a1941786149857faebfd4f2731022d8af6aaa984b981bffd40bd123472b0beb4

Analysis

max time kernel
104s
max time network
213s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
10-07-2024 01:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Battly-Launcher-Windows.exe
Size

183.1MB
MD5

777dae8f41c5c9ba97b798fcd52612de
SHA1

03ec3ee7b1e1a47dc8b0e7f5f980ebd7071c469b
SHA256

a1941786149857faebfd4f2731022d8af6aaa984b981bffd40bd123472b0beb4
SHA512

792ccba986338f3a3d5475d615fa276a73c52eb483484ee2fda16a143f1100afdfd0dea2bb309bfba54202e07707df7bb025677f6477bf44ddb8f2282093f592
SSDEEP

3145728:qJcuNt6i+X0MdTUPo+YFawtU4odz5zA436E7IkGl0BkChNw5+VTmms+B6Q8k:ScuN7+QYFjmPz5zAJ0wahNw5+VTTs+Bl

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2868	Battly Launcher.exe

Loads dropped DLL 5 IoCs

pid	Process
1756	Battly-Launcher-Windows.exe
1756	Battly-Launcher-Windows.exe
1756	Battly-Launcher-Windows.exe
1756	Battly-Launcher-Windows.exe
2868	Battly Launcher.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1672	chrome.exe
1672	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	1912	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1912	AUDIODG.EXE
Token: 33	1912	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1912	AUDIODG.EXE
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe
Token: SeShutdownPrivilege	1672	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe
1672	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1756 wrote to memory of 2868	1756	Battly-Launcher-Windows.exe	29
PID 1756 wrote to memory of 2868	1756	Battly-Launcher-Windows.exe	29
PID 1756 wrote to memory of 2868	1756	Battly-Launcher-Windows.exe	29
PID 1756 wrote to memory of 2868	1756	Battly-Launcher-Windows.exe	29
PID 1672 wrote to memory of 2928	1672	chrome.exe	35
PID 1672 wrote to memory of 2928	1672	chrome.exe	35
PID 1672 wrote to memory of 2928	1672	chrome.exe	35
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2200	1672	chrome.exe	37
PID 1672 wrote to memory of 2384	1672	chrome.exe	38
PID 1672 wrote to memory of 2384	1672	chrome.exe	38
PID 1672 wrote to memory of 2384	1672	chrome.exe	38
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39
PID 1672 wrote to memory of 2824	1672	chrome.exe	39

C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe
"C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1756
- C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe
  "C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2868

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2680

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4fc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5429758,0x7fef5429768,0x7fef5429778
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:2
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:8
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1604 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2244 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1376 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:2
  2⤵
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2364 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3644 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:8
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1948 --field-trial-handle=1316,i,4880537549887058856,8393829763373139728,131072 /prefetch:1
  2⤵
  PID:3804

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2012

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:3584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1e0dc448cb62610da9432741833c5690

SHA1
3aed3001f5ec21b95e7ead63077b6f5b392f3ad9

SHA256
3ab6ada0a7dca81362acf55c4cac7f7baa3be8312c37ae7c98901936b94095f2

SHA512
3aa0dfc5cb9535c21a8dbc655c2b0607d4580af236f7c2b363aaa8a9bc5a8503a663b844e92c49cfa2f110b5cf9382c32cf6e23112043502a1c2e5939f2b54d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
618b4ab511da1821b48c651b9fe2ba16

SHA1
47a7dc865e6aefbb939fce2a7295271cc3027653

SHA256
ddd9ebba32dd0b8834f405f1c0ec47525016c6354123b7b026c9fb11cbae74aa

SHA512
674eeb854ab5f93583c7192c09fa8c0401b7b2cc29812c31d0dbb216af82f98b6df4f150fcd9022b94b4f909338719467d96dfc843300803568e11a5b596c70c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
29355945d4a7734617352e4e5e54d3f7

SHA1
039fe2dd051b928337448a41197efbc5bd387065

SHA256
119b4fa2735382cb2e7e95c3e9ace5323d2484e6c748c65895d4a93d110e8f51

SHA512
bd7f08b1eca43959aeada7e68e7fd98eebb387d628fada08736981fa16baa0f3db43127524abe6a1cc258fdb42b8ef2ffd644f2d6375005983978bc33ba2ef86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
109839a83a7acfe490b94a4e454b818d

SHA1
0aedb314d4c72e6e6aa8c91457214e9c412297ce

SHA256
e9117f09f98a96d3c0d728a9a1f368aa468871ae8207a0c8853a2558f1ea3083

SHA512
97085f77f05b5b2da4b438706bfa29c7ce2529d9bed6f53f053a16174ca9dabbf5a0099a05c29f66e902492c0d7bb1a9048fa030e2ba4e64335ada1e97bd7902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
cd5d23b45677679fee60e9cb4c3bf83d

SHA1
040f69f52ddcd413948f353a139ef63e0012db04

SHA256
2fede5a4a76051044ae07119c220fd748eca54b89078fa13d48ed5f05a932fb7

SHA512
31a0a9b6c89a36c3def30ec9ec21e7770c5ac5622122205aded41fa6d19308f0d5d92b1fdb6f80e80909070cd4443c110e5085bb836b2e9f8746aa520778dc96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\ffmpeg.dll

Filesize
2.7MB

MD5
bf09deeeb497aeddaf6194e695776b8b

SHA1
e7d8719d6d0664b8746581b88eb03a486f588844

SHA256
450d5e6a11dc31dc6e1a7af472cd08b7e7a78976b1f0aa1c62055a0a720f5080

SHA512
38d3cac922634df85ddfd8d070b38cf4973bba8f37d3246453377f30165cc4377b4e67c4e0bca0ffe3c3fa0e024b23a31ec009e16d0ab3042593b5a6e164669f

Download Submit
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ansi-styles\license

Filesize
1KB

MD5
915042b5df33c31a6db2b37eadaa00e3

SHA1
5aaf48196ddd4d007a3067aa7f30303ca8e4b29c

SHA256
48da2f39e100d4085767e94966b43f4fa95ff6a0698fba57ed460914e35f94a0

SHA512
9c8b2def76ae5ffe4d636166bf9635d7abd69cdac4bf819a2145f7969646d39ae95c96364bc117f9fa544b98518c294233455d4f665af430c75d70798dd4ab13

Download Submit
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\async\inject.js

Filesize
4KB

MD5
724bb52915e1158b4dff6f26ef4baf72

SHA1
ad0aa6a0ac5576433051167524923e6aa794c96a

SHA256
f1e4594194164d2504946c85c8e983346b25f9be8239178defec27e912b56c21

SHA512
657c3dec82c5c6c34accdbc9d96e2be59a592e60241960810f10a662f5305c21dcef8cf006fcdefb0d48d30ccdd30d9dd6c263c089a88591f18a83a2f390eaaa

Download Submit
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\js\index-es.js

Filesize
33KB

MD5
ca5f26a1bca7d0379bc07aa2196b9ae1

SHA1
384fd58e544cdc1d246e0b5077ebc1fc8e77800e

SHA256
7b84738f06f865a0bc533041e12acc8e2c651f153b8df96ca0a43956dddf20f9

SHA512
ef19bb165a47de0625499919db32788f7ee8ba563210f525fa7db074b8521345a6e0bc35cf2d51daab7fcc9441dfbb8623f19b34b4ce3fcdd6f65c6173bdab35

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsk781.tmp\splash.bmp

Filesize
411KB

MD5
53b029ccb83951c0f232fbcde874b403

SHA1
c6c57b8b7eac7c0f3b7ecff5d4b2a4c1de4d326f

SHA256
4a3a74bcc1da624c51860bf3dc2333230cad7c961414e015a987e204f6447461

SHA512
514d3e5e925ec16db2ab89d71b34c95ea76f5679dfc4fc2e759c0e982d08660b5ca9a76bbc814ed3335b461ac9e1bf82de2b88dc988f4378e3a974cd59485acb

Download Submit
\Users\Admin\AppData\Local\Temp\nsk781.tmp\BgImage.dll

Filesize
7KB

MD5
487368e6fce9ab9c5ea053af0990c5ef

SHA1
b538e37c87d4b9a7645dcbbd9e93025a31849702

SHA256
e27efa5dfde875bd6b826fafb4c7698db6b6e30e68715a1c03eb018e3170fc04

SHA512
bb3ed4c0d17a11365b72653112b48c8c63ab10590dda3dfd90aa453f0d64203000e4571c73998063352240e1671d14da5ee394439899aaa31054fa2e9b722ea7

Download Submit
\Users\Admin\AppData\Local\Temp\nsk781.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
\Users\Admin\AppData\Local\Temp\nsk781.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit