a24c03e63449db0f994c715115c7648e88182888305be3554ef8f9a9215a0501

Analysis

max time kernel
151s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
28-07-2024 23:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PolyMC-Windows-Setup-6.1.exe
Size

35.7MB
MD5

5bb2a28bb44d9033b2faa48f32da0808
SHA1

30b5f1936b77874ec3cf698e0427164d67da48bc
SHA256

a24c03e63449db0f994c715115c7648e88182888305be3554ef8f9a9215a0501
SHA512

3f05d74741a5fc69f58ab33499ded5760c9af3ebd6d8b531259b5c45b51c9273e3a09c6a1fa12a3b0d8caa54476d212aa7bdda3f8a41bc987beef5255747bab5
SSDEEP

786432:rO6WYUESAnXNJrFIwY/p/bMVrRYdi3UsGYBniW890Ker:rlWYIAn9AwYR/wVrRYM33G2ni9iX

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.

Query Registry
T1012

System Information Discovery
T1082

Processes:

polymc.exe

description ioc process

Key value queried \REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\Control Panel\International\Geo\Nation polymc.exe
Executes dropped EXE 2 IoCs

Processes:

ns3FB6.tmppolymc.exe

pid process

2868 ns3FB6.tmp
3348 polymc.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1176886754-713327781-2233697964-1000\Control Panel\International\Geo\Nation	polymc.exe

pid	process
2868	ns3FB6.tmp
3348	polymc.exe

Loads dropped DLL 60 IoCs

Processes:

PolyMC-Windows-Setup-6.1.exepolymc.exe

pid	process
4968	PolyMC-Windows-Setup-6.1.exe
4968	PolyMC-Windows-Setup-6.1.exe
4968	PolyMC-Windows-Setup-6.1.exe
4968	PolyMC-Windows-Setup-6.1.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe
3348	polymc.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082
Kills process with taskkill 1 IoCs
evasion

Processes:

TaskKill.exe

pid process

4752 TaskKill.exe
Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

polymc.exe

pid process

3348 polymc.exe
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

polymc.exe

pid process

3348 polymc.exe
Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

TaskKill.exe

description pid process

Token: SeDebugPrivilege 4752 TaskKill.exe
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

polymc.exe

pid process

3348 polymc.exe

pid	process
4752	TaskKill.exe

pid	process
3348	polymc.exe

pid	process
3348	polymc.exe

description	pid	process
Token: SeDebugPrivilege	4752	TaskKill.exe

pid	process
3348	polymc.exe

Suspicious use of WriteProcessMemory 16 IoCs

Processes:

PolyMC-Windows-Setup-6.1.exens3FB6.tmppolymc.exe

description	pid	process	target process
PID 4968 wrote to memory of 2868	4968	PolyMC-Windows-Setup-6.1.exe	ns3FB6.tmp
PID 4968 wrote to memory of 2868	4968	PolyMC-Windows-Setup-6.1.exe	ns3FB6.tmp
PID 2868 wrote to memory of 4752	2868	ns3FB6.tmp	TaskKill.exe
PID 2868 wrote to memory of 4752	2868	ns3FB6.tmp	TaskKill.exe
PID 4968 wrote to memory of 3348	4968	PolyMC-Windows-Setup-6.1.exe	polymc.exe
PID 4968 wrote to memory of 3348	4968	PolyMC-Windows-Setup-6.1.exe	polymc.exe
PID 3348 wrote to memory of 2588	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 2588	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 988	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 988	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 2956	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 2956	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 3368	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 3368	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 1960	3348	polymc.exe	javaw.exe
PID 3348 wrote to memory of 1960	3348	polymc.exe	javaw.exe

C:\Users\Admin\AppData\Local\Temp\PolyMC-Windows-Setup-6.1.exe
"C:\Users\Admin\AppData\Local\Temp\PolyMC-Windows-Setup-6.1.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:4968

C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\ns3FB6.tmp
"C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\ns3FB6.tmp" TaskKill /IM polymc.exe /F
2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:2868

C:\Windows\SYSTEM32\TaskKill.exe
TaskKill /IM polymc.exe /F
3⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
PID:4752

C:\Users\Admin\AppData\Local\Programs\PolyMC\polymc.exe
"C:\Users\Admin\AppData\Local\Programs\PolyMC\polymc.exe"
2⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:3348

C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Programs/PolyMC/jars/JavaCheck.jar
3⤵
PID:2588

C:\Program Files\Java\jdk-1.8\bin\javaw.exe
"C:\Program Files\Java\jdk-1.8\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Programs/PolyMC/jars/JavaCheck.jar
3⤵
PID:988

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
javaw -jar C:/Users/Admin/AppData/Local/Programs/PolyMC/jars/JavaCheck.jar
3⤵
PID:2956

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe" -jar C:/Users/Admin/AppData/Local/Programs/PolyMC/jars/JavaCheck.jar
3⤵
PID:3368

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe
"C:\Program Files (x86)\Common Files\Oracle\Java\javapath\javaw.exe" -Xms512m -Xmx4096m -jar C:/Users/Admin/AppData/Local/Programs/PolyMC/jars/JavaCheck.jar
3⤵
PID:1960

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Charts.dll
Filesize
1.8MB

MD5
4752265e71100be65bde5b70405ba89f

SHA1
b647bbc4a6f165c99d53ae3daa774fe33f66539f

SHA256
dab168fe1af03e349202e33fd7cd0d39ee3bacd59873804accf957be7a5e0540

SHA512
99c8229abed971ae5058e3cd979ad3d9d80c1e22789a922b47912d1106389ee25b62f3199d97f908569c5cf12c0dc2710fc4ccc4bc88106e0f86460dd2d5c171

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Core.dll
Filesize
5.7MB

MD5
dac3877d60bbdaa79f785ee724c4c29f

SHA1
cf58242f109d56f78f52a338b2a9ca220a1a4779

SHA256
ca6dc359464ee693c56a94c79763fe95fabda671dca49a4b75700a614f682cc1

SHA512
b5e64e1bca1a50188ffa8bc74cd54950ac4be7a7958deaf4adb376a02adf464e45ece49a94aee8125a5f4b7f7ea319c89498e3901ebd0787d4c5fc9a527cb653

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Core5Compat.dll
Filesize
345KB

MD5
7ecde6292e58c3d8d92384f30ddac51b

SHA1
1165303ae1ea2393cf0f24b104c6fa8b8bce6875

SHA256
966d7ce2b40b404bb2bd30576e04400aabab9e4e2b099c74c40b492c966c5ca5

SHA512
9947651ef044dd2a8a7c19a07dd56baca3a0e3e8a5697f1fc51522d2f504b5a80d997abb6ae2a5e22d29800b5599de4bf79195bd91411f469c50b175a6b806bc

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Gui.dll
Filesize
8.3MB

MD5
51019a1811cc64359425d886506a2979

SHA1
ad1a768eca96f47fbacdcbaa94a88bacabb0ac70

SHA256
916b8328c13ae2842a7049b6de912e651961602bc567f70371129179a655d287

SHA512
cea7ba8ba451a6c0108afd97549c677b02a92895227362326043cdbd8e57bb568f5b7edc547824465ca9dc5e33c2f38dcec967e2595be300c6dc625ac00f6f1f

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Network.dll
Filesize
1.6MB

MD5
88f9aa5a16bf1736cf4f86b93a9a168e

SHA1
cb852427fc729dbf5ac76eb95a9b5542c1dd16ab

SHA256
474d449b930148a75f6d5258a4cda3f0ba7f193fcf82d295f0b773ac560c23eb

SHA512
2dfa2d595d15387a1cf185b4b69ff1ed31970550b612ba6c9231d2377dcc5e340f608953187f96ee1a2c59a79e5ec004fe1e5c701702cc61ce4e18c953b8521c

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6OpenGL.dll
Filesize
566KB

MD5
000c9e8c4da190fcf222d5a21e11d1d1

SHA1
716b18303865ac9b4d057095d7ba7c179f81968b

SHA256
6936d92141fe7b9fa701d13860fabb70a6c4926666cdf58a304d6054451624fb

SHA512
d641fd19e5020040f77ef7ea60eb92f13af47f2652befd519fad469c9e44958f4075e1f816d469f646a44abcb88c0d1b9554c6577316f7e603bc618dcd64558e

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6OpenGLWidgets.dll
Filesize
60KB

MD5
7322189443b2a0127636c8b20e509eeb

SHA1
59f840eca774cbcf0ac2aff1de505281e15253e1

SHA256
86ffea496cd1516af6071b08049ca15462ccd0b4fb4be5e4e27f39627797e146

SHA512
e82dcf915091516c2530b6d6f1aa70624b4e7a529b028976090ad26a54981cbd7651133094d8066e2ffe18a1faf925d6fba7a2be79f4b04e3568aa71eb86726c

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Widgets.dll
Filesize
6.4MB

MD5
0c117cc00f9b02af604359ea4b5ffeb1

SHA1
517b05c052156524d5d173112affcbdf3cc3c63f

SHA256
ae7c19e137a5df18d0504376001b73354a7d0c9b3b10e3575b6ac546b609533c

SHA512
5880aa9960467a44d473e374e1cb93d7587b8a74e17c99b18d32dc87d1461ebd6030e2c2f054baf4d1b80f4977f6f7a8c7cc87f6092b6e98e5f1d2f7270f17b0

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\Qt6Xml.dll
Filesize
141KB

MD5
9e0c3650a3ff9d199afcd3642b7356fa

SHA1
799596e6694276a50e2d5b3953d9240525bc1193

SHA256
6b75c4753dbed79398970e93aebcebe9d920d8a2b45a98d1a7c702fdf8ad8824

SHA512
dd1a49ad0cf8522f961e91161a490c5a75460a0f638c020951e0752ec15d6b396df4756064e1b315fc3ebbaa0254904f75190a45e231bf0a6e5858f879c568f8

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libb2-1.dll
Filesize
33KB

MD5
db2059841e2b7be00607dd20b3eabc7f

SHA1
b5853cc3716a55ce69faaf8b84365ddbcc1c85ea

SHA256
7fb8418a1172042dab5227fcd466b1bf293737f5b5cf35359e851516227f109c

SHA512
ac582b3d5ecb891892fcfe5e0647233058312be04b16f46cd2e4bd0b2c72cb341f48aeda83998688ae1804ba2e6fa10cdfd1db83c072238b6dcfcf5014c3f401

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libbrotlicommon.dll
Filesize
140KB

MD5
d8663f9a347755f11f2c67cddcfb37b3

SHA1
56cd42ca876a2601b5f488daffa78357239c6a52

SHA256
62f363f6aac0d54ce7b115c0412b19e0fe5480f4e6fc1254f663b0ab6868e46f

SHA512
c3c92ca4d3ca0dac0c0d125e7b9a358bd2a9a45d1e779a7ae7b014a20e07540142f9a16c6231e744bb5c3da4db688ccebf79185a3ed2caa55ecb367e53cce71f

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libbrotlidec.dll
Filesize
58KB

MD5
8616fe7148a27752d73b7f8c72c6fb3d

SHA1
090a9ec3b201a3c80ee77fd2e0569e41f52d0b5a

SHA256
7d6c0f954b6f2db1c1c5fd5904886ae055859a02ca31b6dde5f96f6b0259d23f

SHA512
ced8f709d2372341153c1571eeb93d4146325be6bb7f23eb5a65258ba4925c0957f01ad89d004416c5390fb234aa687cae774c68f19cc919eab9e40384768931

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libbz2-1.dll
Filesize
98KB

MD5
981dac0b4d9eb1da0be9f51024d5649a

SHA1
bd47b357caeaf24bed207b379da8f961f901dea9

SHA256
b79cd3a7102e359ef6324e98966a67939e58ec2b651ae2847cae84a4dfa453f7

SHA512
89be623acfae7ce840509462d8c142626c7b3a3c2fad90f2d8fc0d5b5465d5203bbb2423a781c5e7004c55ec2d52e5239c709a85d64767fb0df811423911d8e1

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libdouble-conversion.dll
Filesize
70KB

MD5
39fba801753d680cefa21b7f1dff4582

SHA1
831c0ef18e969a03a478975eda217c52d779a49a

SHA256
e7f82f105503d961d2f83b92c05fff29e6e788c185f8acf7cdbdda20fc14247b

SHA512
f5fa92aa58c8776891f4a62666a4af68546d881a5610d6df745fea4286ca1a5eeb35e835aefc4e6e8b9d1a52d00fdec4c632e435e1f865f06d6f14228400eb93

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libfreetype-6.dll
Filesize
758KB

MD5
f29f7a0bb090aeff486217e8879a0dd3

SHA1
f293aba474d752513bfd0660cdcf78278a4da660

SHA256
5297f754dfca04abdb0d21705d5afc3c4122aa25c7afbdd87900313cb780c868

SHA512
6d35d7f8ccf12384b2802352e42d8c0e092592310a80f2838797308c38d56f3a07215767ffff5eb1d2bd40cbdf025014c6577c96c41919e23ec4cf32cc9e6016

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libgcc_s_seh-1.dll
Filesize
114KB

MD5
609093820211d9c7e62983121a13949e

SHA1
da36700df5ff67c6f65176f5896489651fd2235c

SHA256
96ff53193839f5fbbb15b14cc9fe1885e24cf7cc27e939150706368650702222

SHA512
ad6921bfc79714e6a4199d7ca7e5878659161a3fd416a20f2b731c000000e6a85bef6611f283adb8c117b19063490fd812ff21eaf3497beccd88c8abf38c5ccd

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libglib-2.0-0.dll
Filesize
1.4MB

MD5
49241a2313e8fbf6f2b9a7cf10e677b3

SHA1
716d052186f6c2e5c265bcd8c10ff6c2963154cf

SHA256
a344379351d00ede6092ed7c3bef02828d53b6b2407380101c8b92a3a05b524b

SHA512
4f48627b2ee993f9184b63f03c853f1fe3402b7b0b4ed65d83e202f416ef4034b9ea7818fc11bfbe020534db2684fb63b4fd4502e68aaae8fae3b0b529aef05b

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libgraphite2.dll
Filesize
148KB

MD5
69fc721cb2ef268148e430bac038d459

SHA1
47d566f9bf60661d6e8fc049e38267530ef9ce06

SHA256
f927efecd958f0e54a24ae297f86cd6aed05e7fc20e5da0882050ab9ec464395

SHA512
e832017cd8b6c8ac360acc63226ceb0356b2a37d33ec32f4be92018d1ccc47f665de633d06ee80653d9bbc16f7595135b68cc140b34db4b86948169d5c6a33a6

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libharfbuzz-0.dll
Filesize
1.2MB

MD5
e85d252253944114f440fdbc67d4ae67

SHA1
da478c55e256307b26a813222608a955335b1a4c

SHA256
52ad06f04d6a3c190199b454f48d5e993dd7c2cf93f331a6bf87a19eed0bf511

SHA512
b74dcd3327762373a27a144cc5ec09e58db9b348df2d6f5ee481c8970ec89c3c238ad232f11849ff917a0a278e590652b137c21186b4e5162cf48576efd73778

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libicuin74.dll
Filesize
2.8MB

MD5
62d82c1c3f78c2c3f719a863d5231ca8

SHA1
916173cbbd89de2483caefdd4b104de79330c642

SHA256
69328f8c98dc27ee26bba561cd9b6077a63dcfca88d601ade3bb50143a171d2e

SHA512
68742efe50b47d0f5d93d65af20dbbf2c96d79b66c98b62e844aa87c866b6b567bbe2b613c833624f532f55ad52caed47fe37bc977cbe4365c486675ca427f97

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libicuuc74.dll
Filesize
1.8MB

MD5
b10023bda2e623b7e059af3455361b68

SHA1
440ffd9fc57aa22b7c74beae16e291f9c9786d49

SHA256
faea09e5599364842e832ab3f196ad2f166bada760124d10b2acc67c1c06d55c

SHA512
a40e1cb47496411fc239ccbc7bb098958d1009f3603d5cfbb18d94266a4244a421935dc4129b2c36501c9767aa617eb0077eff9e208c8e7536d0daad99eff330

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libmd4c.dll
Filesize
81KB

MD5
d3e1ab6cc45c1cdbca7c6a7c9e7903a6

SHA1
7e85d710a35b194ee30091588a349aee7c7d4b5a

SHA256
fa52a65abdf3edf7bee915d69513439f3a62ab9fff418bf868c89ca1b75428d3

SHA512
38f90bae14c6a0890c3c6517e1f2dbf5486c705007cc9aef25f3e89bc02f1224325b58fb45ce0937092d42935a4a6d7f82c2104f865a4f39f74bbd5671240a9c

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libpcre2-16-0.dll
Filesize
344KB

MD5
b272aff5066706a2e96c10317433efc3

SHA1
a688bbc6bb6e08a38c0456f9ca4ad6203d221a42

SHA256
a36ab12896a68914588582b10af24fb5950e076ff1e2e27973c065aa6cc9ce99

SHA512
14cde5cb314e478c43070995c635eff15ad27a8437e2c71db1aeda07f62d875415a7687167a29aa350f5a7d06cc334584379936b986c51c70ff5adbad604cc9e

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libpng16-16.dll
Filesize
241KB

MD5
07a48672de0ac3bd279b9f33178cc712

SHA1
813ad10c41a4ead581def3bcf93ddee2a90663ae

SHA256
1827dbbf89decad06894f7ea6f9711a4dc9e37082ab6867cb57ee7d1e6173c41

SHA512
92c843997d6fc53fdaa8f5352e8b3b82be8a89629ed7ea79912d3559df0102d9bf9aeb4209fb6460adcc699b1985d1bee696a0fbfac5185cb8f220c4e77dc7c6

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libquazip1-qt6.dll
Filesize
240KB

MD5
5dd8944f810d95f1cd288daf68fba7ef

SHA1
37d7ce36d3cba4a014d07f1d6342992118aa5b8f

SHA256
edc55a0c7a427cc57aecbec59f85322fba798bfc76bc10a5381f76d03642394d

SHA512
f5ae7c4cb40d39cb7893d03a70c870834cacf1c06f17ec15d93b8ab159ba9bec91eee65e0b8186d27447cb02ca0f732e0108550f63e4a4880d2b9df4c7eca68b

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libstdc++-6.dll
Filesize
2.2MB

MD5
8a1130a942fbf7b4e56245e680ebefa1

SHA1
454ad827bc26e9c974652ac0cc8b16ec551eefad

SHA256
afef4db985a0a6f9ac7f55eb339c3de62166334043b53bd25d0bbb0b73a95deb

SHA512
75723732dc26a9f4ac74afd61f507b781b640d70faa2a946801621b28eaed103e0d3828d2ccaae4dd7e10d9ec3a6b2423e07cf0d43cd7fa53e46619bac6ea2ab

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libwinpthread-1.dll
Filesize
59KB

MD5
9910d4fa44619fb945fb95bd105e49f6

SHA1
6ba87de7bc32895766f3aa50b6a3ba439bbaabbf

SHA256
9c3b1f3a73dfc9d92c322c5b168b1747e0aef92f18727a7bd29a0331ce227388

SHA512
087f4958f74be4be782f22777ed3f5c2a70d42fa3c8db6e4bbaa3615236ae3459afb272286268b02fe89cbaf1a402af85609cafdc9edfbfa3657631afb6c45ab

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\libzstd.dll
Filesize
1.1MB

MD5
4c409c11196a02c6329981cf66683af4

SHA1
27c72c11a6b87d87b0fcd23bd68046c4099441c4

SHA256
03fbbf1f2cb5e6be9a9b57dae4d9af403f831a13618eefd6ca8b1271c28a5b27

SHA512
12f8bf05072e36cb095e6f4109a3fe64b2cd6621eaa2b594240926d994cd69e0b521e30e0729023ea0ef0d234df3ea22d8d555b70d36f2cbcd6ec2a5a099401a

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\polymc.exe
Filesize
10.8MB

MD5
341d7ac79625c3ab885d90ed5ce9ab2b

SHA1
11139fcba6c8124dbe03a90058a2241dc7a70118

SHA256
7b8f33c02ba9e3fd92ae5df31088c47cef1afb0acd2c2eef1ecd309b465c84a4

SHA512
9adf7da50ac181d418e26f5feb22f6cc93e9b11299159ca58cfd8fd0e2c5d9a6376737a08dd8aab79f1a1d12d269ed77c23c779f1de8b91fa97dc42e622a6b31

Download Submit
C:\Users\Admin\AppData\Local\Programs\PolyMC\zlib1.dll
Filesize
117KB

MD5
5e14e5dc82041df0f2274183cdc72106

SHA1
e41c7680266d2653e16412e30b6dfec18abfd31c

SHA256
83ee0ff920144edb2c2f4ea10130f55443493290886985a63233fa2431e450f9

SHA512
0f9a64b2ea07c65dfb6a46b804caf1d9d9c6dfe8af4c8dd471f26a2af745ff10f45ca722c944ea69fd434ccb158b2eb68175ed07799568652db212bcd591a45f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\System.dll
Filesize
25KB

MD5
853d33d653fb8622e5fd1aa862d07aa0

SHA1
310561cc0f30657974ab627a2341adfcec84ab92

SHA256
dbeb911118606a36e430e8d8be39e944b80167fb81ccd11c56afafb25747e633

SHA512
6d944929b0a4350aba32b28ef9f26d6c8f1a7c44aade158587829101a110ac7d892a9c5ca4ce60945c8cbd63eb0df63c3e8785c871e85ad22635f0ac80dba70a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\modern-wizard.bmp
Filesize
25KB

MD5
cbe40fd2b1ec96daedc65da172d90022

SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944

SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\ns3FB6.tmp
Filesize
11KB

MD5
0d35158cad33cd0ad3191f0655001100

SHA1
b68a901b71e78c6f3797d10dcafafdc0a08b9172

SHA256
f51cb324b319e6561aca7c0472555ebe0417252b2f0cd8e756eb7c5dab5c61d5

SHA512
c3c7f4bf4d5a7b0a8ace238c8998672aaf436c6731fee746001ecaef873b8c725ac661ede364f0d9d1501ccdf625986affcb5a180e62c713f5c8c12f334e5663

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\nsDialogs.dll
Filesize
14KB

MD5
cf1d851a552068aaa0515ecbff6f40d2

SHA1
e2cb25ac6cee0712486c8c2a7e00250a89554ca5

SHA256
38192df38514cabdd22e08cba2b3d27aac774ac8090a0f326d441718f47a82c6

SHA512
b76b86b8866c5b5556c361878b128e1ff5010585c79b733df4548ee7344cdde409d647afb1e50cdf8d33d74595bc2b8fa971ba4b80e78d00670d085a1871d832

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsmFE75.tmp\nsExec.dll
Filesize
11KB

MD5
d9624f8a2014d31c4f114b78e20ad6b3

SHA1
0c1b5761bc42372778ab5af27165cc52666924c4

SHA256
1822b4b0c0111e82361ddf3d603d14392d80908c17d51d187bd2aa8d48e104e9

SHA512
db2015d2f2783b1734a8b92154d9fe454d212ff586b66fb235986872b0ee5dc6c6e7d8498fe000097b3fa11aff2f6136dd28b618408d85995602e2664b941c01

Download Submit
C:\Users\Admin\AppData\Roaming\PolyMC\translations\index_v2.json
Filesize
15KB

MD5
1e172d623bf7936c716a333f7edaa56f

SHA1
aeba68d9756925a74f3a2d0345b22250e45a2d36

SHA256
c0fc31bee0735d0e2fc3de9fbc4496a6a71e591142ef34c187ce19c431dd2492

SHA512
31fea1aa48b9257648a5696e76f5fa3e33cd3697e40ed7e8b3a186ab7eb57001a19995dd0ee14d93f420358f439ef181cff5b24a76b230979ba4de4cdf1a2219

Download Submit
memory/2868-43-0x0000000001590000-0x0000000001690000-memory.dmp

Filesize
1024KB

Download
memory/2868-39-0x00000000003D0000-0x00000000003F2000-memory.dmp

Filesize
136KB

Download
memory/2868-38-0x0000000001280000-0x00000000013AA000-memory.dmp

Filesize
1.2MB

Download
memory/2868-44-0x00000000016D0000-0x0000000001700000-memory.dmp

Filesize
192KB

Download
memory/2868-32-0x00000000009B0000-0x0000000000C79000-memory.dmp

Filesize
2.8MB

Download
memory/2868-31-0x0000000000280000-0x000000000033E000-memory.dmp

Filesize
760KB

Download
memory/2868-42-0x00000000014F0000-0x000000000158D000-memory.dmp

Filesize
628KB

Download
memory/2868-30-0x0000000000210000-0x000000000021A000-memory.dmp

Filesize
40KB

Download
memory/2868-41-0x00000000013E0000-0x00000000014EB000-memory.dmp

Filesize
1.0MB

Download
memory/2868-40-0x00000000013B0000-0x00000000013DB000-memory.dmp

Filesize
172KB

Download
memory/2868-37-0x00000000011E0000-0x000000000127B000-memory.dmp

Filesize
620KB

Download
memory/2868-36-0x0000000001140000-0x00000000011DE000-memory.dmp

Filesize
632KB

Download
memory/2868-35-0x0000000000D90000-0x0000000000F31000-memory.dmp

Filesize
1.6MB

Download
memory/2868-34-0x0000000000800000-0x00000000008AC000-memory.dmp

Filesize
688KB

Download
memory/2868-33-0x0000000000340000-0x00000000003D0000-memory.dmp

Filesize
576KB

Download
memory/3348-258-0x00007FFFEFD20000-0x00007FFFEFEDC000-memory.dmp

Filesize
1.7MB

Download
memory/3348-289-0x00007FFFFF4F0000-0x00007FFFFF51C000-memory.dmp

Filesize
176KB

Download
memory/3348-242-0x00007FFFFEF70000-0x00007FFFFEF9C000-memory.dmp

Filesize
176KB

Download
memory/3348-295-0x00007FFFEF520000-0x00007FFFEFAE6000-memory.dmp

Filesize
5.8MB

Download
memory/3348-240-0x00007FFFEE280000-0x00007FFFEE448000-memory.dmp

Filesize
1.8MB

Download
memory/3348-266-0x00007FFFF0CD0000-0x00007FFFF0D2E000-memory.dmp

Filesize
376KB

Download
memory/3348-260-0x00007FFFEF520000-0x00007FFFEFAE6000-memory.dmp

Filesize
5.8MB

Download
memory/3348-268-0x00007FFFFEF70000-0x00007FFFFEF9C000-memory.dmp

Filesize
176KB

Download
memory/3348-257-0x00007FFFFFB10000-0x00007FFFFFB26000-memory.dmp

Filesize
88KB

Download
memory/3348-241-0x00007FFFF19F0000-0x00007FFFF1A06000-memory.dmp

Filesize
88KB

Download
memory/3348-255-0x00007FF7934F0000-0x00007FF793D1D000-memory.dmp

Filesize
8.2MB

Download
memory/3348-259-0x00007FFFEFAF0000-0x00007FFFEFD1E000-memory.dmp

Filesize
2.2MB

Download
memory/3348-256-0x00007FFFFFB30000-0x00007FFFFFB54000-memory.dmp

Filesize
144KB

Download
memory/3348-271-0x00007FFFEE450000-0x00007FFFEE4E2000-memory.dmp

Filesize
584KB

Download
memory/3348-267-0x00007FFFEF380000-0x00007FFFEF517000-memory.dmp

Filesize
1.6MB

Download
memory/3348-272-0x00007FFFEED40000-0x00007FFFEF380000-memory.dmp

Filesize
6.2MB

Download
memory/3348-270-0x00007FFFFEB60000-0x00007FFFFEB84000-memory.dmp

Filesize
144KB

Download
memory/3348-281-0x00007FFFEDDB0000-0x00007FFFEDE74000-memory.dmp

Filesize
784KB

Download
memory/3348-285-0x00007FFFEDC20000-0x00007FFFEDC63000-memory.dmp

Filesize
268KB

Download
memory/3348-269-0x00007FFFF16D0000-0x00007FFFF1711000-memory.dmp

Filesize
260KB

Download
memory/3348-288-0x00007FFFEDA40000-0x00007FFFEDA74000-memory.dmp

Filesize
208KB

Download
memory/3348-287-0x00007FFFEDA80000-0x00007FFFEDAAC000-memory.dmp

Filesize
176KB

Download
memory/3348-286-0x00007FFFEDAB0000-0x00007FFFEDC15000-memory.dmp

Filesize
1.4MB

Download
memory/3348-284-0x00007FFFEDFB0000-0x00007FFFEE280000-memory.dmp

Filesize
2.8MB

Download
memory/3348-283-0x00007FFFEE280000-0x00007FFFEE448000-memory.dmp

Filesize
1.8MB

Download
memory/3348-282-0x00007FFFEDC70000-0x00007FFFEDDAD000-memory.dmp

Filesize
1.2MB

Download
memory/3348-280-0x00007FFFFF540000-0x00007FFFFF560000-memory.dmp

Filesize
128KB

Download
memory/3348-279-0x00007FFFFF560000-0x00007FFFFF577000-memory.dmp

Filesize
92KB

Download
memory/3348-278-0x00007FFFEDE80000-0x00007FFFEDFA3000-memory.dmp

Filesize
1.1MB

Download
memory/3348-273-0x00007FFFEE4F0000-0x00007FFFEED3C000-memory.dmp

Filesize
8.3MB

Download
memory/3348-277-0x00007FFFF19F0000-0x00007FFFF1A06000-memory.dmp

Filesize
88KB

Download
memory/3348-276-0x00007FFFF0C70000-0x00007FFFF0CCE000-memory.dmp

Filesize
376KB

Download
memory/3348-275-0x00007FFFF72F0000-0x00007FFFF730A000-memory.dmp

Filesize
104KB

Download
memory/3348-274-0x00007FFFFEF50000-0x00007FFFFEF61000-memory.dmp

Filesize
68KB

Download
memory/4968-231-0x0000000140000000-0x0000000140206000-memory.dmp

Filesize
2.0MB

Download
memory/4968-15-0x0000000140000000-0x0000000140206000-memory.dmp

Filesize
2.0MB

Download
memory/4968-17-0x00007FF8048F0000-0x00007FF8048FF000-memory.dmp

Filesize
60KB

Download
memory/4968-16-0x00007FF806160000-0x00007FF80616D000-memory.dmp

Filesize
52KB

Download
memory/4968-170-0x00007FF806160000-0x00007FF80616D000-memory.dmp

Filesize
52KB

Download
memory/4968-169-0x0000000140000000-0x0000000140206000-memory.dmp

Filesize
2.0MB

Download