7d0ab5ca5aff97c4f7c243c3009361b42d62382cfc567242d1f026f764064621

Analysis

max time kernel
105s
max time network
65s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
04-07-2024 14:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MedalSetup.MjQ4NjU5Nzg2LDEsbm9yZWY=.exe
Size

142.5MB
MD5

cbebc7b09a792bc07c9229a026e257b9
SHA1

aed43a22150b9641cedf9ce99d73ecd65980d582
SHA256

7d0ab5ca5aff97c4f7c243c3009361b42d62382cfc567242d1f026f764064621
SHA512

8499992181b44a293333cc68d075a04dcdc50d8d989d70632f2b9e61b85ea9f492ecd670800efbf7fa410fda39f49fc25c3bafb1d1f443e0d1808d22ca93c6c0
SSDEEP

3145728:Kkxh0HMfqOp+y1Feg4OQRHT0rsAstI64g6wiFlj/CF:KOI0n1FezxQrsAstf6wiPTCF

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 7 IoCs

pid	Process
4196	Update.exe
12192	Squirrel.exe
12244	Medal.exe
3396	Medal.exe
2356	Update.exe
3496	Medal.exe
11968	Medal.exe

Loads dropped DLL 8 IoCs

pid	Process
12244	Medal.exe
3396	Medal.exe
3496	Medal.exe
11968	Medal.exe
3496	Medal.exe
3496	Medal.exe
3496	Medal.exe
3496	Medal.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 7 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2	Medal.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Medal.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Medal.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	Medal.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1	Medal.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz	Medal.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString	Medal.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
12244	Medal.exe
12244	Medal.exe
12244	Medal.exe
12244	Medal.exe
4648	powershell.exe
4648	powershell.exe
1108	powershell.exe
1108	powershell.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	4648	powershell.exe
Token: SeIncreaseQuotaPrivilege	5692	WMIC.exe
Token: SeSecurityPrivilege	5692	WMIC.exe
Token: SeTakeOwnershipPrivilege	5692	WMIC.exe
Token: SeLoadDriverPrivilege	5692	WMIC.exe
Token: SeSystemProfilePrivilege	5692	WMIC.exe
Token: SeSystemtimePrivilege	5692	WMIC.exe
Token: SeProfSingleProcessPrivilege	5692	WMIC.exe
Token: SeIncBasePriorityPrivilege	5692	WMIC.exe
Token: SeCreatePagefilePrivilege	5692	WMIC.exe
Token: SeBackupPrivilege	5692	WMIC.exe
Token: SeRestorePrivilege	5692	WMIC.exe
Token: SeShutdownPrivilege	5692	WMIC.exe
Token: SeDebugPrivilege	5692	WMIC.exe
Token: SeSystemEnvironmentPrivilege	5692	WMIC.exe
Token: SeRemoteShutdownPrivilege	5692	WMIC.exe
Token: SeUndockPrivilege	5692	WMIC.exe
Token: SeManageVolumePrivilege	5692	WMIC.exe
Token: 33	5692	WMIC.exe
Token: 34	5692	WMIC.exe
Token: 35	5692	WMIC.exe
Token: 36	5692	WMIC.exe
Token: SeIncreaseQuotaPrivilege	5692	WMIC.exe
Token: SeSecurityPrivilege	5692	WMIC.exe
Token: SeTakeOwnershipPrivilege	5692	WMIC.exe
Token: SeLoadDriverPrivilege	5692	WMIC.exe
Token: SeSystemProfilePrivilege	5692	WMIC.exe
Token: SeSystemtimePrivilege	5692	WMIC.exe
Token: SeProfSingleProcessPrivilege	5692	WMIC.exe
Token: SeIncBasePriorityPrivilege	5692	WMIC.exe
Token: SeCreatePagefilePrivilege	5692	WMIC.exe
Token: SeBackupPrivilege	5692	WMIC.exe
Token: SeRestorePrivilege	5692	WMIC.exe
Token: SeShutdownPrivilege	5692	WMIC.exe
Token: SeDebugPrivilege	5692	WMIC.exe
Token: SeSystemEnvironmentPrivilege	5692	WMIC.exe
Token: SeRemoteShutdownPrivilege	5692	WMIC.exe
Token: SeUndockPrivilege	5692	WMIC.exe
Token: SeManageVolumePrivilege	5692	WMIC.exe
Token: 33	5692	WMIC.exe
Token: 34	5692	WMIC.exe
Token: 35	5692	WMIC.exe
Token: 36	5692	WMIC.exe
Token: SeDebugPrivilege	1108	powershell.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe
Token: SeShutdownPrivilege	12244	Medal.exe
Token: SeCreatePagefilePrivilege	12244	Medal.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4196	Update.exe

Suspicious use of WriteProcessMemory 59 IoCs

description	pid	Process	procid_target
PID 3472 wrote to memory of 4196	3472	MedalSetup.MjQ4NjU5Nzg2LDEsbm9yZWY=.exe	78
PID 3472 wrote to memory of 4196	3472	MedalSetup.MjQ4NjU5Nzg2LDEsbm9yZWY=.exe	78
PID 4196 wrote to memory of 12192	4196	Update.exe	79
PID 4196 wrote to memory of 12192	4196	Update.exe	79
PID 4196 wrote to memory of 12244	4196	Update.exe	80
PID 4196 wrote to memory of 12244	4196	Update.exe	80
PID 12244 wrote to memory of 3396	12244	Medal.exe	81
PID 12244 wrote to memory of 3396	12244	Medal.exe	81
PID 12244 wrote to memory of 4648	12244	Medal.exe	82
PID 12244 wrote to memory of 4648	12244	Medal.exe	82
PID 12244 wrote to memory of 5580	12244	Medal.exe	84
PID 12244 wrote to memory of 5580	12244	Medal.exe	84
PID 5580 wrote to memory of 5692	5580	cmd.exe	86
PID 5580 wrote to memory of 5692	5580	cmd.exe	86
PID 12244 wrote to memory of 1108	12244	Medal.exe	88
PID 12244 wrote to memory of 1108	12244	Medal.exe	88
PID 12244 wrote to memory of 2356	12244	Medal.exe	90
PID 12244 wrote to memory of 2356	12244	Medal.exe	90
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 3496	12244	Medal.exe	91
PID 12244 wrote to memory of 11968	12244	Medal.exe	92
PID 12244 wrote to memory of 11968	12244	Medal.exe	92

C:\Users\Admin\AppData\Local\Temp\MedalSetup.MjQ4NjU5Nzg2LDEsbm9yZWY=.exe
"C:\Users\Admin\AppData\Local\Temp\MedalSetup.MjQ4NjU5Nzg2LDEsbm9yZWY=.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3472
- C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
  "C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4196
- - C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Squirrel.exe
    "C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Squirrel.exe" --updateSelf=C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
    3⤵
    - Executes dropped EXE
    PID:12192
- - C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe
    "C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe" --squirrel-install 4.2460.0
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Checks processor information in registry
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:12244
  - - C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe
      C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Medal /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Medal\Crashpad --url=https://f.a.k/e --annotation=_productName=Medal --annotation=_version=4.2460.0 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=22.3.27 --initial-client-data=0x504,0x50c,0x514,0x4e0,0x518,0x7ff7506c1898,0x7ff7506c18a8,0x7ff7506c18b8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:3396
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe -c "Get-WmiObject win32_VideoController | Format-List -Property Name, Description, Caption, AdapterRAM"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:4648
  - - C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /d /s /c "wmic CsProduct Get UUID"
      4⤵
      Suspicious use of WriteProcessMemory
      PID:5580
    - - C:\Windows\System32\Wbem\WMIC.exe
        
        wmic CsProduct Get UUID
        5⤵
        Suspicious use of AdjustPrivilegeToken
        
        PID:5692
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell.exe -c "Get-WmiObject win32_VideoController | Format-List -Property Name, Description, Caption, AdapterRAM"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:1108
  - - C:\Users\Admin\AppData\Local\Medal\Update.exe
      C:\Users\Admin\AppData\Local\Medal\Update.exe --createShortcut=Medal.exe
      4⤵
      Executes dropped EXE
      PID:2356
  - - C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe
      "C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Medal" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 --field-trial-handle=1964,i,12532400676008088004,12353706732599644296,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:3496
  - - C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe
      "C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\Medal.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Medal" --standard-schemes --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=2124 --field-trial-handle=1964,i,12532400676008088004,12353706732599644296,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      PID:11968

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\chrome_100_percent.pak

Filesize
126KB

MD5
d31f3439e2a3f7bee4ddd26f46a2b83f

SHA1
c5a26f86eb119ae364c5bf707bebed7e871fc214

SHA256
9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e

SHA512
aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\chrome_200_percent.pak

Filesize
175KB

MD5
5604b67e3f03ab2741f910a250c91137

SHA1
a4bb15ac7914c22575f1051a29c448f215fe027f

SHA256
1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c

SHA512
5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\ffmpeg.dll

Filesize
2.6MB

MD5
0e3162e145f4395bff1f72cc66de686a

SHA1
b9d2e46191ce423b8ab822863a4ee0f870cd5798

SHA256
c9e7e1cdb537d56291e5b3df06c3c9a6845aa80de50c40c0cb1e1e6341eb97ac

SHA512
f20c88cb05195504a76e8f8c34e23ad3eaa87e13573be10bb2a2e95ec3511c173ac9a099f4f0ee35401ca346b7ccdb581ad6ad790dd80d82f765d1f9ed0ee6b6

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\icudtl.dat

Filesize
10.0MB

MD5
76bef9b8bb32e1e54fe1054c97b84a10

SHA1
05dfea2a3afeda799ab01bb7fbce628cacd596f4

SHA256
97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3

SHA512
7330df8129e7a0b7b3655498b2593321595ec29445ea193c8f473c593590f5701eb7125ff6e5cde970c54765f9565fa51c2c54af6e2127f582ab45efa7a3a0f6

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\locales\en-US.pak

Filesize
313KB

MD5
3f6f4b2c2f24e3893882cdaa1ccfe1a3

SHA1
b021cca30e774e0b91ee21b5beb030fea646098f

SHA256
bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f

SHA512
bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources.pak

Filesize
5.1MB

MD5
f5ab76d2b17459b5288b6269b0925890

SHA1
75be4046f33919340014a88815f415beb454a641

SHA256
4f29587bcd952de1dbc0b98df0aa506bd9fcf447e6a7258c5eb7e9eb780e6d6c

SHA512
6ec6a08418743adb5e20218b73169be4f45f5458592219497c3718e620e37871876788937418f1341e0023c1137f9cac715e6bb941f4690febdda993b072feab

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\index.js

Filesize
386B

MD5
5e2fbb9d655e0dd204e8d211ec1b4d0c

SHA1
440dc879e7fb836d97a5f5a40f016bbaa1b7f588

SHA256
8debe05417ec5d5e42661e2697a8d0db3ba30fa9bd4ac70c62c992ec01527bf9

SHA512
d6445a850642c562aa6affe907580fbf5b4faf70c51ad7b12613120a27ce1d6ee049571a709334fc588ff45c32ee918836bbae2188d4394a94c5810265139b2f

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\main.min.js

Filesize
7.5MB

MD5
352f18149a3f7f12cd9c764df48548d9

SHA1
bc66fedaba059bd6498efad742287da43db74bf4

SHA256
bdf9da483411d0543ef150a72b99508fceac0c4cae6202958b5865f6857e9e0d

SHA512
06495c975df6059047b0eed4084233455581794f65f476cf9cfdb046a1ff58b5096e1e40d67bd293fe67b19a7ccf9c3ebd9ea6bd48249a13edc91f70ec4e052d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\@electron\universal\node_modules\fs-extra\LICENSE

Filesize
1KB

MD5
ea817882455c03503f7d014a8f54f095

SHA1
dd164bc611bca7ba8ead40ec4c2851081e5a16b9

SHA256
1e76029602ae9b21cc4e612db2496d92febed882ba13ba745f8b3309e85f9d39

SHA512
0ea343d0e696ba27877dc0611766c526aa73f6e7af46df5a0f83840dc4c7851fb5837b7f6bda8a014302bf877fe3b4b3e392b943cefb3af979e8afc67559a5ff

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\@electron\universal\node_modules\fs-extra\lib\output\index.js

Filesize
947B

MD5
b0adfc74c8e51ce2ab659bfc13752ed3

SHA1
1b0879db53a00bbfeddcfdc0c190901387bab7bd

SHA256
a27d1a72ed1ecddffc57e70187a4b72467ed0dd34092b7e3d2817b9f4359ab5d

SHA512
4bd96fa626592e856431c3da18f7f2c5262fcf7f8fc95a4fa8b3ecd6bd7f53e82ee27d3255711df0addaaaa3fc7ba5e11104dd448f90f490e5517eabc1cdad42

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\@electron\universal\node_modules\fs-extra\lib\path-exists\index.js

Filesize
263B

MD5
dfb2813673ea5279a9aa7305e5fe33f3

SHA1
6e6491c1ab3389433d1b39a33b3ac8760649a2c8

SHA256
5ce096c95daec0259817248921b39a9e0df4d342db171138ccb62440cc7a0cbe

SHA512
53d93b66ed4a2eca23046e6f2b08fcbe4cde40a2b841ab38db838ac75b0882947371024cb74ae43d2c9a2e095e2457e2207979c45f07d46e6e2b5f99efcfc794

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\@lwahonen\ffi-napi\deps\libffi\config\mac\ia32\ffitarget.h

Filesize
4KB

MD5
4ef9928ec21c398681ed3357aa400c48

SHA1
5bafcdf7c4ff860ce7f94c5260159e7bf063243b

SHA256
ce9a87677a9b9af9dcc6f8f632b62948214824174b65fe4361d3b662cc72aec0

SHA512
c0f5f26b249cf3ca72b2d334008a7ab8b7332f286e57edf7c700b5c4a80960dbce14e3db940829134a3bc593a087f56b41afb757daf3f03e32611ab1172c1f6d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\@lwahonen\ffi-napi\deps\libffi\config\openbsd\x64\ffi.h

Filesize
13KB

MD5
4c8fce7c4f0bee30b8f03d94fba5b66c

SHA1
4eb6b34a1547e2da9b1a0daa9c9f7a32569a03e5

SHA256
bdd54f5f8517f32767d864921edb878224068a75eff7e0386a55105d61e44466

SHA512
0f077d7c2a9801eab3134d4c56793f64fc1c8434e8eabe9c749d0f7d0d875b1750ad0f32873b49778bbb7b5864c280c4546fd72775ad0ec49eb091ec26ee3848

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\async\dist\async.js

Filesize
219KB

MD5
1257b1d9deaebe158498a18320cb5206

SHA1
6658b0192f5224d10475378ee50ce927b8b99f13

SHA256
caeea733f6f61bb394a1a5f71d8bda604765dcc9aea0f0a9a0e54243a1d4c7e8

SHA512
244bb4cc9a386415f1ff15392c92ffab5ceee43b78bada2f9836809b015738347cc781c8ec1eec97dd17d8a00e59d100079f7a6f9fa9790dc84f07ce64754fb1

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\async\package.json

Filesize
2KB

MD5
8b25d829d53060e8c855b44bf9f0a163

SHA1
fba8834d773d13fc6c9c74a1ea3ffd013859d7a1

SHA256
ed7622386e4427bbdd4eb08c09c0aca9bcc1d739becdfb421b2cd19c76dae308

SHA512
43427701fb7eaac7fd06ef99ff86cbf5c2a27d0ca28d5bf95b3b9cb0469b00a39dc81afee2d7d2dcb22ec0aef2dd4cc36e01c241ee507865f31be5377d3d9b2e

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\b4a\index.js

Filesize
3KB

MD5
b792856285e9760aac0ca447b4cdad32

SHA1
c3f23229d5855aa849565a6f4dee345b4471e53e

SHA256
7bb04f74fe05865a5382a76b07cf11cf34f53a18d7e44679a70e3ad33baa4d64

SHA512
a147f23a7d0104812ec98d07604c96c47359aecef4873a912b87823737ed8fa4898e7574152815317c7c30c72f5857913453abc0616de20b998c151034bf818e

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\b4a\package.json

Filesize
701B

MD5
530ee244b7c2df2e16d152d4dbe039d5

SHA1
6b5e6be8639f0c3f9828fcae1d2bbae7344edde0

SHA256
287e126e6500f191066f1865ef155a4dd668ad08c177d42821a77a52e0202604

SHA512
5401f101832ba756eb7693751cd857349aef42052ae2c0d29c886fe514f74c356ffd8f4c0dac95508a801c7b8d6b2dbb515f3388c96c63b9ae844e37bf4024b6

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\bindings\bindings.js

Filesize
5KB

MD5
13c05ea1a2f638b707aa56eea958810c

SHA1
c93878e75a9f0545f73aa8d6fba3a761c4ceda36

SHA256
8e32a0d37f20bd6f7d5bdbf99d041aa27be47cbbe5172ac13ebf7380a10b3bf6

SHA512
f356619fa479c72086138eed34fbdcf501bb6f263249e5cf3b1069b2d6c120afc32d9b2ee89d9a41b2f516251c8bbf5d9913e78105961a989e136ac03146657f

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\bindings\package.json

Filesize
660B

MD5
17005447df8440e0e386849b8fa2b682

SHA1
14bbbadeb1307b1f711ee10093d5b46a7889677c

SHA256
a87721fe406e1f1798fef44d697b46ea1efe346fda118010334713346ee4207c

SHA512
a61aa9260b34479feb762f81f23ec26104d311fee81bb299efa00fc7091d3ae7f10047f6d91bd3bcfec7152b754c9fc6fe97ac280b3c00abc945a25ef387105d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\blake2b-wasm\blake2b.js

Filesize
11KB

MD5
6d4fdddbe0e3df6ede11846ac2d9f104

SHA1
16ed563b7e5eb247279479de76bea594fab392f0

SHA256
ab8919c1546bd3015afb834e6f0948a7c53121be4f4107ce2a3f4eb31c3e77e9

SHA512
f895785e1143a0952c033db6317f9f7d1dfd8c220827019d4857f0c0a6fc67f08fb89ce2aa8fc45d601ee1afc40950c91de2532fc76fefda1c461fa25229c1f9

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\blake2b-wasm\index.js

Filesize
4KB

MD5
b1c4d73faad73d98b01810cde1eb52fb

SHA1
67c75686ab7cbee0ac60c3a7f8a5a9ae083dc0ce

SHA256
0ab2389048116330718b012ce387aa693e3f318e9cc9b697d32a96d65bef25bd

SHA512
bb5440c3bc7f2f309b1aa237015b493e01ebf53c595413225658feed63e48d42851064615a45323f3c13c7f55c7193f5c73c2f9c1f196406e474813fc2feab4d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\blake2b-wasm\package.json

Filesize
782B

MD5
85f6234e8249e84f2a2361d5142707a3

SHA1
d3714b3f9fa05401342b89d5c9f9d47f9bdcd7ef

SHA256
5bda19aefb010a8fccff1fc5dce0e9d3ff75ae1921e584d1becb4c371b3b4541

SHA512
e6919601c8dd1f7dbbe487c42ec441411338cf7fcf3a2da0a4f7f91ed1d963d2db7e8a00ec4a4bbde5be8323db1fab55b44b364fc8684c710a041148c99b1e73

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\blake2b\index.js

Filesize
9KB

MD5
350e95a4d11b533abbd5d4414d38005f

SHA1
37f2bb772cc953169bbfc13087b13ba6952ed8b3

SHA256
89d35ca4687b8ad3bd659b1a39f44a8a4a393ac977be5af1e1ce32116c25c064

SHA512
8e9648cedceb87e36e915e050329d8ce246bfba0ac18f9d491efb0160e7e89defa7a4a33301def1dd4a2b72bf8b1ea6c64cf03dafb90c615f1e23d5d016e0863

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\blake2b\package.json

Filesize
742B

MD5
88595359281788f64142b0938af3f9db

SHA1
d35800917d86c3d104b9142926e9daa2ba4bf3dc

SHA256
47bcf83fa22df55efb1759c46153bc6e994036c2146d5a0de3867953a603f870

SHA512
a2b8cfc39020dce3384ecccb149df4092905e8ff77c14c93c6162eb35788c11b3141f2dc1382dbead2e0bbcc7f0970bc0e1af97b4e9795e2e0193f9fef4f7ef4

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\node_modules\ms\index.js

Filesize
2KB

MD5
fddcc2097091479666d0865c176d6615

SHA1
55f9b3a7d4cfbf68b19ccd0d698aa86483dd4694

SHA256
55986972f5f3c9446f876c576e1cd30fd4f04cd26527efbb5ad834637c740e4c

SHA512
252644169a9398527927b69a2f19c6578bd62dcd180b94984d991939f53bf4e77ca687e840db42f7dba3b37124a5e3f3eda83535e75491bbe6ca440a7149913f

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\node_modules\ms\package.json

Filesize
705B

MD5
b3ea7267a23f72028e774742792b114a

SHA1
fe112804e727b4f3489e9a52900349d0a4ed302c

SHA256
3708fd273bf5b1e91c72d88143f48ad962adcc10b99250a4a203d13804f37757

SHA512
01975d65bc491d0b39435d793a62bcdba6b5edf4fb886de0e48a8a393e26fdf31bdfb4f91dd7e10ba69a1e62ed091d5ea04f9f8bf57d784c3491a5c5c8472988

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\package.json

Filesize
1KB

MD5
2630a1ac039c8970c8fb0daf0f2f03c4

SHA1
ed6fe3dcf77a4c2ddadde904c5b1fc47cf9893c7

SHA256
754ba4f352a9b983fbbf93cfffe015d29bc789a08eb05815270abf50902697fb

SHA512
a017d21a1ecb159065bc32b94b38de03b38c10448b85f88bfe1498b144320884d612a868b9db192d6acf041f88da415f953d9dd8541ee29e4053e2463dd54791

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\src\common.js

Filesize
6KB

MD5
28e94a3cc7d081498bea5ced383038f6

SHA1
c9707394c09387b56864a8865158d29fd307774a

SHA256
c65bff44c189188e0c45afdbd9b02c427ff5c6e54b94da53c102fbb7a53f0e37

SHA512
5775d4c9b823dc9514488a28f2bfcba990a13defdfc5992e1ffec915ca5e6ec2ba87bddb1cb7f4b772345a14b4041f98a74f7bcc9d9be2a3371e3002c33bbebc

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\src\index.js

Filesize
314B

MD5
d6c53f5a0dd8f256d91210ad530a2f3e

SHA1
0f4ce3b10eff761f099ac75593f7e05b149ae695

SHA256
aa127ff1752b7d9c7415c5c7bb6994d9aa722b81bcbcab4bd48316b013d23bf3

SHA512
4faa874d9d862ffc921528742c4f1fe8a9b22a358760f6e93fcef138523575329a801ce9659ed8e96b02b73e581b3e99d91973e22981b358ffb5e43103a536c2

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\debug\src\node.js

Filesize
4KB

MD5
6e63fda079262f01e14f03bdf77146c0

SHA1
481608e3c95722f3a474336e5b777a6a521e76f9

SHA256
f237adcb52849de7c128f57e0468b52353c529a6c8341810477c0e7144359559

SHA512
3017b4717118f56fac106dcaa046aecf3cc63c37e64f49838e5379a13583c293f39ec5ace48fb2dabeac6af4a967f96219812733ead6f36c3f5c8d132d795900

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\electron-deeplink\dist\index.js

Filesize
7KB

MD5
d359d8698706d059e14b6f3eeedced8c

SHA1
9acb5276a78ed09acf81a62e1db439217aff85cf

SHA256
6c693e5ca23e904436e4bf6e68901147d319fd7132b2bcff4dd061615bb8a773

SHA512
f44a7196ad9d4f44085966ac6724f48d00566189136d08a9b13b4ac3cc7e6d1addf2e854098fb4c2ec94c28e3f48168f82b0d1134d0066237dd5fba91c35ccfd

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\electron-deeplink\dist\stub.js

Filesize
156B

MD5
62063cc3b8565061daaddf496dd15731

SHA1
206166851431982536333b4a1b9c31f9e5111295

SHA256
3f39ca63ca2f696207da3702df9a4df21e980a13f0e77528340730e2bf315fd6

SHA512
a6006c18cdf95cf641e54e10c76ff6c7ae47d881435ca54847e2b687fec2a9a129a2e2e3ca600557a328b34c22c54cfd7a6db4865af0f122c6cb5963e65c66e5

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\electron-deeplink\dist\templates.js

Filesize
458B

MD5
790b7b8bf5ed00feffce05aac1c79492

SHA1
5ac0afae48c626cc6474268c725342039e5e5ef0

SHA256
6bd01e7f8ea390760ae26ae469f6627dd7a9447360b477bba6911b76cb0e921f

SHA512
2522716477010a2ba3df3b1faa69fd8bb36cad02f6a43f95b7bbb75a49f516e6c2619e1dab8e1b85c888a2385b3435ffa95f9cda95e0c4dcdcb467cadbd515f5

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\electron-deeplink\package.json

Filesize
1KB

MD5
16fd5b35f0cbaed2b0b719e69f9f5a4b

SHA1
7b82df17cfdfcdfd8f8d4ff02502f1d7a8b964b4

SHA256
9fa3547f74427c8e7b20cd51a27f58d4a97a465f919177a7fb177143624e0e2c

SHA512
a19b574a3009dd7cf823dcfaf84790a60bec7b743211045cccaa3970923fc403af3c80d801d8a706cde599afe79317f99c98f429abefaad4583e6e181d55a5ed

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\file-uri-to-path\index.js

Filesize
1KB

MD5
d98f7c699c54e0e90f408a44feb3188b

SHA1
0ffd660201ce0749053d108c53e5606b9da158d6

SHA256
e62293e871bdd5a7449ff3c7956c9536ec1d2ea7369461de77322b5256bb93e7

SHA512
7389081fbf3b16f0ad99f556337679be895e04930e36bfc8f99720e013f28b68bdd4579f11eb41dd4cc7a64a36ec26a6e6539d42d5888696f71e7d2d9c8784dc

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\file-uri-to-path\package.json

Filesize
717B

MD5
65f30030f0e7b2eff552eaabd8bb1fe1

SHA1
5dee8a540c467ffbf9025481180c77a06a9f46f2

SHA256
71eb1e24bb9694f89c613fa0aa307f977dd43f41d11794c7b48fabf6c55f66b0

SHA512
763c372773f093de60fdbe0bdd5d0b6362882e22eaebed51f70ea50fa3087417b5c517ea9ea057b56d40f019cea042a6e8c387356da1b9b9d39c2a5f16e7b5d4

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\lodash\lodash.js

Filesize
531KB

MD5
bbb588cc4360df5d317ebff5f5c1ac9c

SHA1
03d60d1510d24a952ff370b77035b031a87c4158

SHA256
4c04561befdf653aef017a42ac5addf68ea943cdfca6bdee5ce04e04e8139f54

SHA512
da2c021e3ba3f8f99d0b2bdbf3cacc39c87451c290c551e2fe0b009a5d5f3777a0f3620368efdc773cde5d7e221765732087acee9383135fc6d2db37401c2c94

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\lodash\package.json

Filesize
578B

MD5
188f386c15507c982c3e0d5a2db5b60d

SHA1
2c1ec9f730323c72f6f76e73f48b24902cc853c2

SHA256
8e41b07c744a0de0d2c1c23ed41418ecb0849abb56395d28802e601b4730d7c2

SHA512
a9a582ec1711e2dd19d80b43288821709641e310a44657d6dfe0b4b98644a33f6c9720e89a17516cbafa38518bf71653402b1fede5b2cf18dfe9859ed3973e5f

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\ms\index.js

Filesize
2KB

MD5
83c46187ed7b1e33a178f4c531c4ea81

SHA1
ea869663486f513cc4d1ca8312ed52a165c417fa

SHA256
e5f0b6a946a9b2b356a28557728410717df54ea2f599edb619f9839df6b7b0e9

SHA512
51b45089a53a23c12e28eb889396e2fa71b95085baa5ac34d71ffb625131bf2fec3ae98efeae537656e20ea257f44e089bcebc9ad54cf672cde852102e43e153

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\ms\package.json

Filesize
732B

MD5
a682078f64a677ddad1f50307a14b678

SHA1
c290eb97736177176d071da4ac855ab995685c97

SHA256
1a6b4d9739790c0b94ab96c8cc0507e281c164c311ff4fbf5e57fb8d26290b40

SHA512
9e16c5689b57275f4ed624c6954f12299706e2372a60f6173421800da5edf9ed52e52fd2b0798f826cddbade6ca19a6e6a996960c6697cc2da0ddecb36409520

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\nanoassert\index.js

Filesize
438B

MD5
44d45c7081a567a4d0cb4bbb36bf6be6

SHA1
69a7954eab536502b052557d5911acb9de503dad

SHA256
5a3c8dce33093172d9cb3d6bdd34e464d17a1da175a8f8b74f0c0d22dde94fbb

SHA512
0c3195a63b389bab6612e3824a65a5cacc2852aa2f8b272e34717be4608197bc1f9b4529879a13fa9567d0ae9846916dd645349b9797418f88e7ce7bc5d4e504

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\nanoassert\package.json

Filesize
647B

MD5
de6935b833716ef4d703b58e188ace78

SHA1
01cb598615db0cb08979b3ff1e4324d047eb1fa0

SHA256
2152421c559e2aeb7c002ecfeac306340d23cf3783446cea607a284658df30bd

SHA512
b134877eb15c2fa70a5e0549c8a736e8bb8ff84426cac51ed581f707d38c75c110f96c233825409a3948a6943fb1c26cc25617092b40645e68073d6d58f0ee65

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\node-gyp-build\index.js

Filesize
390B

MD5
caa8dbb9acb0b39387e9db3895ec2f4e

SHA1
6c165ff1c6b62331fe315bebfe1c1765d83d5415

SHA256
a7ed0d5ae218a19bdbdf15a590d0893790ddf536313b66a787554693cfaae078

SHA512
32300dde85101fda577a3ba148f9f2887998cbebf7853c527e70580d1e713a38314011a9f92de20c2648b646c7c072cc5337c00ba464cfa2621fd0beec47fd01

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\node-gyp-build\node-gyp-build.js

Filesize
5KB

MD5
4a8a7a2c5aa7ad0c304de54ef266bb74

SHA1
146485e9d64fbeb5ac80affd8a411ea3f6e550ed

SHA256
134f0585f7c665db89f332a379158c6f113274422e42aaf54e0aa9d5ac37f577

SHA512
a28642c67b3f100c2214c6795ce585c8cc623e25e86da53a09bb9041fe850d20f7eac1acbe626a580f6a7a9e9a3a16a8bd93913e338251a0139972f9e8d2c5b8

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\node-gyp-build\package.json

Filesize
772B

MD5
db5eb8c791ad3efa9eccff958a78d019

SHA1
b52359d86cb133ce16df39fc3852e8ef297e15d4

SHA256
1094c5e3e46e002b61931c83a7272225d74ecfb4125cad74c176a8584595c7dd

SHA512
e5b28fdaedea387a8a7d73ae8704ed6ab8151c72367b87c62bd1bcf032e318a51ca1eb727f34c2a5c15ffe1b5ae155cc44cfbb78810f4388e58e0695b7e50de4

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\tr46\index.js

Filesize
7KB

MD5
7d598c8605e26cafe489544f1730d380

SHA1
02c41eea7eb4ce2d32b7faeb4229edaa28b9d8e4

SHA256
8194f9425ce9ab06ea9aebcd64a85ec064d95d61bb349f8f1c98762ad256638e

SHA512
f79b6e635786bb4b38f80562d862a6a2c908ea691b3fc42712aae82591c735acd02d8fd79ccf37468e58f865bba28f9be0d92182b30c8e4b4ef7261bb57f213d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\tr46\lib\mappingTable.json

Filesize
253KB

MD5
26c6da7a34c8a051a60b3592287d3fea

SHA1
6e09dfd1d4d65675bba0a9bb69e0bd6393f0d5da

SHA256
b6b39724dca9011113a08d9d6910204062b58169e98952acdfbd19bf2c31bbff

SHA512
8ad552c64f53303c00f2a56c1fdc2d6c644b12aa993c181d5f4847fb4613701b3d03d2a4f8e347e1d755999681585ae3081e865ae54f21340c826196c2af83d4

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\node_modules\tr46\package.json

Filesize
732B

MD5
36ce158498fb4f35c9a42edb60665bbe

SHA1
49c76b0a075effa9325c17f55c4d6472ddf3c7a9

SHA256
615087f58ee138fd35c2b414c355b72e36e5919725b8aecc1c34f6a5585b9779

SHA512
676215940610329d35feef0674d9dc61a9ab7c265d6eedca582e13003acd8b9d8b4894c86e79eaa85e97266682dbbe9637826b99f0b9afa56dbcf9ad077a1a55

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\package.json

Filesize
10KB

MD5
9cea2a3f2f9c76ac2f19e3d0212b7ed6

SHA1
3f65bb4f104d41d19446651781add292dca1ce48

SHA256
a8ec1b3bfb62d794e2a2bd7f4c6e88565140a008f0caa45b1f2acb46dda4fa96

SHA512
c36759644f660b10c4328590152ca70a40ac298e9f8080549ca6fc6aa6896bc4586f34993314f5f2cefed4921b4526d1600c6f16bf29082e823f0b9d86056a2e

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\resources\app\version.json

Filesize
20B

MD5
6204d51d0c4755d0d43c92c38d1b542a

SHA1
eeea0cdcb13d026909721cf67b3628d1eb7d42c3

SHA256
902047fc7b87d0fbf5d7252990f303fa8f5c7874d80369fe049023c7accd9c0e

SHA512
eaf6a0e043cb6897f931ab6d2cd2ac96969a62bd85e61e9e52ad47003e1cfbc4c4cd8bd62092468502bcc7a0a2fbdf3b3a93f2fcdb5b0e9677e73faf3cce1e7d

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\squirrel.exe

Filesize
2.0MB

MD5
7840a26bfdb7681dc7339ca2ace242df

SHA1
6d0146ce1de91e162edd02d9e25ecc9bebcfb170

SHA256
40dcaa43495f658e4a2e6850a3484dbe8654fc6ce87a78a3c3a84ad537853c09

SHA512
53c10a6cf60427b0ab0f90c9f0de0bbbc969b6aa018734c19d16edd026ff07b0ded3a3ed21cfd738bb16fea484bf1a0127745af5183b0abe36b04a775f87f0d4

Download Submit
C:\Users\Admin\AppData\Local\Medal\app-4.2460.0\v8_context_snapshot.bin

Filesize
471KB

MD5
6503b392ac5c25ff020189fa38fbaecb

SHA1
50fb4f7b765ac2b0da07f3759752dbc9d6d9867b

SHA256
add78f3f85f0b173cbe917871821f74c5afe0a6562462762b181180d16df4470

SHA512
9c12fff1686845a2c0b43d35a8572f97e950f232f1ce5690fd1212f48c171edbcc5d725754f10a66599b0823ac0c995c7212e263b7e02ea0ed9f2d2b937fa760

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log

Filesize
3KB

MD5
22e796539d05c5390c21787da1fb4c2b

SHA1
55320ebdedd3069b2aaf1a258462600d9ef53a58

SHA256
7c6c09f48f03421430d707d27632810414e5e2bf2eecd5eb675fecf8b45a9a92

SHA512
d9cc0cb22df56db72a71504bb3ebc36697e0a7a1d2869e0e0ab61349bda603298fe6c667737b79bf2235314fb49b883ba4c5f137d002e273e79391038ecf9c09

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES

Filesize
79B

MD5
4f7a9e20b9ad3e830485d6a846dd00c1

SHA1
0d4eb198d772d04c89a336439ce1a4800b92e1eb

SHA256
c46130adc7272369cdbcb28be4bf468bc8c7396ccbb9a3d93bbe60454b9f5fff

SHA512
c72c7647bfb1a6ea7a9599d9546338e13c5232da08ddc3a8372012f5b2d758c2477310695e7509b026a8731102db38ab80529a29e699fc2188f2b47812ed046b

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

Filesize
1.8MB

MD5
2a72a5209f5e41acb3aaf782b1bb0829

SHA1
fe67145968d9311a8f57484942cba3907c9a8004

SHA256
25fbbf49036684f3483cd9a8dc5b421464020cfdb0c3535b5e2f1c2698decebc

SHA512
75b9000b6b5a678c0961f470e0a6357f2a21fa789657331accf960f52140c4791c8f1c74d5441d8c9012606bb1bdeb36b41824a0a2a92c6870261df500caacee

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\background.gif

Filesize
1.1MB

MD5
614c451436d08f584b631455ae01932b

SHA1
f343b42ad4729d575daac5af1344313959428454

SHA256
551f8f156eb712054202701c980958fb533fa9cba9df9b22e6644c9f5189f244

SHA512
8365bf161791e1dc4b24f9fe27871bb0396c39c333befe591c5a723971bb15ef140be2af8469d92d1037e79f50ae4a6a255c7c6559b35fb140d751c07bd1a51c

Download Submit
C:\Users\Admin\AppData\Local\SquirrelTemp\setupIcon.ico

Filesize
132KB

MD5
4fe78278c727ca838a6b0a8b5d2fc924

SHA1
7eba94ab9295e387f43fba20fcb79bc3db1dde64

SHA256
af8a663dc9f9407b1a0582c835317f62c0f3fc1fbe542e1df0f9ef39e913ba45

SHA512
ce381dbbd80e0ccbd0e9a5b1d7c070f0bf3bd52d71ae9cd87254cad2c41b61871392595f7bffb23f215f8fabdc2fba64758eb5d1e6b97da99fe4149db54123c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_jphhtgv1.rkw.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Roaming\Medal\Network\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Roaming\Medal\Network\Network Persistent State~RFe57cddf.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Roaming\Medal\store\store.json

Filesize
55B

MD5
8905a3ea96ba9d3243067930fb24a3f6

SHA1
7af15cee655f5954c995fcc41b9fb0d2d4ce1c39

SHA256
9f23ff064d7030cc3e16c27ead96fb87be9604db34a10d89c0b1aeb0a6f712e9

SHA512
e79d307c037795875e98db1469cd76ddd9dd99a2e01577f0cd99a1edc2f9c37131e2fd5f7e8172cf381d3cb5f9a3be7f451fa4669b9a07ecb520e8c21b91cdbf

Download Submit
C:\Users\Admin\AppData\Roaming\Medal\store\store.json.3215249002

Filesize
115B

MD5
136bf6fde8bb1d07131bdd04c824901a

SHA1
77d5298925fa0e8e70e8385298203a09cb041369

SHA256
7a1cba8df9fa1c9a6953e11bb3652133d65e0687f6f8ce142c5c12ef10d7c5d6

SHA512
30c9357dfbd3f3d6e2e6136c08a8c17bdadbec0732a6d3a0d491d524bbdbb1de18f76f1634ca52fad15ea594ed19cce5c841645b3ea6fee4ef2a55147f84d7a2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

Filesize
6KB

MD5
98a64ba10c476ac0866c0000766ff749

SHA1
9f87a0e3467f445eda884bdb467d7b850ebf5028

SHA256
e5f9d82a8db21935ae331c81b4c991db8fb59ec4793fc2ac89634f5f121eb85e

SHA512
6eafd857c4e3509ee403176da90dc50edde003093de434088ae3866085b8184f08af9c5d23809aca5d9496847167cb868d1988234a0fde488e54b24bbc5fc343

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

Filesize
6KB

MD5
c59af4d4cce0da814a15f1ac21ad9ae3

SHA1
53e72c827f461937f95a88e2b915f5ceb8d52b71

SHA256
47a69559cb1bd176ab378ac1fed79122cb53fa6cae528288b3a2b6f07f8f05b1

SHA512
fea0b7996375707b7f0ece7d979481214bc92bf8e3fe5be88f0f4e47dabf292cbcee30513ee195ac84b1b8e3399151f845f95fed563c7f07347f5efee855560b

Download Submit
memory/2356-4334-0x0000000002EB0000-0x0000000002ED0000-memory.dmp

Filesize
128KB

Download
memory/3496-4256-0x00007FFD08270000-0x00007FFD08271000-memory.dmp

Filesize
4KB

Download
memory/4196-9-0x0000000000250000-0x0000000000426000-memory.dmp

Filesize
1.8MB

Download
memory/4196-1663-0x000000001FA30000-0x000000001FA68000-memory.dmp

Filesize
224KB

Download
memory/4196-1667-0x000000001FA00000-0x000000001FA0E000-memory.dmp

Filesize
56KB

Download
memory/4648-4215-0x000002290B590000-0x000002290B5B2000-memory.dmp

Filesize
136KB

Download
memory/12192-4156-0x0000000000AC0000-0x0000000000CB6000-memory.dmp

Filesize
2.0MB

Download