 |
| SHA256 | da3d244e7547db28ace88f8c6afb4eeb5918a8fd5bb3eca05844338cf2c926c4 |
| SHA512 | ca65f3a8f0f24298e88b3a2d95f407441f4f137428b5d0290f8e23474afa372a6798410da6b6b790bb476c364665732d575c2b6d97010830bca6300842c70c7a |
memory/4676-7-0x0000000000400000-0x0000000000708000-memory.dmp
memory/1204-8-0x0000000000400000-0x00000000004CC000-memory.dmp
memory/4676-9-0x0000000000400000-0x0000000000708000-memory.dmp
memory/4676-36-0x0000000000400000-0x0000000000708000-memory.dmp
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7R03T.tmp
| MD5 | bcebcf42735c6849bdecbb77451021dd |
| SHA1 | 4884fd9af6890647b7af1aefa57f38cca49ad899 |
| SHA256 | 9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85 |
| SHA512 | f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78 |
memory/4676-322-0x0000000000400000-0x0000000000708000-memory.dmp
C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe
| MD5 | 9ddad5e4401e467e93530b76cb5c0e9b |
| SHA1 | a7b63aff9f2f598f33619a5729a79c0701c69914 |
| SHA256 | cf0042b5450a0f1ed15341ece655023651bd4f377fadd67ff2c83779c50549dc |
| SHA512 | 469e2b47caa0505723e61e1ff81d4d09339ec69d79b59d2c335e6fbcdd0d94bb301f69eccd740b3cdc6c5cceb30b04b35cbb91d0398cd98e1afa4dff2d511add |
C:\Program Files (x86)\MiniLAU\_internal\python39.dll
| MD5 | 7e9d14aa762a46bb5ebac14fbaeaa238 |
| SHA1 | a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9 |
| SHA256 | e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3 |
| SHA512 | 280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023 |
C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140.dll
| MD5 | 11d9ac94e8cb17bd23dea89f8e757f18 |
| SHA1 | d4fb80a512486821ad320c4fd67abcae63005158 |
| SHA256 | e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e |
| SHA512 | aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778 |
C:\Program Files (x86)\MiniLAU\_internal\_uuid.pyd
| MD5 | 4b12242f880989cb909246c19616e82f |
| SHA1 | df1c6459959b040babf21c2ec2ee765ce6103086 |
| SHA256 | 02e05c2dc07b699fb7e6178526d6f32127e8d9b7aed0720446d186824d4fd1db |
| SHA512 | 2b3df39d886981fa123420c256a97ce075a4f7c6728a4f0e15615b9b7f3f0bad6cbbf46c4d417afa25ab8cdf50303a1209677827ed4877494cfac8f6494d263e |
C:\Program Files (x86)\MiniLAU\_internal\_ssl.pyd
| MD5 | 6f52439450ad38bf940eef2b662e4234 |
| SHA1 | 3dea643fac7e10cae16c6976982a626dd59ff64a |
| SHA256 | 31c95af04a76d3badbdd3970d9b4c6b9a72278e69d0d850a4710f1d9a01618d7 |
| SHA512 | fdd97e04f4a7b1814c2f904029dfb5cdfcd8a125fce884dcd6fdb09fb8a691963192192f22cf4e9d79dd2598cf097a8764aeec7a79e70a9795250c8ef0024474 |
C:\Program Files (x86)\MiniLAU\_internal\_socket.pyd
| MD5 | 4b2f1faab9e55a65afa05f407c92cab4 |
| SHA1 | 1e5091b09fc0305cf29ec2e715088e7f46ccbbd4 |
| SHA256 | 241db349093604ab25405402ba8c4212016657c7e6a10edd3110abeb1cc2e1ba |
| SHA512 | 68070db39cd14841bcd49db1acf19806b0aa4b4ac4c56518b3a3baddaac1cd533f0b3ef70a378f53d65c0d6c0f745a6102b63303ea7978c79f688c787efe9cc3 |
C:\Program Files (x86)\MiniLAU\_internal\_queue.pyd
| MD5 | e64538868d97697d62862b52df32d81b |
| SHA1 | 2279c5430032ad75338bab3aa28eb554ecd4cd45 |
| SHA256 | b0bd6330c525b4c64d036d29a3733582928e089d99909500e8564ae139459c5f |
| SHA512 | 8544f5df6d621a5ff2ca26da65b49f57e19c60b4177a678a00a5feb130bf0902f780b707845b5a4dd9f12ddb673b462f77190e71cbe358db385941f0f38e4996 |
C:\Program Files (x86)\MiniLAU\_internal\_lzma.pyd
| MD5 | a77c9a75ed7d9f455e896b8fb09b494c |
| SHA1 | c85d30bf602d8671f6f446cdaba98de99793e481 |
| SHA256 | 4797aaf192eb56b32ca4febd1fad5be9e01a24e42bf6af2d04fcdf74c8d36fa5 |
| SHA512 | 4d6d93aa0347c49d3f683ee7bc91a3c570c60126c534060654891fad0391321e09b292c9386fb99f6ea2c2eca032889841fce3cab8957bb489760daac6f79e71 |
C:\Program Files (x86)\MiniLAU\_internal\_hashlib.pyd
| MD5 | ae32a39887d7516223c1e7ffdc3b6911 |
| SHA1 | 94b9055c584df9afb291b3917ff3d972b3cd2492 |
| SHA256 | 7936413bc24307f01b90cac2d2cc19f38264d396c1ab8eda180abba2f77162eb |
| SHA512 | 1f17af61c917fe373f0a40f06ce2b42041447f9e314b2f003b9bd62df87c121467d14ce3f8e778d3447c4869bf381c58600c1e11656ebda6139e6196262ae17e |
C:\Program Files (x86)\MiniLAU\_internal\_decimal.pyd
| MD5 | bb70fc3eb76b6801ed7228b6869017b2 |
| SHA1 | fe76cdf1d8eab706a9e748404c09b8841f13d923 |
| SHA256 | 831e4ce99f469fa94567482444af492891b7bf327853e92dd4bb2ce092021e74 |
| SHA512 | 0c17324718e803c861fc58c4584c8d1421e097f7ef4a23b247f9e2448c1460d2c67eac3ef76da02195a07e2d391a39f0db1d4d8d3ac163ca488f05424e750944 |
C:\Program Files (x86)\MiniLAU\_internal\_bz2.pyd
| MD5 | 124678d21d4b747ec6f1e77357393dd6 |
| SHA1 | dbfb53c40d68eba436934b01ebe4f8ee925e1f8e |
| SHA256 | 9483c4853ca1da3c5b2310dbdd3b835a44df6066620278aa96b2e665c4b4e86b |
| SHA512 | 2882779b88ed48af1e27c2bc212ddc7e4187d26a28a90655cef98dd44bc07cc93da5bce2442af26d7825639590b1e2b78bf619d50736d67164726a342be348fa |
C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140_1.dll
| MD5 | 7667b0883de4667ec87c3b75bed84d84 |
| SHA1 | e6f6df83e813ed8252614a46a5892c4856df1f58 |
| SHA256 | 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d |
| SHA512 | 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74 |
C:\Program Files (x86)\MiniLAU\_internal\unicodedata.pyd
| MD5 | 87f3e3cf017614f58c89c087f63a9c95 |
| SHA1 | 0edc1309e514f8a147d62f7e9561172f3b195cd7 |
| SHA256 | ba6606dcdf1db16a1f0ef94c87adf580bb816105d60cf08bc570b17312a849da |
| SHA512 | 73f00f44239b2744c37664dbf2b7df9c178a11aa320b9437055901746036003367067f417414382977bf8379df8738c862b69d8d36c6e6aa0b0650833052c85f |
C:\Program Files (x86)\MiniLAU\_internal\select.pyd
| MD5 | f8f5a047b98309d425fd06b3b41b16e4 |
| SHA1 | 2a44819409199b47f11d5d022e6bb1d5d1e77aea |
| SHA256 | 5361da714a61f99136737630d50fa4e975d76f5de75e181af73c5a23a2b49012 |
| SHA512 | f0a96790fcdabf02b452f5c6b27604f5a10586b4bf759994e6d636cc55335026631fa302e209a53f5e454bea03b958b6d662e0be91fa64ce187a7dc5d35a9aa9 |
C:\Program Files (x86)\MiniLAU\_internal\python3.dll
| MD5 | d188e47657686c51615075f56e7bbb92 |
| SHA1 | 98dbd7e213fb63e851b76da018f5e4ae114b1a0c |
| SHA256 | 84cb29052734ec4ad5d0eac8a9156202a2077ee9bd43cabc68e44ee22a74910a |
| SHA512 | 96ca8c589ab5db5fde72d35559170e938ce283559b1b964c860629579d6a231e1c1a1952f3d08a8af35d1790228ac8d97140b25b9c96d43f45e3398459ae51bc |
C:\Program Files (x86)\MiniLAU\_internal\libssl-1_1.dll
| MD5 | bd857f444ebbf147a8fcd1215efe79fc |
| SHA1 | 1550e0d241c27f41c63f197b1bd669591a20c15b |
| SHA256 | b7c0e42c1a60a2a062b899c8d4ebd0c50ef956177ba21785ce07c517c143aeaf |
| SHA512 | 2b85c1521edeadf7e118610d6546fafbbad43c288a7f0f9d38d97c4423a541dfac686634cde956812916830fbb4aad8351a23d95cd490c4a5c0f628244d30f0a |
C:\Program Files (x86)\MiniLAU\_internal\libcrypto-1_1.dll
| MD5 | 63c4f445b6998e63a1414f5765c18217 |
| SHA1 | 8c1ac1b4290b122e62f706f7434517077974f40e |
| SHA256 | 664c3e52f914e351bb8a66ce2465ee0d40acab1d2a6b3167ae6acf6f1d1724d2 |
| SHA512 | aa7bdb3c5bc8aeefbad70d785f2468acbb88ef6e6cac175da765647030734453a2836f9658dc7ce33f6fff0de85cb701c825ef5c04018d79fa1953c8ef946afd |
C:\Program Files (x86)\MiniLAU\_internal\base_library.zip
| MD5 | c53cb6cb31e716c8f63e46e893d7647b |
| SHA1 | 1555a8eae598574ea996dd19183aa377a3ad1013 |
| SHA256 | ff17bf5c2319b61fc274c94a9690625cca1eb00b4a2bff73d0c61b5e8f7afd12 |
| SHA512 | 782df6aa0dbaba8da7a27aabf691d58ebb4d29d5060cb35ea90e20d88d1ed6dc4af4ee93a0ba42cebea81f7c87dba5c04213438f329afffbbdba08b4b6bf11b4 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtCore.pyd
| MD5 | d6d51c8f5e381cbba49d54e507a41220 |
| SHA1 | 86deaab67d3fc4e26bc81db89faec720a5d8a3a4 |
| SHA256 | 5a2aed6f96abec6905e6a36d33bc00d2c23e13f6333ea0545a32ab57b33a7c47 |
| SHA512 | 3b3b386d3d0a8865348a574740473325a1a7deac6a9b767fbca253e1de90412aa76e4e9b36d9586f3307f10ee567adb34d85bf21751e568e86ec66683131fbf0 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Core.dll
| MD5 | 817520432a42efa345b2d97f5c24510e |
| SHA1 | fea7b9c61569d7e76af5effd726b7ff6147961e5 |
| SHA256 | 8d2ff4ce9096ddccc4f4cd62c2e41fc854cfd1b0d6e8d296645a7f5fd4ae565a |
| SHA512 | 8673b26ec5421fce8e23adf720de5690673bb4ce6116cb44ebcc61bbbef12c0ad286dfd675edbed5d8d000efd7609c81aae4533180cf4ec9cd5316e7028f7441 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140_1.dll
| MD5 | 0fe6d52eb94c848fe258dc0ec9ff4c11 |
| SHA1 | 95cc74c64ab80785f3893d61a73b8a958d24da29 |
| SHA256 | 446c48c1224c289bd3080087fe15d6759416d64f4136addf30086abd5415d83f |
| SHA512 | c39a134210e314627b0f2072f4ffc9b2ce060d44d3365d11d8c1fe908b3b9403ebdd6f33e67d556bd052338d0ed3d5f16b54d628e8290fd3a155f55d36019a86 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtWidgets.pyd
| MD5 | 9cde8433816662eaeb762c8e6fe77e6b |
| SHA1 | d9d69268af89c4134ed94c768baedd6abbce7557 |
| SHA256 | e732f15729fa69c3067dc33abb60e241570398aa9ab3359d9ff2a9714d1a1e4c |
| SHA512 | 3f6dfc0fdc9eeb4f5d041aaf5d0420091f7230bf60796e979503d345ce9a74e0f23dd229c31207221c8509bab1edde616ff9803776708a5b4097a7338d372c54 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Gui.dll
| MD5 | 47307a1e2e9987ab422f09771d590ff1 |
| SHA1 | 0dfc3a947e56c749a75f921f4a850a3dcbf04248 |
| SHA256 | 5e7d2d41b8b92a880e83b8cc0ca173f5da61218604186196787ee1600956be1e |
| SHA512 | 21b1c133334c7ca7bbbe4f00a689c580ff80005749da1aa453cceb293f1ad99f459ca954f54e93b249d406aea038ad3d44d667899b73014f884afdbd9c461c14 |
memory/1880-368-0x00007FFFB98B0000-0x00007FFFB9DF1000-memory.dmp
memory/1880-371-0x00007FFFB8F80000-0x00007FFFB91E5000-memory.dmp
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtGui.pyd
| MD5 | a931566050607d6a9feb94cef82672d9 |
| SHA1 | 405a7e907631efef51bea7952d4d725b6402d5a2 |
| SHA256 | 8c425d163b0c650cb8dc4662625de4998bed2ad9a3f2e04a8664e2e72a69f845 |
| SHA512 | 263a23f1346ecf1a042f3c697c8f40aefb99e134c06ee87edeef47c170e7113327a9c51143af83e4fa1589970f22c2606bf6f4bb4ebff7be3ee3e3acfde4a258 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qoffscreen.dll
| MD5 | 6407499918557594916c6ab1ffef1e99 |
| SHA1 | 5a57c6b3ffd51fc5688d5a28436ad2c2e70d3976 |
| SHA256 | 54097626faae718a4bc8e436c85b4ded8f8fb7051b2b9563a29aee4ed5c32b7b |
| SHA512 | 8e8abb563a508e7e75241b9720a0e7ae9c1a59dd23788c74e4ed32a028721f56546792d6cca326f3d6aa0a62fdedc63bf41b8b74187215cd3b26439f40233f4d |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qminimal.dll
| MD5 | 2f6d88f8ec3047deaf174002228219ab |
| SHA1 | eb7242bb0fe74ea78a17d39c76310a7cdd1603a8 |
| SHA256 | 05d1e7364dd2a672df3ca44dd6fd85bed3d3dc239dcfe29bfb464f10b4daa628 |
| SHA512 | 0a895ba11c81af14b5bd1a04a450d6dcca531063307c9ef076e9c47bd15f4438837c5d425caee2150f3259691f971d6ee61154748d06d29e4e77da3110053b54 |
C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\md__mypyc.cp39-win_amd64.pyd
| MD5 | b5692f504b608be714d5149d35c8c92a |
| SHA1 | 62521c88d619acfff0f5680f3a9b4c043acf9a1d |
| SHA256 | 969196cd7cade4fe63d17cf103b29f14e85246715b1f7558d86e18410db7bbc0 |
| SHA512 | 364eb2157b821c38bdeed5a0922f595fd4eead18ceab84c8b48f42ea49ae301aabc482d25f064495b458cdcb8bfab5f8001d29a306a6ce1bbb65db41047d8ea5 |
C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\md.cp39-win_amd64.pyd
| MD5 | d93ad224c10ba644f92232a7b7575e23 |
| SHA1 | 4a9abc6292e7434d4b5dd38d18c9c1028564c722 |
| SHA256 | 89268be3cf07b1e3354ddb617cb4fe8d4a37b9a1b474b001db70165ba75cff23 |
| SHA512 | b7d86ecd5a7372b92eb6c769047b97e9af0f875b2b02cff3e95d3e154ef03d6b9cf39cc3810c5eca9fea38fea6201e26f520da8b9255a35e40d6ec3d73bb4929 |
memory/1880-366-0x00007FFFB9E00000-0x00007FFFBA2F0000-memory.dmp
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Widgets.dll
| MD5 | 4cd1f8fdcd617932db131c3688845ea8 |
| SHA1 | b090ed884b07d2d98747141aefd25590b8b254f9 |
| SHA256 | 3788c669d4b645e5a576de9fc77fca776bf516d43c89143dc2ca28291ba14358 |
| SHA512 | 7d47d2661bf8fac937f0d168036652b7cfe0d749b571d9773a5446c512c58ee6bb081fec817181a90f4543ebc2367c7f8881ff7f80908aa48a7f6bb261f1d199 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\sip.cp39-win_amd64.pyd
| MD5 | 0ca03bf820f16e28256695c42dab56dd |
| SHA1 | 35bf3d4f7112aac0fe5ba61ad647f48b0edbb93f |
| SHA256 | fcf8f65a5c944d94de8535b9d4f4235e24c8c328266bd2b0ba420ea1f8433c01 |
| SHA512 | 9fe58f438921cf1de341f4194707eca2e4c045184493fd4715f078d0137a8b47f299072fa0128a4172ef433a41f9e9a949592de74f72152b1a81d4a588c699bb |
memory/4676-392-0x0000000000400000-0x0000000000708000-memory.dmp
memory/1204-393-0x0000000000400000-0x00000000004CC000-memory.dmp
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\VCRUNTIME140_1.dll
| MD5 | 6bc084255a5e9eb8df2bcd75b4cd0777 |
| SHA1 | cf071ad4e512cd934028f005cabe06384a3954b6 |
| SHA256 | 1f0f5f2ce671e0f68cf96176721df0e5e6f527c8ca9cfa98aa875b5a3816d460 |
| SHA512 | b822538494d13bda947655af791fed4daa811f20c4b63a45246c8f3befa3ec37ff1aa79246c89174fe35d76ffb636fa228afa4bda0bd6d2c41d01228b151fd89 |
C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140.dll
| MD5 | 01b946a2edc5cc166de018dbb754b69c |
| SHA1 | dbe09b7b9ab2d1a61ef63395111d2eb9b04f0a46 |
| SHA256 | 88f55d86b50b0a7e55e71ad2d8f7552146ba26e927230daf2e26ad3a971973c5 |
| SHA512 | 65dc3f32faf30e62dfdecb72775df870af4c3a32a0bf576ed1aaae4b16ac6897b62b19e01dc2bf46f46fbe3f475c061f79cbe987eda583fee1817070779860e5 |
memory/1880-350-0x00007FFFBA8C0000-0x00007FFFBAB23000-memory.dmp