Overview

overview

9

Static

static

7

Tidal Installer.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    48s
  • max time network
    50s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240708-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240708-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2024, 18:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tidal Installer.exe

  • Size

    3.3MB

  • MD5

    928c096b170bbcfd789c2268bbcab9b4

  • SHA1

    0ef18c6ba24139b948dc8edfa1e58355eca1134f

  • SHA256

    b172ceb8fabfc98c6384540a45beb3dbc05d6a85fdf86e1878079c77ff3be80b

  • SHA512

    9f68618103ad9cd1a79c9816be945783c61f9744c01156f384aa73cfe62552fca080f806db0de04ea74d2e0b05a06c50382de14530442e7630c08c3d48a94117

  • SSDEEP

    98304:vRm0mz8HH3Uh8Lk8W2Zs2blQCccENb+Y7anx:ZTC8kck72BQDcib+Y7

Score
9/10
evasionthemidatrojan

Malware Config

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 2 IoCs
    evasion
  • Checks BIOS information in registry 2 TTPs 4 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 7 IoCs
  • Themida packer 5 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Checks whether UAC is enabled 1 TTPs 2 IoCs
    evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Tidal Installer.exe
    "C:\Users\Admin\AppData\Local\Temp\Tidal Installer.exe"
    1⤵
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)
    • Checks BIOS information in registry
    • Checks computer location settings
    • Checks whether UAC is enabled
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Users\Admin\AppData\Local\Temp\Tidal.exe
      "C:\Users\Admin\AppData\Local\Temp\Tidal.exe"
      2⤵
      • Identifies VirtualBox via ACPI registry values (likely anti-VM)
      • Checks BIOS information in registry
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks whether UAC is enabled
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:4492
      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Tidal.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=4492.3576.6269798764324403650
        3⤵
        • Enumerates system info in registry
        • Modifies data under HKEY_USERS
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of WriteProcessMemory
        PID:468
        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=126.0.2592.87 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ff831630148,0x7ff831630154,0x7ff831630160
          4⤵
            PID:2208
          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView" --webview-exe-name=Tidal.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1672,i,14936222718913782895,18068739310411490234,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1692 /prefetch:2
            4⤵
              PID:4524
            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView" --webview-exe-name=Tidal.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=2000,i,14936222718913782895,18068739310411490234,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2012 /prefetch:3
              4⤵
                PID:748
              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView" --webview-exe-name=Tidal.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=1696,i,14936222718913782895,18068739310411490234,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2292 /prefetch:8
                4⤵
                  PID:3100
                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe
                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView" --webview-exe-name=Tidal.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3708,i,14936222718913782895,18068739310411490234,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:1
                  4⤵
                    PID:4200

            Network

            • flag-us
              DNS
              73.159.190.20.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              73.159.190.20.in-addr.arpa
              IN PTR
              Response
            • flag-us
              DNS
              43.58.199.20.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              43.58.199.20.in-addr.arpa
              IN PTR
              Response
            • flag-us
              DNS
              github.com
              Tidal Installer.exe
              Remote address:
              8.8.8.8:53
              Request
              github.com
              IN A
              Response
              github.com
              IN A
              20.26.156.215
            • flag-gb
              GET
              https://github.com/httpspy/wfdwdfawdawda/releases/download/dwadwadwadwa/Tidal.zip
              Tidal Installer.exe
              Remote address:
              20.26.156.215:443
              Request
              GET /httpspy/wfdwdfawdawda/releases/download/dwadwadwadwa/Tidal.zip HTTP/1.1
              Host: github.com
              Connection: Keep-Alive
              Response
              HTTP/1.1 302 Found
              Server: GitHub.com
              Date: Mon, 08 Jul 2024 18:03:42 GMT
              Content-Type: text/html; charset=utf-8
              Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
              Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/825510601/902a4ef9-e8d3-48f1-984f-ca29aa1e4f17?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240708%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T180342Z&X-Amz-Expires=300&X-Amz-Signature=a6e3448e2837e4d523312b65df45d4ba205858ccdbd85c58eaae178071d5234b&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=825510601&response-content-disposition=attachment%3B%20filename%3DTidal.zip&response-content-type=application%2Foctet-stream
              Cache-Control: no-cache
              Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
              X-Frame-Options: deny
              X-Content-Type-Options: nosniff
              X-XSS-Protection: 0
              Referrer-Policy: no-referrer-when-downgrade
              Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
              Content-Length: 0
              X-GitHub-Request-Id: E6EE:248392:1BDF27A:1F75EDD:668C29FD
            • flag-us
              DNS
              objects.githubusercontent.com
              Tidal Installer.exe
              Remote address:
              8.8.8.8:53
              Request
              objects.githubusercontent.com
              IN A
              Response
              objects.githubusercontent.com
              IN A
              185.199.110.133
              objects.githubusercontent.com
              IN A
              185.199.109.133
              objects.githubusercontent.com
              IN A
              185.199.111.133
              objects.githubusercontent.com
              IN A
              185.199.108.133
            • flag-us
              GET
              https://objects.githubusercontent.com/github-production-release-asset-2e65be/825510601/902a4ef9-e8d3-48f1-984f-ca29aa1e4f17?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240708%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T180342Z&X-Amz-Expires=300&X-Amz-Signature=a6e3448e2837e4d523312b65df45d4ba205858ccdbd85c58eaae178071d5234b&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=825510601&response-content-disposition=attachment%3B%20filename%3DTidal.zip&response-content-type=application%2Foctet-stream
              Tidal Installer.exe
              Remote address:
              185.199.110.133:443
              Request
              GET /github-production-release-asset-2e65be/825510601/902a4ef9-e8d3-48f1-984f-ca29aa1e4f17?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240708%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T180342Z&X-Amz-Expires=300&X-Amz-Signature=a6e3448e2837e4d523312b65df45d4ba205858ccdbd85c58eaae178071d5234b&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=825510601&response-content-disposition=attachment%3B%20filename%3DTidal.zip&response-content-type=application%2Foctet-stream HTTP/1.1
              Host: objects.githubusercontent.com
              Connection: Keep-Alive
              Response
              HTTP/1.1 200 OK
              Connection: keep-alive
              Content-Length: 15296656
              Content-Type: application/octet-stream
              Last-Modified: Mon, 08 Jul 2024 14:18:42 GMT
              ETag: "0x8DC9F58DF064369"
              Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
              x-ms-request-id: 1b0eee62-d01e-004b-1f41-d11d06000000
              x-ms-version: 2020-10-02
              x-ms-creation-time: Mon, 08 Jul 2024 14:18:42 GMT
              x-ms-lease-status: unlocked
              x-ms-lease-state: available
              x-ms-blob-type: BlockBlob
              Content-Disposition: attachment; filename=Tidal.zip
              x-ms-server-encrypted: true
              Via: 1.1 varnish, 1.1 varnish
              Accept-Ranges: bytes
              Age: 1774
              Date: Mon, 08 Jul 2024 18:03:42 GMT
              X-Served-By: cache-iad-kjyo7100025-IAD, cache-lcy-eglc8600091-LCY
              X-Cache: HIT, HIT
              X-Cache-Hits: 17, 0
              X-Timer: S1720461822.417260,VS0,VE311
            • flag-us
              DNS
              133.110.199.185.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              133.110.199.185.in-addr.arpa
              IN PTR
              Response
              133.110.199.185.in-addr.arpa
              IN PTR
              cdn-185-199-110-133githubcom
            • flag-us
              DNS
              215.156.26.20.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              215.156.26.20.in-addr.arpa
              IN PTR
              Response
            • flag-us
              DNS
              raw.githubusercontent.com
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              raw.githubusercontent.com
              IN A
              Response
              raw.githubusercontent.com
              IN A
              185.199.109.133
              raw.githubusercontent.com
              IN A
              185.199.111.133
              raw.githubusercontent.com
              IN A
              185.199.110.133
              raw.githubusercontent.com
              IN A
              185.199.108.133
            • flag-us
              DNS
              raw.githubusercontent.com
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              raw.githubusercontent.com
              IN Unknown
              Response
            • flag-us
              DNS
              133.109.199.185.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              133.109.199.185.in-addr.arpa
              IN PTR
              Response
              133.109.199.185.in-addr.arpa
              IN PTR
              cdn-185-199-109-133githubcom
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN A
              Response
              dns.google
              IN A
              8.8.4.4
              dns.google
              IN A
              8.8.8.8
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN Unknown
              Response
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN A
              Response
              dns.google
              IN A
              8.8.8.8
              dns.google
              IN A
              8.8.4.4
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN Unknown
              Response
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN A
              Response
              dns.google
              IN A
              8.8.8.8
              dns.google
              IN A
              8.8.4.4
            • flag-us
              DNS
              dns.google
              msedgewebview2.exe
              Remote address:
              8.8.8.8:53
              Request
              dns.google
              IN Unknown
              Response
            • flag-us
              DNS
              4.4.8.8.in-addr.arpa
              Remote address:
              8.8.8.8:53
              Request
              4.4.8.8.in-addr.arpa
              IN PTR
              Response
              4.4.8.8.in-addr.arpa
              IN PTR
              dnsgoogle
            • 20.26.156.215:443
              https://github.com/httpspy/wfdwdfawdawda/releases/download/dwadwadwadwa/Tidal.zip
              tls, http
              Tidal Installer.exe
              818 B
               8.0kB
               9
              12

              HTTP Request

              GET https://github.com/httpspy/wfdwdfawdawda/releases/download/dwadwadwadwa/Tidal.zip

              HTTP Response

              302
            • 185.199.110.133:443
              https://objects.githubusercontent.com/github-production-release-asset-2e65be/825510601/902a4ef9-e8d3-48f1-984f-ca29aa1e4f17?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240708%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T180342Z&X-Amz-Expires=300&X-Amz-Signature=a6e3448e2837e4d523312b65df45d4ba205858ccdbd85c58eaae178071d5234b&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=825510601&response-content-disposition=attachment%3B%20filename%3DTidal.zip&response-content-type=application%2Foctet-stream
              tls, http
              Tidal Installer.exe
              283.4kB
               15.8MB
               5920
              11307

              HTTP Request

              GET https://objects.githubusercontent.com/github-production-release-asset-2e65be/825510601/902a4ef9-e8d3-48f1-984f-ca29aa1e4f17?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240708%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240708T180342Z&X-Amz-Expires=300&X-Amz-Signature=a6e3448e2837e4d523312b65df45d4ba205858ccdbd85c58eaae178071d5234b&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=825510601&response-content-disposition=attachment%3B%20filename%3DTidal.zip&response-content-type=application%2Foctet-stream

              HTTP Response

              200
            • 185.199.109.133:443
              raw.githubusercontent.com
              tls
              msedgewebview2.exe
              3.1kB
               5.4kB
               14
              16
            • 8.8.8.8:443
              dns.google
              tls
              msedgewebview2.exe
              2.8kB
               8.0kB
               14
              16
            • 8.8.4.4:443
              dns.google
              tls
              msedgewebview2.exe
              2.9kB
               8.0kB
               14
              17
            • 8.8.8.8:443
              dns.google
              tls
              msedgewebview2.exe
              2.9kB
               8.0kB
               14
              16
            • 8.8.8.8:53
              73.159.190.20.in-addr.arpa
              dns
              72 B
               158 B
               1
              1

              DNS Request

              73.159.190.20.in-addr.arpa

            • 8.8.8.8:53
              43.58.199.20.in-addr.arpa
              dns
              71 B
               157 B
               1
              1

              DNS Request

              43.58.199.20.in-addr.arpa

            • 8.8.8.8:53
              github.com
              dns
              Tidal Installer.exe
              56 B
               72 B
               1
              1

              DNS Request

              github.com

              DNS Response

              20.26.156.215

            • 8.8.8.8:53
              objects.githubusercontent.com
              dns
              Tidal Installer.exe
              75 B
               139 B
               1
              1

              DNS Request

              objects.githubusercontent.com

              DNS Response

              185.199.110.133
              185.199.109.133
              185.199.111.133
              185.199.108.133

            • 8.8.8.8:53
              133.110.199.185.in-addr.arpa
              dns
              74 B
               118 B
               1
              1

              DNS Request

              133.110.199.185.in-addr.arpa

            • 8.8.8.8:53
              215.156.26.20.in-addr.arpa
              dns
              72 B
               158 B
               1
              1

              DNS Request

              215.156.26.20.in-addr.arpa

            • 8.8.8.8:53
              raw.githubusercontent.com
              dns
              msedgewebview2.exe
              71 B
               135 B
               1
              1

              DNS Request

              raw.githubusercontent.com

              DNS Response

              185.199.109.133
              185.199.111.133
              185.199.110.133
              185.199.108.133

            • 8.8.8.8:53
              raw.githubusercontent.com
              dns
              msedgewebview2.exe
              71 B
               136 B
               1
              1

              DNS Request

              raw.githubusercontent.com

            • 8.8.8.8:53
              133.109.199.185.in-addr.arpa
              dns
              74 B
               118 B
               1
              1

              DNS Request

              133.109.199.185.in-addr.arpa

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               88 B
               1
              1

              DNS Request

              dns.google

              DNS Response

              8.8.4.4
              8.8.8.8

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               132 B
               1
              1

              DNS Request

              dns.google

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               88 B
               1
              1

              DNS Request

              dns.google

              DNS Response

              8.8.8.8
              8.8.4.4

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               132 B
               1
              1

              DNS Request

              dns.google

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               88 B
               1
              1

              DNS Request

              dns.google

              DNS Response

              8.8.8.8
              8.8.4.4

            • 8.8.8.8:53
              dns.google
              dns
              msedgewebview2.exe
              56 B
               132 B
               1
              1

              DNS Request

              dns.google

            • 8.8.8.8:53
              4.4.8.8.in-addr.arpa
              dns
              66 B
               90 B
               1
              1

              DNS Request

              4.4.8.8.in-addr.arpa

            MITRE ATT&CK Enterprise v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
              Filesize

              2KB

              MD5

              4bc4e96f90d0e4670755a4f1b7f81cbb

              SHA1

              353861783e3b0554b9c6fc5646e44fa223dc74bf

              SHA256

              95be3d830995480c3e7fd8e0f7166f13525d80442916a555ee2cec99c647c77f

              SHA512

              610f1a4b42b5ee7958c01322258a8e99761a5b05a4e7980d9b93cd8206ef84efb56556f97a3fd377eb0ce14545a8a24d563d0b09c6a74ff773fec7d86e1952a9

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\FontAwesome.WPF.dll
              Filesize

              204KB

              MD5

              2ace85429eee9e8320c82d878e5562b4

              SHA1

              77ed8b89210930d1de2495ba363519b696d0b6e2

              SHA256

              63d50dbe094bbce5d7bf8af08c0d919cfa5e057ca05ae7b27704a8477c8b348f

              SHA512

              7ce3467d1469acdb544f4f42864d94c5ae0ada252c5f096329e16d4b571fc1800bd572e52cfe902ee5d4b91d59a1a4182b07f40b7a4dfe54e338ca46684af989

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Microsoft.Web.WebView2.Core.dll
              Filesize

              557KB

              MD5

              b037ca44fd19b8eedb6d5b9de3e48469

              SHA1

              1f328389c62cf673b3de97e1869c139d2543494e

              SHA256

              11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197

              SHA512

              fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Microsoft.Web.WebView2.Wpf.dll
              Filesize

              50KB

              MD5

              e107c88a6fc54cc3ceb4d85768374074

              SHA1

              a8d89ae75880f4fca7d7167fae23ac0d95e3d5f6

              SHA256

              8f821f0c818f8d817b82f76c25f90fde9fb73ff1ae99c3df3eaf2b955653c9c8

              SHA512

              b39e07b0c614a0fa88afb1f3b0d9bb9ba9c932e2b30899002008220ccf1acb0f018d5414aee64d92222c2c39f3ffe2c0ad2d9962d23aaa4bf5750c12c7f3e6fe

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe
              Filesize

              3.4MB

              MD5

              0c5fb1991da858c0a7e85bb606946753

              SHA1

              09cf4f943275442d3e2af7fb7a57a9282f1068ab

              SHA256

              a31d73cdfa871c4e76beed15dd67906859259fa5bfb6f0c571c9cf7640c13376

              SHA512

              d377be0f3e00ee266fd74ca469674212567f80dec1aea28548e940d960f3d9b2322a828a2eb14a173d79b4b2aa6552d0ec96bd3a4850394ff67b71a15132fbdf

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\6ef4e0d9-9fae-474d-9275-0807890007b7.tmp
              Filesize

              23KB

              MD5

              c36e1282653635ebf6a5f353858404df

              SHA1

              005e05df94915ff781b7c2c91bbc1011dc931cfb

              SHA256

              cd7a449bb8bce6f590318545f8e96e27658e16638294f9f1ca518e2fe5e99b49

              SHA512

              7f0c5d7ad7cdc48f739f8f50232fc0727bbd96c482edde3ca20bcd47a000c9fe68ba54a20a7e5e90eff8fd993613312af82d0df0bd28f8bed008fe605d3ed92a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Crashpad\settings.dat
              Filesize

              280B

              MD5

              7695ccc3a65ce1a87b8c8d1f219aebdf

              SHA1

              55cf0315de568ae0c82c70a6e250e09eb92e1cb2

              SHA256

              050fd792cec5a00f99398063c5315c2ec5a2346f98884ea5c605522cfb517b8e

              SHA512

              42a29e466b6603484362733ca8065a241553d2e9a3e910752adb11165744ad57a5e707fae74d14e2eaefdbc1c946193ac12d80e33db4823bc46d4418d2824a30

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Crashpad\settings.dat
              Filesize

              280B

              MD5

              c2259798e9c785f50f1d985e41688802

              SHA1

              86fc5dfde6d95281f6bfbdfa8212c81c10254920

              SHA256

              2a98994b6344746130c84e3463f99840a4647dcb3493db69c5a5845ce950884c

              SHA512

              b743259ab4c02c5dfd7a2bc6abcbd79888c92c50fa0c366866b77c85fba7ca44b9882cfbbb26f944d863a526090557dff02d0148831b63c0c39753ea13d0e3aa

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Crashpad\throttle_store.dat
              Filesize

              20B

              MD5

              9e4e94633b73f4a7680240a0ffd6cd2c

              SHA1

              e68e02453ce22736169a56fdb59043d33668368f

              SHA256

              41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

              SHA512

              193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Cache\Cache_Data\data_0
              Filesize

              44KB

              MD5

              520becaabe67b083f9309b960195aeed

              SHA1

              175cbbd1645f3cb8a81b5455a810650ab68eebc6

              SHA256

              de3c45fe30291227be3c6f4aab163fefe20a33e932756d2766f2a356e25c2534

              SHA512

              8e2fd59e71b89278aa963f9b3133b744364b3db6c1a5a678be14102f6bf6aad17e7c21fb596015140bc68a84228096a948ff0ce05223b98f6abc471d7d139d92

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Cache\Cache_Data\data_1
              Filesize

              264KB

              MD5

              3ff54f983c315b22db47cd44f4a37e25

              SHA1

              83e034f46d471aaec1485ded5bc6b5ebeb3f7183

              SHA256

              7153d7b290f0a4475d0411fc819ac08c6869264efb93f92526d9f8b96686b515

              SHA512

              8d564189d608970f439e671c6ce98f8cb920013da70d13d73d0193e0ec3b4d6dc812e0dcf2e6a78f34d253adb62b84815111fcf7dfe62660727d29a2cd95173f

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Cache\Cache_Data\data_2
              Filesize

              1.0MB

              MD5

              6415d21f8f97c407323fbc99039955d1

              SHA1

              7c637a92c807a43166ba24f05da36327cb543629

              SHA256

              71437e8d8f9f929210b6686c1e3f9ddcb061d24bf83ee14e3615b45c0144f53a

              SHA512

              6cb6fbadf3613711001b6b5e5afece320aaff084538230f3add734854e8481eda2bebf6a253bdc22722cc1b6b7c04447a5699bd54b82aadf7c84bf575b1586c0

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Cache\Cache_Data\data_3
              Filesize

              4.0MB

              MD5

              23ebad8cff3e5015ecd13ac09bc7879c

              SHA1

              7b650237f5d100054271eec6edd7cbc1984ba020

              SHA256

              7b96ebf214f4d8cce94c0868be9df2426dc7bdae87a4432d464822a2d478ca7a

              SHA512

              ff14cebc3655e985dc73cd490c50fede419454fa3a2946eae2a169a3de21d16216f378564010b5514af698490b23d7a2338854ad2f0df91b83aff5ad918ccd02

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Cache\Cache_Data\index
              Filesize

              512KB

              MD5

              b3a2fb10236a93d4e03591fb89423d47

              SHA1

              0d3e716fa18923960f033546f6a6940d72e0a201

              SHA256

              65ca1ba239b1c11ff39cbc928eabf51b897ee5a515a141679632335217f7e5b8

              SHA512

              7cb36049470caeb1ce441f73dcec289345ac6b8ced550be7c34e237956b7666132d794c854bba029d9191cea780651f9e31c150a66869511b4b4d30caabce3f9

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index
              Filesize

              48B

              MD5

              a6d2bdbe51d75f9f2cdced4afa05a7c5

              SHA1

              f5561943a429d84f0aee3b994a584f17705d65a2

              SHA256

              81385b2b5891beff9a789fab84eeff2f0ae6a06e3b5291276118133f854e390a

              SHA512

              87a2156abe9b958a5971c39f890a7985cf59231c7b6c05060f2798da0e2121eecd266e51da0e107fa0e90c0d7f41d10fdf614599092e9253feb4de0aa9400f07

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Extension Rules\LOG
              Filesize

              366B

              MD5

              081e1e050cc38a6202ba21edd2251bf7

              SHA1

              4bd46a598fa40f63a904dafe035abcc93d7835dd

              SHA256

              ed2cd724ccdbf7e79adf1c2bcf1028e42726d2c4183c703a3dc0759358399fe9

              SHA512

              d383bfecc99b77d338785e739fc313c538739deaaf7adcd3c6073c2dfc09c68324cf346e16dd1f95edde4c32f31eadb3732ca83aba1c3b7615b9dc1a6cf76fc3

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Extension Rules\LOG.old
              Filesize

              319B

              MD5

              53d79699b1af1c0e60b89073f46d8794

              SHA1

              fdb323c5080b57d7a105f4629485464f5562c6e2

              SHA256

              e6380e6ad9637a92ef5ce6dc9f9d98c39746a53d3b989f22a25af976c57cb103

              SHA512

              9a0a446c383f36025f5d4856e3b571f0fd789fc169bc42d0d2c8ab8e0a2dafc90809d3b02ffd3a32aa9983a41bbe196648f1f3bbdf1cd408872c0a2173e5d84a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Extension State\CURRENT
              Filesize

              16B

              MD5

              46295cac801e5d4857d09837238a6394

              SHA1

              44e0fa1b517dbf802b18faf0785eeea6ac51594b

              SHA256

              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

              SHA512

              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001
              Filesize

              41B

              MD5

              5af87dfd673ba2115e2fcf5cfdb727ab

              SHA1

              d5b5bbf396dc291274584ef71f444f420b6056f1

              SHA256

              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

              SHA512

              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Favicons
              Filesize

              20KB

              MD5

              5cdda88f9acbfd47b1d204e1f667f718

              SHA1

              38c98603e0ffb54ec103988803240831c609c1c9

              SHA256

              513edd15673066ad238ea11267aeeeb618959b5a974197243fc6b385ef7bb329

              SHA512

              dc0a73219d9b4d978f5a91bcb7a3fe629d6f7bc6e69097d0e1531a70e98f3d8e15f73347e92d7ed21f649e831a65b9af331647888d698a65d6ef21630fc533cf

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\GPUCache\data_0
              Filesize

              8KB

              MD5

              cf89d16bb9107c631daabf0c0ee58efb

              SHA1

              3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

              SHA256

              d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

              SHA512

              8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\GPUCache\data_1
              Filesize

              264KB

              MD5

              0de49051fb6f39aadd39079abd629d1c

              SHA1

              acb23d149ae39ed67e5dcb793a967c9e06a0cbe5

              SHA256

              cd42096a3ebd99d4c1c1f2960ae2ffce83c6f357447571e4cde5753181f87eb5

              SHA512

              c443ef2d09d77f432f77e17d98cc8a3d793c06ebd00a5fbcbe7116e42cd02fdb872c4dd7cf82c39cbb62257d60117be960d6e69551ec5383d28c7b87f61e7aa3

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\GPUCache\data_2
              Filesize

              8KB

              MD5

              0962291d6d367570bee5454721c17e11

              SHA1

              59d10a893ef321a706a9255176761366115bedcb

              SHA256

              ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

              SHA512

              f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\GPUCache\data_3
              Filesize

              8KB

              MD5

              41876349cb12d6db992f1309f22df3f0

              SHA1

              5cf26b3420fc0302cd0a71e8d029739b8765be27

              SHA256

              e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

              SHA512

              e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\History
              Filesize

              164KB

              MD5

              78a47a21b0bf678f1008a9409c40d3df

              SHA1

              20c8aae484ccc851a24ce68c4e151999f16033a9

              SHA256

              352bde6b56ffd013a622146c328eea952f7006241fcde89124dd3c3c5df325cc

              SHA512

              cbee3328a1b958a3658140485655942687732f1739e52cd9d3f1eb3e053009948e4016964dc214fe7d9f9cc6f30a4ef461f8d46984375fef3b02656919c2f4b0

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\Cookies
              Filesize

              20KB

              MD5

              04d4c386aaf03e6dca3ac87334f03d3f

              SHA1

              74627631ce3bd2ba43a12aac39f232da662a32c5

              SHA256

              c130cf082fdce58c9055dba5775490ad8e41055ead5edb0b1e411330144c971d

              SHA512

              01bce1bbdf00825e19c23559ec41a0236b059cec2e891cf4729288b6275aaff62f442b4556c869bfbe17a91475f22dc98522381b2e4f3bef6d1611f7f9f9bc1a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\Network Persistent State
              Filesize

              317B

              MD5

              d9eef3866c6ce476b88b215ab4ec841f

              SHA1

              8526c00c7a693db3d845951b7631396280e25079

              SHA256

              dbdffc91b9fc2d97cae800ef4a22f044a10caa27de5f3f1dfe0b46ac77b349c5

              SHA512

              bca292f59ce60189ed1a6c461a7000683d1b1ab0242b37654691ce67e6fc78403ad30418191a9eab61ccaaefc24fb177fe46de6541bf147a870ea26e156aeeec

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\Reporting and NEL
              Filesize

              36KB

              MD5

              1a6c32252730bdad0b419bf4b88eb90d

              SHA1

              317c75a2d46395921b73a0a245210fb41de819d5

              SHA256

              cc96225efefdf5b0e1106c53c13cce9755907db6fd1986d3947f8fbeab163b61

              SHA512

              0c81beee5bf6c24c6965ca059e5cd58f63a78a6303e76364ca85f45baeacfc2c3ce847592f2fcb1719244c5e9786bf157dfe695621c76d9a2f71f675cab4e9fb

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports
              Filesize

              2B

              MD5

              d751713988987e9331980363e24189ce

              SHA1

              97d170e1550eee4afc0af065b78cda302a97674c

              SHA256

              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

              SHA512

              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\Sdch Dictionaries
              Filesize

              40B

              MD5

              20d4b8fa017a12a108c87f540836e250

              SHA1

              1ac617fac131262b6d3ce1f52f5907e31d5f6f00

              SHA256

              6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

              SHA512

              507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\TransportSecurity
              Filesize

              189B

              MD5

              c2ace2587c3a88e211c27a1b51817e70

              SHA1

              68d3e511b1f8d827623dbf4d58d2f4a0bae4e5ba

              SHA256

              b3decbd140cad43c061819b9e52eb668244d4614d206dd86073d5f097033b868

              SHA512

              3c2a99449295a510c8c4e16ed605a75803090a98c54d5f8532ff228864c015d012b9c82dfef9173420d02f693e3011ac7b5306deb1080945acfa4c14742ee7ba

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\TransportSecurity
              Filesize

              356B

              MD5

              b5448c3723ecc10808de4ffba7a83ab7

              SHA1

              578d502575c30c99b992ffd1be9bd3038605a256

              SHA256

              cbb8d0c51e0eb9f7e1eaddf2bb12fc32e954211b2dcf135e222c564515d09b33

              SHA512

              e2f25595fd251e8040d2da6407d83875da5dbaa5bd3fbba24f61af328d5d659615f335ad5ed9e422acf0f46dc8fafd6a24029c7f5f41478e4ceeb7b370be7ffe

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Network\Trust Tokens
              Filesize

              36KB

              MD5

              4a16a04fb87d12a0ebc248765fa6e456

              SHA1

              a62ee5b026beab32328f0042aaee68ea37bc3d24

              SHA256

              f456d7d7a6286cf9e8d43b6c038699005fb1d4904382d21f635af355c1be9c6c

              SHA512

              b2aa657c825da5f26b94f534ad28215ef4eccfc4670ee77eef941e600e3aa335b4f118188d8e6915682b7e41e7e02487ae9c1bfa20df7daecd4bd08399bf86a2

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Preferences
              Filesize

              8KB

              MD5

              3614c5fe66478702434e9387caa5d847

              SHA1

              8faf2dea87c024e537183c58f6f5c9eb843afc93

              SHA256

              0d805923277e7a1f67412d61b6c6ae3193c38eae7754e594bbd4ab0d192057bd

              SHA512

              9892279c9dbd0805f1936844c605fcdb12d057953b2398b54b36d7f5c06135b3f4de439757fd795e91b9d2bbcdcd4644c8d4a187d2a8b8354b0df38a3970b1e2

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Preferences
              Filesize

              8KB

              MD5

              c4b20578bcbe4da448d542e3bdbe58fa

              SHA1

              6669a3f03aa831e533d096b6456343970e1bc79b

              SHA256

              d0a33f3bb59e94914835487619b041721551c6e5611f2ec394bc3550f33feb8a

              SHA512

              861e93dfaddd20623a8d7cf4675e90424236e33d8772b387bde2cc5dde9cc1f14e96e3b16324d939703e1ddef1c35adb0fb96c40e0aaebe84d3fce3f3fe2ebbd

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Secure Preferences
              Filesize

              6KB

              MD5

              a28c200b0b7ac49a674ebe9b6ea59d8c

              SHA1

              b2b4efdd6937f0bc2604ec4d3a088632bd484c11

              SHA256

              63929aa128c5d21e7f6e7b4320b7a46fc64252327708bac58463ea611d6d4374

              SHA512

              7d838c2afefa7e924b35ea30edbaf9a9c9842650f2638215c423fed12a0cc9718e11f28f7edcbc34e4bc6f9333f3027f06129f905cd19acbc826072246241911

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Secure Preferences
              Filesize

              6KB

              MD5

              ec7b52716e744fc721110302479bcc5c

              SHA1

              f59f0c2e130d22279d34e08811f60f5c926f8a7c

              SHA256

              2c5896857322934bf48f185ac3ffd16fef427f83ded80dbc9680c3c2aea90168

              SHA512

              21dd75adff9d975963e9679c8fcbd05f9d9b516203973b564a431e753bc328b71251164a8c9c0423547137df35d01bad79dd18696ccf5f9f52a567c22972d019

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index
              Filesize

              24B

              MD5

              54cb446f628b2ea4a5bce5769910512e

              SHA1

              c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

              SHA256

              fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

              SHA512

              8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index-dir\the-real-index
              Filesize

              48B

              MD5

              43fe6cace25d931eb60424ca59235573

              SHA1

              36a674feab93271104433036d723d33c3879546c

              SHA256

              3b7f4466fdaa26166dff3358c720a18d1cd977ea4aa6ec141137ec3a423f9d62

              SHA512

              5ba959bbaf4c0ac4d663123119ac871b1087e3ae8be8320d2a20882eef4f9f1184ce0377277bc80032fdf6019d4cef9236c4c8dcb9ed66c9347a658cd3f8ba55

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Shared Dictionary\db
              Filesize

              44KB

              MD5

              358d089087aa109e41f38ddda1ff8368

              SHA1

              42f68e8e7c6806485aab068ad2ef9d8992fe3867

              SHA256

              e1ea1994a9c238120944c0009b25c9b75c3b8acb5cc137a78cd4a8450c809130

              SHA512

              4630eba964ce1dccfbb8663f04141c91ff0a3cee399621637bdef17c696735316da23a5bf6f7235b9616005652d175e276e83c8aca5f99f9f3b4d9c713818553

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Site Characteristics Database\000003.log
              Filesize

              40B

              MD5

              148079685e25097536785f4536af014b

              SHA1

              c5ff5b1b69487a9dd4d244d11bbafa91708c1a41

              SHA256

              f096bc366a931fba656bdcd77b24af15a5f29fc53281a727c79f82c608ecfab8

              SHA512

              c2556034ea51abfbc172eb62ff11f5ac45c317f84f39d4b9e3ddbd0190da6ef7fa03fe63631b97ab806430442974a07f8e81b5f7dc52d9f2fcdc669adca8d91f

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG
              Filesize

              394B

              MD5

              991336853b6f35b97381b822ab180d4c

              SHA1

              10c180e5093460a7c733091cdb65cb7fe9ce534a

              SHA256

              aabb14e615ea5e3df85110621f971a68f5fdaa8bd0cd99d7d26b33be407ca476

              SHA512

              32b35408f0399ae37cbd3599b6a6acb668082f2c429d2a74970bd6e42f07d3685a25e201e063ee57d22cc14c892e4dd2e2fcb6e4c64f8dbd980ce60b85627b50

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG.old
              Filesize

              394B

              MD5

              018a70180b872433effb4e22e440c6c8

              SHA1

              633d35a02846381c1b75dd9d52419c0d926d8f02

              SHA256

              d5433096ca9aea2c77bab1dc284dd297bf5cc373d091a83db2d4f379cff1df88

              SHA512

              d0dccf0f406b9206aeb805ea9907a10d38f219207bd721551f481c19d1b547add97a04fe4b0c980f6089f935b15144eb43bd1ea49ca3026652b0d41f952f44b5

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\000003.log
              Filesize

              46B

              MD5

              90881c9c26f29fca29815a08ba858544

              SHA1

              06fee974987b91d82c2839a4bb12991fa99e1bdd

              SHA256

              a2ca52e34b6138624ac2dd20349cde28482143b837db40a7f0fbda023077c26a

              SHA512

              15f7f8197b4fc46c4c5c2570fb1f6dd73cb125f9ee53dfa67f5a0d944543c5347bdab5cce95e91dd6c948c9023e23c7f9d76cff990e623178c92f8d49150a625

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG
              Filesize

              370B

              MD5

              5d24db590cf2eb6c36a164d00677264f

              SHA1

              7c8a5bf5c09be4b99aed018ebbd4478ef1e0180d

              SHA256

              dbe9b951673451df1ea921cb43099c8022397b1a7c75acc0df794c6220658e69

              SHA512

              c044301d834c8c48d9386ce491fb91a5dd15094cecd79bda21e836284f5a3f6bd7f2cd66e7b7ac71be13ff7df671e4db76b6cdc31affbf00555f02572d410c38

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG.old
              Filesize

              370B

              MD5

              7e6aa48a2648bc092b1a052d9f890505

              SHA1

              db4067f88970f5443ea6011beb1850b7b5037f73

              SHA256

              79f9f1acc734f22e60a71b904c3bf25757c4b558674a6ee62e8cc69793bcda59

              SHA512

              d3455cc371cad48124c2006d00134cbbc621797f2218e3e44e1c05375e63366eed3fb96ea758a0f8373d60899b20f0752fddf25e298964fd15e328bd69bacd00

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Visited Links
              Filesize

              128KB

              MD5

              1cced2a8855c2138995485551b9f4fab

              SHA1

              06077a97f96b2b07075484bb7d999cf218c614dc

              SHA256

              54c4beca139a4897b842a0da63943a81bd194ddfe6f52745a7ed3ee6ae3dd6b0

              SHA512

              47fbcf32e39208218c8fb566dd15425eab09dad77b8460bda9140ffcc1702568e1dc6e37decc8f4973a48b48b11bf82d8fcee6afac4aa817a1a3b496170e3a18

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Default\Web Data
              Filesize

              222KB

              MD5

              7aeecd0c50a001a7df6387e8574c9189

              SHA1

              538c2158895d7855fb396253ddccfec8e3c55bd5

              SHA256

              e99f3e433e60ef44aaa1b98109e72ba06fa972de90bfccd74d55e195b6ec0e3d

              SHA512

              6646196c9727506c344324e2bbf47bf3346f6699f0da161360659847954d34f341e5494fde8f2d7804d39b824dc433ae6458f85532a1ca4dea7b5981ae087529

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Last Version
              Filesize

              13B

              MD5

              82ce47822609bd05d42b4384c1d1cf41

              SHA1

              4e10f07650d559c85c5daf939b545c8c14991a79

              SHA256

              d06634eb76ccbd67eb252ab3846e0ccf28ba98ea6c51a94ea05807278341fc14

              SHA512

              2636dd91d83d155a4f14f880ed58f2f7ad421a83c22a825767cb25f2a40189442dc2a4e55aab5cf11a691764cc6afcc0451305a6226d2596bdc256e94a1efb91

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Local State
              Filesize

              23KB

              MD5

              648f4c092ed2192a382d6ce6951439e3

              SHA1

              2ca888176f552f873bc6bb755488f449ccecc7d2

              SHA256

              37e4630228b5a475f2388ef605285d00b6d5c041e950cc38549963eac1ce4205

              SHA512

              2ce330586b3c28563273cf3777efbc6bf3341e378b18504003b5b80f125c26e73650af2a08ba07ba79ef2c60293351a2eca9ca468c0d0af51a2f643c55c1ac4a

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\ShaderCache\data_1
              Filesize

              264KB

              MD5

              bf18de61435feb21195f46dfb44916a8

              SHA1

              50967ca8f2a9c8b99142ffe8179c9dd76d5ae1e3

              SHA256

              eaf9b55afaf99971f9ec56e62f354ba0dcf2f883e7a1a2325c902b159b324199

              SHA512

              7c3d86deef1765ab92029e86235a272a7692967b3fcadcb61bb1ec0c990c38bffc057bd50822e839dd4cc83848ff027a73598f105ecb07bb33f8b7f7d0c64464

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\ShaderCache\index
              Filesize

              256KB

              MD5

              05dcdecfe66b7c87370e47c3b2fd8801

              SHA1

              f2a5e33cb00ddc30d74a5fe6d48f9ac2700bd5cf

              SHA256

              b31b701a9be1cb9e2e51bb620e64a3197ee0d9fdec90cc558029738e408d17ff

              SHA512

              10db2b31c45f0702daff5a385afe00e3e6e188f35231926e6e8aa94ac2a0df318fb67f719e51acff1455a367d31444909ee0a115aafd98483cd036a42d69ffa2

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.WebView2\EBWebView\Variations
              Filesize

              85B

              MD5

              bc6142469cd7dadf107be9ad87ea4753

              SHA1

              72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

              SHA256

              b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

              SHA512

              47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\Tidal.exe.config
              Filesize

              187B

              MD5

              15c8c4ba1aa574c0c00fd45bb9cce1ab

              SHA1

              0dad65a3d4e9080fa29c42aa485c6102d2fa8bc8

              SHA256

              f82338e8e9c746b5d95cd2ccc7bf94dd5de2b9b8982fffddf2118e475de50e15

              SHA512

              52baac63399340427b94bfdeb7a42186d5359ce439c3d775497f347089edfbf72a6637b23bb008ab55b8d4dd3b79a7b2eb7c7ef922ea23d0716d5c3536b359d4

              Download Submit

            • C:\Users\Admin\AppData\Local\Temp\runtimes\win-x86\native\WebView2Loader.dll
              Filesize

              113KB

              MD5

              9d7744e15bb8e3d005079b18979c8544

              SHA1

              7b326c96e5f3f6baaf6e9390b119a4ffb3df2c64

              SHA256

              cc2f661aac9c05646933f717e629a69be93d8d06803066289d6dc1105aac6cd2

              SHA512

              732fd17714ec5ef0afd8f17d06adc895e93bea4585b6b1dabcf95c3fbe808e7b31a19c13cccfac0b30cd425cf96926749a0373a861f55fa8db442430803f4a25

              Download Submit

            • memory/2136-802-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-671-0x0000000076420000-0x0000000076421000-memory.dmp

              Filesize

              4KB

              Download

            • memory/2136-5-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-823-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-4-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-0-0x0000000000400000-0x0000000000CC6000-memory.dmp

              Filesize

              8.8MB

              Download

            • memory/2136-15-0x000000000A2B0000-0x000000000A2E8000-memory.dmp

              Filesize

              224KB

              Download

            • memory/2136-9-0x0000000000400000-0x0000000000CC6000-memory.dmp

              Filesize

              8.8MB

              Download

            • memory/2136-1-0x0000000076420000-0x0000000076421000-memory.dmp

              Filesize

              4KB

              Download

            • memory/2136-17-0x00000000099E0000-0x00000000099EA000-memory.dmp

              Filesize

              40KB

              Download

            • memory/2136-672-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-673-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-16-0x00000000097C0000-0x00000000097CE000-memory.dmp

              Filesize

              56KB

              Download

            • memory/2136-3-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-6-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-8-0x0000000000400000-0x0000000000CC6000-memory.dmp

              Filesize

              8.8MB

              Download

            • memory/2136-2-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/2136-669-0x0000000000400000-0x0000000000CC6000-memory.dmp

              Filesize

              8.8MB

              Download

            • memory/2136-20-0x000000000AB70000-0x000000000AB82000-memory.dmp

              Filesize

              72KB

              Download

            • memory/3100-767-0x00007FF83F120000-0x00007FF83F121000-memory.dmp

              Filesize

              4KB

              Download

            • memory/3100-766-0x00007FF83FBF0000-0x00007FF83FBF1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/4200-804-0x00007FF83E060000-0x00007FF83E061000-memory.dmp

              Filesize

              4KB

              Download

            • memory/4492-685-0x00000000051F0000-0x0000000005200000-memory.dmp

              Filesize

              64KB

              Download

            • memory/4492-681-0x0000000000400000-0x0000000000CEA000-memory.dmp

              Filesize

              8.9MB

              Download

            • memory/4492-674-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4492-677-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4492-676-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4492-675-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4492-680-0x0000000000400000-0x0000000000CEA000-memory.dmp

              Filesize

              8.9MB

              Download

            • memory/4492-670-0x0000000000400000-0x0000000000CEA000-memory.dmp

              Filesize

              8.9MB

              Download

            • memory/4492-686-0x0000000005750000-0x00000000057E2000-memory.dmp

              Filesize

              584KB

              Download

            • memory/4492-690-0x0000000005AA0000-0x0000000005ADA000-memory.dmp

              Filesize

              232KB

              Download

            • memory/4492-694-0x00000000061E0000-0x0000000006270000-memory.dmp

              Filesize

              576KB

              Download

            • memory/4492-702-0x000000000AEB0000-0x000000000AEB8000-memory.dmp

              Filesize

              32KB

              Download

            • memory/4492-858-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4492-855-0x0000000000400000-0x0000000000CEA000-memory.dmp

              Filesize

              8.9MB

              Download

            • memory/4492-857-0x0000000076400000-0x00000000764F0000-memory.dmp

              Filesize

              960KB

              Download

            • memory/4524-719-0x00007FF83E060000-0x00007FF83E061000-memory.dmp

              Filesize

              4KB

              Download

            We care about your privacy.

            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.