Overview
overview
10Static
static
10Battly-Lau...ws.exe
windows7-x64
7Battly-Lau...ws.exe
windows10-2004-x64
7resources/...zip.js
windows7-x64
3resources/...zip.js
windows10-2004-x64
3resources/...der.js
windows7-x64
3resources/...der.js
windows10-2004-x64
3resources/...dex.js
windows7-x64
3resources/...dex.js
windows10-2004-x64
3resources/...der.js
windows7-x64
3resources/...der.js
windows10-2004-x64
3resources/...ter.js
windows7-x64
3resources/...ter.js
windows10-2004-x64
3resources/...dex.js
windows7-x64
3resources/...dex.js
windows10-2004-x64
3resources/...ter.js
windows7-x64
3resources/...ter.js
windows10-2004-x64
3resources/...pto.js
windows7-x64
3resources/...pto.js
windows10-2004-x64
3resources/...nts.js
windows7-x64
3resources/...nts.js
windows10-2004-x64
3resources/...ors.js
windows7-x64
3resources/...ors.js
windows10-2004-x64
3resources/...ttr.js
windows7-x64
3resources/...ttr.js
windows10-2004-x64
3resources/...tem.js
windows7-x64
3resources/...tem.js
windows10-2004-x64
3resources/...dex.js
windows7-x64
3resources/...dex.js
windows10-2004-x64
3resources/...ils.js
windows7-x64
3resources/...ils.js
windows10-2004-x64
3resources/...try.js
windows7-x64
3resources/...try.js
windows10-2004-x64
3Analysis
-
max time kernel
150s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
21-07-2024 16:28
Behavioral task
behavioral1
Sample
Battly-Launcher-Windows.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Battly-Launcher-Windows.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
resources/app/node_modules/adm-zip/adm-zip.js
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
resources/app/node_modules/adm-zip/adm-zip.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
resources/app/node_modules/adm-zip/headers/entryHeader.js
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
resources/app/node_modules/adm-zip/headers/entryHeader.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
resources/app/node_modules/adm-zip/headers/index.js
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
resources/app/node_modules/adm-zip/headers/index.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
resources/app/node_modules/adm-zip/headers/mainHeader.js
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
resources/app/node_modules/adm-zip/headers/mainHeader.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
resources/app/node_modules/adm-zip/methods/deflater.js
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
resources/app/node_modules/adm-zip/methods/deflater.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
resources/app/node_modules/adm-zip/methods/index.js
Resource
win7-20240705-en
Behavioral task
behavioral14
Sample
resources/app/node_modules/adm-zip/methods/index.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
resources/app/node_modules/adm-zip/methods/inflater.js
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
resources/app/node_modules/adm-zip/methods/inflater.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
resources/app/node_modules/adm-zip/methods/zipcrypto.js
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
resources/app/node_modules/adm-zip/methods/zipcrypto.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
resources/app/node_modules/adm-zip/util/constants.js
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
resources/app/node_modules/adm-zip/util/constants.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
resources/app/node_modules/adm-zip/util/errors.js
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
resources/app/node_modules/adm-zip/util/errors.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
resources/app/node_modules/adm-zip/util/fattr.js
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
resources/app/node_modules/adm-zip/util/fattr.js
Resource
win10v2004-20240704-en
Behavioral task
behavioral25
Sample
resources/app/node_modules/adm-zip/util/fileSystem.js
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
resources/app/node_modules/adm-zip/util/fileSystem.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral27
Sample
resources/app/node_modules/adm-zip/util/index.js
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
resources/app/node_modules/adm-zip/util/index.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
resources/app/node_modules/adm-zip/util/utils.js
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
resources/app/node_modules/adm-zip/util/utils.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral31
Sample
resources/app/node_modules/adm-zip/zipEntry.js
Resource
win7-20240705-en
Behavioral task
behavioral32
Sample
resources/app/node_modules/adm-zip/zipEntry.js
Resource
win10v2004-20240709-en
General
-
Target
Battly-Launcher-Windows.exe
-
Size
183.1MB
-
MD5
777dae8f41c5c9ba97b798fcd52612de
-
SHA1
03ec3ee7b1e1a47dc8b0e7f5f980ebd7071c469b
-
SHA256
a1941786149857faebfd4f2731022d8af6aaa984b981bffd40bd123472b0beb4
-
SHA512
792ccba986338f3a3d5475d615fa276a73c52eb483484ee2fda16a143f1100afdfd0dea2bb309bfba54202e07707df7bb025677f6477bf44ddb8f2282093f592
-
SSDEEP
3145728:qJcuNt6i+X0MdTUPo+YFawtU4odz5zA436E7IkGl0BkChNw5+VTmms+B6Q8k:ScuN7+QYFjmPz5zAJ0wahNw5+VTTs+Bl
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 2 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-384068567-2943195810-3631207890-1000\Control Panel\International\Geo\Nation Battly Launcher.exe Key value queried \REGISTRY\USER\S-1-5-21-384068567-2943195810-3631207890-1000\Control Panel\International\Geo\Nation Battly Launcher.exe -
Executes dropped EXE 5 IoCs
pid Process 2088 Battly Launcher.exe 3256 Battly Launcher.exe 4940 Battly Launcher.exe 3636 Battly Launcher.exe 1136 Battly Launcher.exe -
Loads dropped DLL 13 IoCs
pid Process 3948 Battly-Launcher-Windows.exe 3948 Battly-Launcher-Windows.exe 3948 Battly-Launcher-Windows.exe 2088 Battly Launcher.exe 3256 Battly Launcher.exe 4940 Battly Launcher.exe 3256 Battly Launcher.exe 3256 Battly Launcher.exe 3256 Battly Launcher.exe 3256 Battly Launcher.exe 3636 Battly Launcher.exe 1136 Battly Launcher.exe 1136 Battly Launcher.exe -
Drops file in System32 directory 2 IoCs
description ioc Process File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF Battly Launcher.exe File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF Battly Launcher.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1136 Battly Launcher.exe 1136 Battly Launcher.exe 1136 Battly Launcher.exe 1136 Battly Launcher.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe Token: SeShutdownPrivilege 2088 Battly Launcher.exe Token: SeCreatePagefilePrivilege 2088 Battly Launcher.exe -
Suspicious use of WriteProcessMemory 38 IoCs
description pid Process procid_target PID 3948 wrote to memory of 2088 3948 Battly-Launcher-Windows.exe 92 PID 3948 wrote to memory of 2088 3948 Battly-Launcher-Windows.exe 92 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 3256 2088 Battly Launcher.exe 94 PID 2088 wrote to memory of 4940 2088 Battly Launcher.exe 95 PID 2088 wrote to memory of 4940 2088 Battly Launcher.exe 95 PID 2088 wrote to memory of 3636 2088 Battly Launcher.exe 96 PID 2088 wrote to memory of 3636 2088 Battly Launcher.exe 96 PID 2088 wrote to memory of 1136 2088 Battly Launcher.exe 112 PID 2088 wrote to memory of 1136 2088 Battly Launcher.exe 112
Processes
-
C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe"C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:3948 -
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"2⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2088 -
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1732 --field-trial-handle=1736,i,5614504307782452804,15705109260488551645,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:23⤵
- Executes dropped EXE
- Loads dropped DLL
PID:3256
-
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --mojo-platform-channel-handle=1772 --field-trial-handle=1736,i,5614504307782452804,15705109260488551645,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:33⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4940
-
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --app-path="C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2432 --field-trial-handle=1736,i,5614504307782452804,15705109260488551645,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:13⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:3636
-
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe"C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\Battly Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2976 --field-trial-handle=1736,i,5614504307782452804,15705109260488551645,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:83⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious behavior: EnumeratesProcesses
PID:1136
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.7MB
MD52191e768cc2e19009dad20dc999135a3
SHA1f49a46ba0e954e657aaed1c9019a53d194272b6a
SHA2567353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d
SHA5125adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970
-
Filesize
150KB
MD5b1bccf31fa5710207026d373edd96161
SHA1ae7bb0c083aea838df1d78d61b54fb76c9a1182e
SHA25649aff5690cb9b0f54f831351aa0f64416ba180a0c4891a859fa7294e81e9c8e3
SHA512134a13ad86f8bd20a1d2350236269fd39c306389a600556a82025d5e0d5adaab0709d59e9b7ee96e8e2d25b6df49fefea27cdccefe5fba9687abf92a9a941d91
-
Filesize
229KB
MD5e02160c24b8077b36ff06dc05a9df057
SHA1fc722e071ce9caf52ad9a463c90fc2319aa6c790
SHA2564d5b51f720f7d3146e131c54a6f75e4e826c61b2ff15c8955f6d6dd15bedf106
SHA5121bf873b89b571974537b685cdb739f8ed148f710f6f24f0f362f8b6bb605996fcfec1501411f2cb2df374d5fdaf6e2daaada8cea68051e3c10a67030ea25929e
-
Filesize
2.7MB
MD5bf09deeeb497aeddaf6194e695776b8b
SHA1e7d8719d6d0664b8746581b88eb03a486f588844
SHA256450d5e6a11dc31dc6e1a7af472cd08b7e7a78976b1f0aa1c62055a0a720f5080
SHA51238d3cac922634df85ddfd8d070b38cf4973bba8f37d3246453377f30165cc4377b4e67c4e0bca0ffe3c3fa0e024b23a31ec009e16d0ab3042593b5a6e164669f
-
Filesize
10.2MB
MD5e0f1ad85c0933ecce2e003a2c59ae726
SHA1a8539fc5a233558edfa264a34f7af6187c3f0d4f
SHA256f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb
SHA512714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28
-
Filesize
467KB
MD53a5cbf0ce848ec30a2f8fe1760564515
SHA131bf9312cd1beaedaa91766e5cde13406d6ea219
SHA256afef052c621f72ba986d917a9e090d23a13f4ab6bc09f158eeb73fd671b94219
SHA512bd5713e1d22145b4cc52f4e46b464f443aad6f783a5793268e7d9dca969f27b70e706eecd54cb01be1c94256e6a95864c6b7e50027cef7fa870cdb16820ad602
-
Filesize
7.3MB
MD5c783045e4b7f00c847678d43a77367f7
SHA17f9192ce0b23ac93561aeec9d9c38daa3136c146
SHA2563a39137dcee6cb6663ae9cca424b6b05cf56c0ad7e32fb72cb94549ea9dbcae8
SHA51264e6d4fc84f1217ceef05a22ad63a6618ffdc470b1faf4ad9e2d7bab59e9285527b9c5fd7ea4be673a08b9466434e3c098e839bf6955597e3d8aa0e80589f4a3
-
Filesize
440KB
MD5731c45f9f23957acc11b43d775758aaa
SHA112e66417a2dc0c5211ed67f026208ef02fcb40af
SHA25602b97817b6eebd7caeaaff750f6462abc68911c398ddf0571b7900ff9b4ea9a2
SHA5121a008df585ef76d9cf4459fc3e617b8d4397e7078c77852712fc7cf4f304081bc5195243437e64074016b05a8cd671db93666042e59b959595ba854ceb330a81
-
Filesize
5.0MB
MD567bb5e75ceb8ced4c98cf0454933cb45
SHA1c2b1c8c8d753318bc5ec18762c27512a5eb9f9cd
SHA2565d63acd4034f7771ca346d138d7478014abf1f3f4386d07fc025dbc2c2bc0bff
SHA512fd213d59ebc625f6f8b20cc8fde1a22132ce827b81deaddb9ca7993fe0d9616de17e089def338d23c4b6bbd7d3a931ee73aa329325eaa17f8145a58fe11d8c38
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\index.js
Filesize4KB
MD5d441fba9399d196f943308f66d215d95
SHA176557f8a00782c3503b62784098b7832256c136b
SHA2564574224bdcf1a47aab456dbec7b485d7cb8bd62bea5295f85db622b3ebab0c1b
SHA5127f11d59d870c0ae386b6c0ae4a65b2ab49445ce8b36528323bb2a03a8a55611c8e71d2c7439f0a57c69fb7cfdc2d05fde59e535e0da36adf24947a131db18a0f
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\node_modules\mime\Mime.js
Filesize2KB
MD55a77829e31fd521878c9484a90ff107a
SHA173efaff8e2e9adb871396c15c076dbf28757949a
SHA2569482411a27e56e69e9ff5ae077b25f64c38768ae268ac07ab74a9896b582b6a9
SHA512dc542b656f18818fc5caab6bebaf67f2f33691661196fd588eeba8bb8d1520ea61f76df314d407e0e23b405706889f0e73f0bc61871a36764d2c3564a44b1c35
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\node_modules\mime\index.js
Filesize127B
MD5f18d3eb05bbc4d65415ee72c4b5d4dff
SHA1e2d3efd8917c4ff9cbe668474891269d3fedcb37
SHA2567b35e6b3b981b498b62860b99063916772a7a199125866d4593db952ba1c14b9
SHA51265316d6a06666e5acdb6fd293fcb737109a264fb6ed1174e7853f86b32d2b334fab3280d28535be21524fa15f86bc8f16b663461439d6bdf4ead0cba4b297eb5
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\node_modules\mime\package.json
Filesize775B
MD541460dd956f1244d052cbe727cb6be27
SHA14982079e4fc60559ed7fa2c066bf71fc7b74d9b4
SHA256a1dccf7b9e97739c70cfe4a205babae71016a576f4385a8d66308978f21e0d19
SHA5124e273dcbe5b5bde34c1ba8c0bf35251037b058fe3eef5703e53027a53b9f6661db97411be2ae2e7b4353adf5d77bb389566a81258adb8f11cac679ee6450c978
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\node_modules\mime\types\other.js
Filesize25KB
MD5ce7fcb8480cc926c86d46e4b1fb6cc9d
SHA1dbfc26ed679cce39b3ecb6bee5ef5968cea6408a
SHA256ee0e65cdfde6e492be9c52e35bffcbe0e0fd9a5be1a18fbaa7cbbc7b9b406934
SHA512c5c943a1722aa52c3f85f28189258ebb4e3ed025c98bfa0d7ce978de2587b10239c578d5d96fb63f85bd8ec16d7d156847268cc14421cb920832688984fc0cc9
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\node_modules\mime\types\standard.js
Filesize9KB
MD55119196e906ee770dfd3610bcfbd0587
SHA1a21f9b1eba88b1af8d16231a5759ffb8108a645c
SHA25670aaa6f9c1b7caf38db2eff138406911368729b8dfb478fe70078e46ec1824bc
SHA51230d30134c1044d36bf4ffd93cb0b6f003cb702a14b9e006bbc9a18a7e9e6915f18c22eb0b8bcfb5cae6cc15636726e0d8ab59189610550140ac90e51f45c324e
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs-electron\package.json
Filesize367B
MD5381be2da7b731d7e9f68c149ef521e46
SHA111f4eabe7d5c1236c02c9c6e1ef2e8f58226a2e3
SHA256c30372a8a6ef7a7cf021a48200d7ca770ca5ad68022e92c6d15bd27878dc326a
SHA5120595738800f268106a61f3526448bb1c89ed37db1950d00b7fc1f1d2874cfcd1bf7454b49d757614543caf756407d6594e2246f68d6916db51553c95e22c4f01
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs\lib\ejs.js
Filesize26KB
MD5e7286ffae51527e51efadb4ce65d1dd8
SHA12170a351835c1ff3ef58faab251e3d5ce5dfe9d6
SHA2569ff1cb7fb0a7dbd822e04d35e50560a199926cc323b5aa11f1e89556d7b89814
SHA5125a551b8ae5dc38eb4893acb2876046ebe27ed3852777b7e832173bfba8d5470b08495232811a82edd0662634bc6351e51d7d3509c87663900ca122a15e1d50e7
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs\lib\utils.js
Filesize6KB
MD5c4ed9f400aaac2c0b2ebe7c7f5795b1d
SHA14e88b60293299d879774768f84cf38524c3d34c3
SHA256d77d4660b6fd5131949906b67fa4456223c308bd13a88d7dadbd2e10e5e7ace4
SHA512100faa0f015ba8001eff8dc435174dde0af2d8717976448a3202272e7d0edde3d149f0a0acc6469f8d86fa0b15b79237cc1ffd5efb9456e0bbb625e6cfd53242
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\node_modules\ejs\package.json
Filesize748B
MD5c811f299cfedf923d32f6126894283b1
SHA14d25c24f5ff44f2963d08d74d474b03127c02ecf
SHA256ba32b2005d817a23dc0e0b57c248b53b8b0316e8271fa433780750a954d56e69
SHA512ce77756d8c128eff055923c6622f3b438a3eba87513fc6d962180b93762cb325c5b96c89e05e1df4a7ef227d35ad1de659d28c893742c5a1e8912b365b1a3fcb
-
Filesize
530B
MD5e102ea0d9f0e36be31e25b787c35ca2c
SHA1022ea237f37e95570872a64ba6af1e2f63cb0dab
SHA2569f66eafe35c475aaba1157c877406f448273c6e4811a1ef2fce10aa0d5eee706
SHA512426e0af432f24562e548bf53ea972636c494f0c5b840b9e6affbc40f32fdb9de3cde3c4fd83d9a221eae9832a42631b2b178a3d46f1b2a56d1a82978fe32fc51
-
Filesize
1KB
MD5ee4146fab6611d7ba9d24e71d9b6363a
SHA10e0601beae6e65511660740b79fd18381601ba21
SHA256213b9c67599b6c11cab64d5c9c2606eea16dafaceb028e93a5b9d4ad6c5c33b4
SHA5129412dd10b99d79c10ba39e6e3fa027684b19f90361a65b25ebca1b9ccfc437fb303713ebf7e7be6906a4383302425c09a5cb3d0f446929f8d84ff8c462796fab
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\css\index.css
Filesize20KB
MD53eaee883756164643699708fccb2c5ca
SHA1d1afc0d030427a4be6e5f1d25ad5904503f527ef
SHA256400743c30d1cb641da64e1bb44166d07850908e40e2103cda0e6010a3eaf4922
SHA5123bbea7306e3fe1f6d20e5335b05ad25316236820255782fe8be10dcac1df0e45ed892e52f3f789895e7f811859f38538fa7a612d4e57748fc43100f34c8b257a
-
Filesize
11KB
MD5372b8e595552272d8980d7ce68a22a45
SHA13458abecc3172f86c0a42f889402a700964a7bdc
SHA2569a6b51f26c9efb993a02f67582477d9b524b029af5d6b1bea046840012dc110e
SHA512bb712405ea0c0ec66add82abd04ca8f32e07bea7e4bbdcb2bce53a16caf8d9bf2a514ec8e647739e739f995931fc6d04d155e8b2f381fb93765024a4aebc1fa4
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\background.png
Filesize713KB
MD554d3046d693ef7dc0e06a32ff629e7a1
SHA11d14c54f2db92c94e467dc3b3f6480fe737ed830
SHA25662a7ec1cb750aa28bcfdc93cebf1521f8cdc352992938652527aacb79618e57c
SHA512b4e123d3bf4b21bdb1c73ab9374bad0e1090e5cfd0b758bebfd907d4f3736c9f4e87e73e693a85eed66bd0e1eee85fbcf1a152eeb83ea6f317e85022d67fca3d
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\de.png
Filesize274B
MD50c730750c8a99bc30cf20b83d235aea6
SHA18ea6cd3bbdaae43607b4882560c4e04ef8eeaf8d
SHA256b9d2aced61236662459e3acaaeaf44ce7af28405847c9a54d42fa4ae344f045f
SHA5122fc3251378520052892b529b8c3638cbc3dd9c4ac471dc20382930c103c886826f05969400d7d1054b066cc81d00813ba86532b20be646aa8910efec9dfc6c23
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\en.png
Filesize310B
MD5c2de03c4d117d87763d4e1e5e28482db
SHA1bfbecbfba4c5a871894c6784da913fa495a2aa3b
SHA256e423db68a40835ac299155e365864461e37115a96f996091d5af026103d753e2
SHA512628f47a91c2605a66dda06430f26d8685384136c0d04bc3146dd033462ef7def71c7d9ddd43cf3d07e892a400d089faed938a91317a94fce4febfd01183e1301
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\es.png
Filesize370B
MD5ff0df90a5a69c16ef24fab173a89ee4f
SHA102b14de1912f54b2b0630346c2cfe75a8da6d5b9
SHA256c79f2cdfee1e6666b8180b7ee33d1f06bcffb113e602e8ec47b668d4db4f18d9
SHA5124387449064aada45fba5e933304c5f931c29187acc025d291f1a758c6b2453085faa42693b2395fb08829b62187577988149514e133c2d4c58d6a2ed851f7ccc
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\fr.png
Filesize284B
MD5d03e36af77543804318d6a5e220724ea
SHA158f8df12d68e055019dce59a93afe17207d68bd8
SHA2569914c4861965f03acbbc077509a8dbe76471a4b3c26eb3932427f9972236edb5
SHA5128b10141b6411d05c4f7f7a1e3139fb0e7a8223c470b5f6a2ab84e07c482d39a56820b3e3a867263321744e2d5272bf9fabc81bde61fbb7e79e2ef31a37cacc12
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\it.png
Filesize279B
MD5b9673fed0ded2c7a6a3e2572b60ebb5c
SHA1b4c6de948d9d7fb396dee563804fb161dc541cbe
SHA2567ed6102d8a617b6cc2f7fe101ce130b037bf4fe7cc41deb011430f8def81b14a
SHA5120f5965e93a08ea0a4f2a38de0e9f4accef71dea85d56f07c771ca62a966ab2049d611b1749544343e4389cea203137cb037fa2b7bd420087acfd3ddec2fc52f8
-
C:\Users\Admin\AppData\Local\Temp\2fejptRVqtuxOlbo01siOY8OCTG\resources\app\src\assets\images\flags\pt.png
Filesize806B
MD5188d843e650bbcb429950217dfc0131f
SHA1ec3a3cbab918dc69f797f96b718fc22e398771b0
SHA25660d97aeb01ec6481d1c9f5be24082655c880a4ec947e42713168e3c36d6015b6
SHA5128b8aa9535194304633d229161377c73e0b13fb757a2661620a4ebb33d0bf6bc7d56fe2456a062e7ef9f6224fc2aabeaad9d472b83c96f2643e4e44b9e46015ea
-
Filesize
3KB
MD5a43acb5bbde4eec35fa3992eca3a0fe5
SHA15df08727880475be34beabb49c80d04a1638ab07
SHA2563c53963dae15a539bf383875155233cc4c1a069e5ba7c13937699c992b8a2701
SHA512588412abff1307a4733bc5b0795ad1098791898e2329955a5db551bf51ad754382f16a0a6dd57717f135b0e9c334e4cc8b678353302d4960137462b24a919350
-
Filesize
981B
MD50887c927cc2ba0250bea889fd5d40660
SHA18ae1b01d3c501a15cfeade573a13b93c44ae34d5
SHA256df0dc42c4ec4e3dbed33e6fd855e977f3bfb4cc2a49a8402ead53bfb9f544d6e
SHA51201dd4c0e622e95adc652fd06c8503864506cae7466d4114bd11938f69a5b97065ecedf2a9d516d485abaa33fc3442bcd9de46f6a00b0979c11b05951bf2183db
-
Filesize
4KB
MD5d6c4aec009f8a181f5f805169cbad491
SHA17a7263138772c78c8c4330a2ed6cfbd3092c8985
SHA256a2da2ca46128fdf7530a27ab8345986278cda1b78d7a075ec0fb11b66474fa8d
SHA512d0a2d60113cdce329303f9657b741317e2f5b691d248fa2131b6668e07e7db9a5292ab734456681f335b71c732e003009631113cf14f218e13aaad7d4e8bb4d7
-
Filesize
38KB
MD5eef60d35e9f75d3c7030d0574250e56f
SHA16d29148b90187fa1583652bc8799e65efa10f637
SHA2563cf434b126e4369ffb8e9f4d489daee1aad9f47828850386984b3c752cdc7042
SHA512529bf36dacd2fc808e63a8091a8aa92f5d3d39c23077bc72298bf052f1bdcd6fc05282608ce5337643d3c1a794bdde2b8d364f7deb0c4b7ae75810be3bdb165b
-
Filesize
880B
MD55cb43b3d3c087f4dfb7ef3604a39e757
SHA162796be76ccb921544aa6279dd0139b00450e24a
SHA25688b3b17146349c92955cc88bdd70ef1fa414bf624d771a0b8ed0d7f2d40d76cd
SHA512b5247488c6dbd4f682d27884f3b516df00ad6725665f79c2d4ea76c1a54d318a31e32c6f96a11fafc382d36097e50f505e0cba904e13b4d45afa96544401eb81
-
Filesize
4KB
MD5c5cc3d4ff4268a128ca55321b7ad4f70
SHA187a0ad54e6b73a40fd5cc7e801603aa50e4ea973
SHA25679912a218664d36de8b3f1adc69b43b2ccb67bebe39a3d38666bbbf4173cd411
SHA512f55a303b010129a6b342e62b9a9d4e32297d7648c3054ce40d26d939cc7ef776d42438ce78d93a4897f5a6679a1477d2590e152dc601d174e53fffe8010f0e1b
-
Filesize
3KB
MD5877f16609a32c46ff5f8eab3648b1078
SHA15a3d5785704f016235b96fdbe04a9de69b48e203
SHA256f8981d7e2001efe11511d6779675bcbead2fa27d6557a54dcb8492ea958a1454
SHA512c6df43c91537d13d75e1b2e1b35fc2b452f7d62326f0074c24e975e18a47d31bade8a9e84514091bd537b8cb016c60e87920249cee73370188be045c628a30b0
-
Filesize
5KB
MD53fbf51eb59e0f0b050f5abcd2fcd3dca
SHA190d676bc914c2bebf33464dd088952abbedd56f3
SHA2569016b2792ecdd22276e1d1e4172b4e598478f5668b27beb005e2219d229f216c
SHA512c5e04500ebdd922d989594e3a0822fa9a9557d749e60af86ab1e309847342431a606f5e604538fa5d5666535bc68c4f5fbeeb4cdda9a832384505aac1ba2d998
-
Filesize
1KB
MD56fc7c3d8bac3259202cb981acf8b18b6
SHA1f3963b01f9a2df4e9b0b989b4e7ea8f55198ddfa
SHA25662e112e61b5c9c582f5a9aac790a9275be8a560d1edb93c3a6879330298e53fc
SHA5127d719b9698344ba99d3d860e28421bc7cfaf2e9d80cfc6da472413800900aa64f055add8269553e9838aa998df4d6575c6bf0091cf6263a6ea0c2537c36b5df0
-
Filesize
2KB
MD521e1d48f90eb1017539741c7a74cf059
SHA17906534922134e26a5c59324aafad63e20bf10ba
SHA256870496c864624ebce9da0b98ea830249897a2a2317f6a816751f0edb30aeb32b
SHA5122cd3d44337c5e1b794a2233d25fef122a97910d7f7d32cb811c0fa3f84397dd4781e917ba3db0e024384439413925dd0ab73888d3d82119951b86192e807685b
-
Filesize
663KB
MD581870fb2f641c8b845e9c6d1a632f0b7
SHA1fcd47d8d1232c189a1c4087bb03a015ce14c25ba
SHA256875515af4e7254458c17a98bed087fc609d45fbc8ebf60663e112c37204f6840
SHA5127748c8fb6f356aa45023a56245c43c5171d0413617fb1ac6c75650be75bbe94bd5528e9aa83cd9df9a08af65540a76ab59bc866e5dcf0fa7284122f290bd45d3
-
Filesize
5.1MB
MD50a071201e4dd76996e273c81533bfa74
SHA15c92c634027692c344a8e74eab8b4d5c3e049497
SHA25608e34bc25653f9357a4ccf62966d698b7cc6265dc668046a28403ae5786132ee
SHA512b5de6548c5c743b6f119183fa06aaf67dcd4cdbc3542378ff87916b670ace1e2f4270f6dcaa4caabd01460c638bd02b565267e7bd9617ca92d72187d374bb7d6
-
Filesize
7KB
MD5487368e6fce9ab9c5ea053af0990c5ef
SHA1b538e37c87d4b9a7645dcbbd9e93025a31849702
SHA256e27efa5dfde875bd6b826fafb4c7698db6b6e30e68715a1c03eb018e3170fc04
SHA512bb3ed4c0d17a11365b72653112b48c8c63ab10590dda3dfd90aa453f0d64203000e4571c73998063352240e1671d14da5ee394439899aaa31054fa2e9b722ea7
-
Filesize
100KB
MD5c6a6e03f77c313b267498515488c5740
SHA13d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA5129870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
-
Filesize
12KB
MD50d7ad4f45dc6f5aa87f606d0331c6901
SHA148df0911f0484cbe2a8cdd5362140b63c41ee457
SHA2563eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
-
Filesize
697B
MD59813567ddf0d36434a67a56704c4bbb3
SHA13d3a9dc3499aa5048d49580731cd80ad14d13da7
SHA2563c2bca67ff48a9a3acdd4c391232f5f522fd785e6ecb6f39e61aa3e8e4db1cad
SHA5129768333d1a8bdb4041108e0646ff9d838c0553ede3320a2d54be0e979de9c63f19d457e49f8d52e74f95eab799da64cecdb37446c14af46dc5dd42f55d7bbbf1
-
C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\Network Persistent State~RFe58f874.TMP
Filesize59B
MD52800881c775077e1c4b6e06bf4676de4
SHA12873631068c8b3b9495638c865915be822442c8b
SHA256226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b
-
Filesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84