Analysis Overview
Threat Level: Known bad
The file https://cheater.fun/hacks_roblox/ was found to be: Known bad.
Malicious Activity Summary
NanoCore
Executes dropped EXE
Loads dropped DLL
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-06 08:11
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-06 08:11
Reported
2024-08-06 08:15
Platform
win10-20240404-en
Max time kernel
200s
Max time network
197s
Command Line
Signatures
NanoCore
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
Loads dropped DLL
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133674055078262985" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0\0\MRUListEx = ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0\0\NodeSlot = "5" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\NodeSlot = "6" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0000000001000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0 = 64003100000000000659c54110004e414e4f434f7e3100004c0009000400efbe0659bc410659c5412e00000043ad010000000b000000000000000000000000000000a91c1f004e0061006e006f0043006f00720065002d006d00610069006e00000018000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\MRUListEx = ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 000000000200000001000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0\0 = 9e00310000000000c648257f10004e414e4f434f7e312e305f430000820009000400efbe0659c5410659c6412e000000af06000000000300000000000000000000000000000079fa2c004e0061006e006f0043006f0072006500200031002e0032002e0032002e0030005f0043007200610063006b0065006400200042007900200041006c00630061007400720061007a00330032003200320000001c000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 020000000000000001000000ffffffff | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0 = 64003100000000000659bc4110004e414e4f434f7e3100004c0009000400efbe0659bc410659bc412e0000007cac0100000009000000000000000000000000000000f27ffb004e0061006e006f0043006f00720065002d006d00610069006e00000018000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe110000002eb059e18986da019caad5e18986da012b48d3e18986da0114000000 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\0\0\0 | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cheater.fun/hacks_roblox/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa9de69758,0x7ffa9de69768,0x7ffa9de69778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2076 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2868 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4464 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3656 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4724 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3532 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4472 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5016 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4832 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4740 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6100 --field-trial-handle=1840,i,16502527717225563880,10638736772052408794,131072 /prefetch:2
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\" -an -ai#7zMap0:198:7zEvent18499
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe
"C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cheater.fun | udp |
| US | 172.67.72.33:443 | cheater.fun | tcp |
| US | 172.67.72.33:443 | cheater.fun | tcp |
| US | 8.8.8.8:53 | 33.72.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 104.18.18.62:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 62.18.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 216.58.214.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 142.251.39.97:443 | lh3.googleusercontent.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.39.251.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 104.18.18.62:443 | kit.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 215.124.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| NL | 172.217.23.206:443 | google.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.54.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 222.125.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | tcp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 195.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lazyshare.net | udp |
| US | 35.212.156.187:80 | lazyshare.net | tcp |
| N/A | 10.127.0.1:5351 | udp | |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1944_KOAECYROCBCXZABO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7b05e0b847b29aa302385fc2a2bb781c |
| SHA1 | 1db00d5655dd39a70f0c36432301b337c2fa68a4 |
| SHA256 | e491fc65e03daa9c78eac59eff5f1d65c57840a9b18ffa5b5089018385def80f |
| SHA512 | 46699fe33523f68e45d1194d5a64f7c76ec59ca2cd90fa7c087dd74a5e1b729eee84d91da66db2b2904f0c550daa78d692139f78d6b00abc70397811f6a45f7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7466b1062c96faa54bc582a864df34a0 |
| SHA1 | 2c75884dfeb3441ee8c6efb53e30120c6e77d8c3 |
| SHA256 | 401ed3596d5841de1ac6a40b600ff313b2defabf4b10dcc66e40f1f71fa05ecf |
| SHA512 | 1ffda00d47d76ca339d13659f6f595dbdb7bd27649d48006d9ad76147993e9b7da147f5cf329e3c57d14ae1cc8fb7e66ca5f2b941b2f39e15fab83e61d7ab8ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 795d55e5f6c41f67854411948b2e4fa6 |
| SHA1 | ddc9566d6bb2bee0ab590c532fbf6ad3854a4ed8 |
| SHA256 | 0b1a605481b3202ba192572cd4a32b6a89f1c2b1f6c47d48bf1842424dedf5c4 |
| SHA512 | 7b224a0493ac0c7f5a5a87eb774ed4387c24e84a337646c6277d8e9f34886f5b89a6bc1e6c34245d7e40ace536d0c6aeb1f429cfb18a0badcd13e0219c8f10f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 2f7fff23646a4f0623fb959e86878703 |
| SHA1 | 2feda6840517cd2701e601cc78bd10c1511208aa |
| SHA256 | affa1540650726f2589cceefbb977def4637ed3b7c8089e087ccc81042d6406d |
| SHA512 | 9a50e278d4af33d6af1bfbce649224e8b8a5f304a606a993925a897d0c6a1bc6fcf85c853b347ef78a3d56bcd176cdac7cb7486d0bef8eeadaf428745dbc28bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 6931123c52bee278b00ee54ae99f0ead |
| SHA1 | 6907e9544cd8b24f602d0a623cfe32fe9426f81f |
| SHA256 | c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935 |
| SHA512 | 40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae5e1c376a4d7d97f94e0302e577fea9 |
| SHA1 | 8e84e07a554d141edc76773896cb117f3e1d2ea9 |
| SHA256 | c0b09dc8d2b6fcddbd8f385d5c50f9694e5d823176095c940878fe52869c2d32 |
| SHA512 | 0ac3c3d7b348b3f4b6c499d6e29e2eec8c214469c936f380bf05b9f4e97d13e128e2dd41944f4e9b578e9d351ac90001319a95c4c593edb02d1bed40b36854fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 27a2057eb1366026b7f3e5adcbd3f234 |
| SHA1 | 57af7311871208eb154595c98bcf3af7410e9369 |
| SHA256 | 80c25d8437d554ce8265ae7df807d81734cf89532cf487f07ac93a180bfd95a4 |
| SHA512 | 22a5a024fab33cadd2601c87c1a051e73252c897892ebd9dfc2c72fad0d79f80b72bf491e6a8963516f7a6fc7b2dae8af63ab37f54acf51c4321c01af1bee7aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2be0548cc84968a051c7ce1258fb6f4e |
| SHA1 | f3a337ad45218d724e27a2415ff0cc2ad326eeb9 |
| SHA256 | e5eb881a99cabebc47300135b04511601b76c79ada091b9ddc0c9229e6c9fc04 |
| SHA512 | bff61b4fbd4a93613ab41fc878a8cad1d9b9503581174d5f8bca6aed459e24af45f1a34cf21b33f566df84274ee0f8c4ab07454f533e392261d0a5e9e9b43985 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e685830afd40508d20bbec2562e9004 |
| SHA1 | ab13ac3a66fda712f70f10cb121895d3e665c1f6 |
| SHA256 | ff646a68f9116c8fa2ecd5ecf3747c162c0970c91a717b2d51fac0b6b849f3ac |
| SHA512 | 8eaafe336781a5fd696f653a1a6a190ccc9cff9dba897442a175fe1d5760ca0025096c0902ec2d209996eb95d24986854fc0663364a4913d6adee6f818188535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0a9b306eac3819f32f784ccb35e208b3 |
| SHA1 | 556e4f7d69558f3b4e602b869a4b30d5b2c19c77 |
| SHA256 | 6e687c36a571fa7266e12047490b5d36ecad93db209229efd250e50a62a81210 |
| SHA512 | e2cec2c30fec90993ec03c0b407dda541f73becb2d6e99b06f343bf68e9b29a137e62208866272bf1881ba1344fdab1bc79a4ff0f272eca88101966e3d02f816 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fbd35365a1b6996b2713f269afd65bc2 |
| SHA1 | 3ed3de3f8a2c2847e4f6485054ad098de8020127 |
| SHA256 | b61c8ef6c6904f95fe61c3ede63a7ac86398ccc761bbdaab6db41982a77872cb |
| SHA512 | d2789eac9fb418318ffedad37dcad8a17a30862c13664959d111d135dd7ebee7f4727d7a010f1256e07612095204350ac292a8986eeec57285e9c3610f312f8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5a029716ad28225787682c35c65f7c29 |
| SHA1 | 7da5191b17878928f484691fea50968afd37e6d3 |
| SHA256 | 53a3bb7b8348f6129c3816c26feec4e94bba4c6fc805ce522c88665e2220f72d |
| SHA512 | 85c2a119784c2089738577673d9697aebc084634a8acc2c187fe75c9273f2af1cf487c611349b782be3397b8b6bf8461d3c4a57949b68300d156265b1010f14c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3f88f821cc649dff90005852082fa6c0 |
| SHA1 | 8b92d2c2b241b91fb818cf664a1afc8263c36070 |
| SHA256 | 52996e9682f990a172da30bee24d559e6a6537b77a6099d8cbfb79884cb876d1 |
| SHA512 | 9d64d8ed6d6adcbf09bc943569bb25d3b710c077f7585b73ee2928f74b3fd18098dfa75cdfb8441ef2ecd2aff9392640945d9f6ce31c7bd805f8154feb14c7e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7502f3092fab05b451326bf2419f7ce4 |
| SHA1 | 3dbdabe38c864a1f12241622bc9b01a321691f8e |
| SHA256 | 133f3e4f79b1a6dbbc571adcc5ddefef83740ede23e2fb082fc62e535c1c2eb5 |
| SHA512 | a1abd6ec83274f32099f8a618d5a7183c86697172509ca3fd8194750c4604d49e5bc75e5973aa6a4c6c76fa8a91d0c009dda43e899a1c2c5428394b69bba8aad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6e94c38e85cab6d1d033a10cd819ed01 |
| SHA1 | f38d8e9480ba2183ccd54ab17182f241ad9eb244 |
| SHA256 | d91ec51e80a506e269f86023d4bc2d5a7f3180fe5adc6fadb0a030ffcd4177fb |
| SHA512 | 4fb8514fc5acd817066cff11c5218c19d3c6abd89a0255ca3e36b11750f55a26c05d1c65047323b9cdffb9cc30c7648c02b7a7b88b26367787d737d7ef9c9074 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58b002.TMP
| MD5 | ea8466000baa5f9c2f761f017cfd6a24 |
| SHA1 | 47c40482c1225ed946e4c61312b43f95e7466218 |
| SHA256 | 0a062d8b241d22175894cf94a59f2d8a47777bb299557686e2624d812d85848e |
| SHA512 | a6e140bca932485e53f08de34ea0a2f938beda4aaad1e039622d600c3520dea14c1f93b0872f6d63abc17a7d775a1ba2c27bcafc507fefbb5e6379cebb281a4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 303189e0e866a2c0e7f02951b5d17e2c |
| SHA1 | 3b9dbc326551ad33885d0c5dcef7032c9035f594 |
| SHA256 | 34da6b2ad7a3602ac99dbd5ed69ec1a40b41932a2122856b659d84b7f7ad4c62 |
| SHA512 | 1d8319596f70c4ce9d5523536e51b7c0cef02293c625c28e04418644d2f674803c7c0baee01222a0f5ff28d252b3d810f66dec73e9adc3aa53a0c7b4c26bc4a0 |
C:\Users\Admin\Downloads\NanoCore-main.zip.crdownload
| MD5 | d959bc04c57bab80ceb182ee42522f90 |
| SHA1 | 8528fdcaa5456a2ce0c0d8842761d69529a8cdd2 |
| SHA256 | efadedfc9c786183024fc058a6ea83c2a219d04100fbde03559ddc05807fda0e |
| SHA512 | 85efe033c53a3408514feb7482ba744976ff207b1a57ffeba40cc99c6fc1b16b9feccf023b970d96af6e6a564c5bf3e386fc5ab8af538a3764cf67937bddfa72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | da713b635d18866dc2f16256305d3eea |
| SHA1 | 9865e6afbe8e341949d3ee7bcd66426ebbf6abc4 |
| SHA256 | 706b9c158d54af81ccec6c726870404e46d20fce48ce7696b99c4a1486b64fbd |
| SHA512 | 6fc1424eb0ac550c559f807342c3da9814f4f90779cc42ae3ec784e63c0efd6328159331572962199dfb416be3cf2b7147c65bf7bc52ce4b5a6b682877f5b0bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5c3414ecda8fa52ce346f7707014d964 |
| SHA1 | 53149bfc286997b7304b01992c951429c32f9003 |
| SHA256 | 5322b6fdd68173bac2f79ed395344888b868358d3d0bebb91b6aa98f5f14bcea |
| SHA512 | d063c06e7b6160fd076c05723a98d2eb725437e956902f7b442cb3f9a932dd359e5f0836f7532fc1b34ff54c3dfef601eccf628265dd531a84276ccc93343da7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 7efc1a14b4260192f04962d6c0bf4d89 |
| SHA1 | ac23987adb4868cce85cedfd73c9d6c40ff74cfb |
| SHA256 | 36d3631b5c06c31cea3ce4e2a8543fa286d4d6c6c0abdc1fc97dedb549578363 |
| SHA512 | d9e88713de2e559536bb90b613a517514c3738d48fbf91474a182ec09ab9f64a59def6f0b3e9ab6a80356fdc3a34033fa01b7c9a715b7cdc172335481fa7b5c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3946714a19722a1437a68f29ed299b45 |
| SHA1 | c05121afdb700b6b34cb1c9dba20ebba466c3f12 |
| SHA256 | b42c2f03a5874e4d61306f3026df5c98d92fe644ad5e04140f55f96df68f5688 |
| SHA512 | e787f18c954ce66677d6f360b1902adf10acd359530e3acc5cd090e67958770bcddab19a3dea36530d3a6ac28671b020523fa506ce68cd352b35b89e326617e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 71ef445941523d67bb47f84347618c4b |
| SHA1 | 2a3a0444f549b97656aa420c7ad01898ae768674 |
| SHA256 | 3bf56489395e0b8ea89d670ca619763007b8c75eca7eaabd144236ae299ec085 |
| SHA512 | 14738a89eea2a1d6bec44a09cd1f7dc64440e332e6c387368e5ea5a6b7b7063ea4ef25118c1a0743cf6401d8e1a4c3e799784278f1c3aa1af497752f540cf306 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | de0c805126f78ebd5620c0edfed649fa |
| SHA1 | b810a5018a6493b1f66042f7330b66e34a2f3f2e |
| SHA256 | f90420af1b1dc07b5bb7ab5f4789949f2fe889b40ffeff38745a605791b59e94 |
| SHA512 | 3d1707e29d432637d868efed65a7747e6d0b4783bc9efaae4f895e8b851cedf27fde013c585076afebf17ee351544a20c9e0528dd243496c5465335ea23e0bce |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\ListIcons\flag_aq.png
| MD5 | b841c2ebdca6bb23c15c98da4aa671d7 |
| SHA1 | 42f562132fe6e9a5029247a2b9666395dd5ad9b0 |
| SHA256 | b668f1a313e57c97a5abd0212631ea6211aace15b10f1ca82484f23f7d6924b5 |
| SHA512 | e093c2c454e8ceb318df0629f5f7e8494213e69caef640dd4554f3c250029e8a06b4c5add9c13e457f901c3d328738b66db524a8404617e486fd8c564dd04c90 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\ListIcons\flag_cx.png
| MD5 | fbf02dad6f60392ce777d006d5762248 |
| SHA1 | f9d95e6e5e25b83953e4f898bf99636d85511709 |
| SHA256 | 45203a04468ff78fb3434f46799ca630172e04f97c566f8e143539a80c48bfc5 |
| SHA512 | 9f5b7b5399cb7c8b41cda202eac5a344524f135fd2e32a5f312917c7684ee13a94976984154355297bb31fd06435efe91456e189bb5f1c9d6010dfad01415b4f |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\ListIcons\flag_gp.png
| MD5 | 5ac0d15234533136bf6ec230686a4aa5 |
| SHA1 | 2f208a8baf30d13aa23382d3821cc73c4aa466f0 |
| SHA256 | 5cceb033c0262b5905f88d5905777471e9f1b0b0d9cb857f2361e88ada73610d |
| SHA512 | d6215183f13e36a268b849056fe1479ebd36eab4b6f175cbdd3a4ecd4ba4df7734189a2f9e9d69ee344ca63baf2c9ef10f62663cc721e9c9c59775d5e84e2268 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\ListIcons\flag_sj.png
| MD5 | 4f82c2e83eab05d2bd9baaeff6c81a96 |
| SHA1 | e1cd3981d14653bf5df976ece649120134e88546 |
| SHA256 | 15493361692068154ac1b1baf8878c179b353996dcda4d63e0322ea37f998f9b |
| SHA512 | b69030fffb689094952eb472b272e1d18b40d0f11e3bba647c9b01226ccf072d276cc31ce3a1ffcbc84c5de82bedfe7fc2466fb060ff50e528f7c258179e626d |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\NanoCore.exe
| MD5 | 1728acc244115cbafd3b810277d2e321 |
| SHA1 | be64732f46c8a26a5bbf9d7f69c7f031b2c5180b |
| SHA256 | ec359f50ca15395f273899c0ff7c0cd87ab5c2e23fdcfc6c72fedc0097161d4b |
| SHA512 | 8c59fdd29181f28e5698de78adf63934632e644a87088400f1b7ab1653622e4bc3a4145094601211a2db4bcbd04ea5f1ac44129907fbb727fe24a1f3652c7034 |
\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\ServerPlugin.dll
| MD5 | 952c62ec830c63380beb72ad923d35dc |
| SHA1 | 6700baa1fb1877129e79402dfe237f0b84221b69 |
| SHA256 | 2e5fbfb7932b117a2f6093dc346cdee4a5702e39739d9c40d27bfd1580f6f0d7 |
| SHA512 | 5dc19d7d6ab7670ded766f357e481328c8df4a96ac3c2a00194a5ccea8c34bca0e34cfea3d9d17934db384d302446be2fec9853438371561d70580665bffe121 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\builder.log
| MD5 | 0061a98407086fb3106b61fe5d0fbb27 |
| SHA1 | c5882467e947fa1cab30dd45fe337b23bce1712a |
| SHA256 | 054dbc3e14992bea750e1f366c16f6b0c861bc9db2617be91cbf7306fd25219a |
| SHA512 | b4e0f10067b2a5b7865b404c63be1c93cbda482ed3d20e618ede411fe7f9bc177792d0ab0bb7c13730809f9630ba5160f485a38590096ba8cb8104ab189f2c9d |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\server.log
| MD5 | ac6285562e5e3e4e98feb7fe8df884a4 |
| SHA1 | 4b7fc4ea7c39b95efa7d4e1d68b9b3994c38683b |
| SHA256 | 51d9e422386e5e64eadc212bff06b33c2a163bfe355ce98d756ce00afd76ae2a |
| SHA512 | 6db244bf0e1948626e64b2b8636b9bf71fa4b2bbe5e7c4877a444da00bcc7964efa9f01f6e4c90963961a3a8bdb3bb8ff7d28660596e6f468b53313ab5e3453b |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\settings.bin
| MD5 | daa76574a834b950a015d191e410c400 |
| SHA1 | c93dae186bb23e7fc052b6cbc4626c58bc0f60a5 |
| SHA256 | c4c2bb97d9abf6e224897855a0f6699d8f886ca816811ea5bfeb8e71d72b7d4f |
| SHA512 | 9cd119d3f55a172036fd625738c3ebcd45b534255da36c208b594605eca32a58470ea4d0493026d160e062806d015cd878c44521e2450247eb5a8ae203a8fe6f |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\System.Data.SQLite.dll
| MD5 | dd3d6f00b1aba3f1d9338d9727ab5f17 |
| SHA1 | faf9364a7ab15f27c93a6e6f97fa025030c9dad7 |
| SHA256 | f0d4beab24e94e61f219df451d90dbba3d0f48539f9b6a448f91e0c94b4e80c4 |
| SHA512 | 0794d850a133a98affe627e3023114b229b982e507d366895ece6a1ef99b42d708554c64b52f0f2ed63673e1c5aeea7e794085d45f0797159e21ba4efdf23cd7 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\x86\SQLite.Interop.dll
| MD5 | 9b19dcee960dc215e64b1d82348707a9 |
| SHA1 | 9c1e0f76673eb385787120e17404df179316ca2b |
| SHA256 | 3515f704b0012c01fc8be5b717905c0587b29255fc9eb7ad3f2b66a130691d38 |
| SHA512 | cc1304ab171feb2ac6df941f4b35aab8ce7b503f96b5539b366b39268cce8b21ea2fdbce16eff809a9a121a60a65ebbd0f59f75360800f541b9e5f93e729a55d |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Databases\main.sqlite
| MD5 | ea522fc387e8e1c1c65e946c9118e2c7 |
| SHA1 | 0d3fe3c0f59b651f4b9210ec4d7324e7686b5a21 |
| SHA256 | ae429dbfca9416cfc6832aed1190fa7b9eb90127328136a249de024349fd3b3b |
| SHA512 | 52161556c3d3a1e12fe8de217aab806ac8e8e47135d57f057c257d16576ec08b13bc37aeb7f7234042d89d6deb594a635e0764675f4e04f7abb94836fac1d921 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\client.bin
| MD5 | 906a949e34472f99ba683eff21907231 |
| SHA1 | 7c5a57af209597fa6c6bce7d1a8016b936d3b0b6 |
| SHA256 | 9d3ea5af7dc261bf93c76f55d702a315aa22fb241e4207dc86cd834c262245c8 |
| SHA512 | 29fd20ae7f1b8bac831c0bb85da4325a62e10961989e14299f5f50776c8f7e669cc1527bf2c3868bd7230e73ac110ba8b1f0491ac0f2923d79d7a2871c7c961d |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\TabIcons\home.png
| MD5 | 0a482ce7f891fe7a64118bbb34a34b9c |
| SHA1 | 2aba3c06942273aebc5e616602620e4b2526ebe7 |
| SHA256 | 76d3e6c51702b37227b73a4f84771e44d7c1a8551b4c1fdd90e341f03a805346 |
| SHA512 | 0e900eff9109ac2f32137d9d18993a29ed6065299ef96554f2288128fe07d1e8db1a0dac29b39b0eb05bb8a9bdca5f083da8e25dec3c880ef155401fd649107b |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\TabIcons\clients.png
| MD5 | 0331dbac2291c05d567461b58654d350 |
| SHA1 | 1f89cdf7199983e788fd1f22b873ab9b0500952d |
| SHA256 | 8d1339e002540de132326aeb1d17c66a9a60b0af7e3daca9bc40df17e9c96542 |
| SHA512 | 2d12a85226a21670c49038e4347b39227b8d8bca07b8eb66f2adae0ccf1135270f5ba5f16a40bf526477c70c00c1ca572bfb973306e6eb8dd057600de38da161 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\TabIcons\network.png
| MD5 | 48780574121d519661c2e0bc51b25b68 |
| SHA1 | 89d8d5e42fbae3d95c8036c1738656b8e6343091 |
| SHA256 | 28f4c682d85fb4ef531a71b7fed8f0d7ef548f1126da378aaf60349219a681d6 |
| SHA512 | 7f0d9b6e18b812350b9d57439069ebb9140365830ea6fa247527f793cc58271ed7743c514d7488f026064b6d44afaf93717192bcff3ea8a3b501f2bf7718ff30 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\TabIcons\system.png
| MD5 | 9993c66f33d16d11e701abbabf5a5db8 |
| SHA1 | 415a0069f21dc5fcbb7bdaa7f17a679eb18e6b1e |
| SHA256 | 24c4edf86254f9e2359508909ba52dd683e1f6af0d8c1a52f875c472fc73bd40 |
| SHA512 | 7a3f0546f4fb12e72fd774f5c4446e8bcc2a26c762aad91675c3bc10931c1c0ac2c40d66a25afd0a376ab665427164367c1cf398c22811eedf88c90ce51a23e7 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Resources\TabIcons\builder.png
| MD5 | d2d498dc06990b948ef42c479c4c1f94 |
| SHA1 | eb380e6d156f5cc2ab28baa5add2ba8acda088b3 |
| SHA256 | ce8e344d1975972fa3f1b54383ab01cf522217e83b4e01f5c5b8563641bf6550 |
| SHA512 | fd9f99b7489507d8208432847085507e5d1823f1eed5d3c7e644c59bc5e5b36d8705d4add01a0c291240029458b25d72894fc05efede8b795bb6872e1e5f9ef9 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\plugins.bin
| MD5 | 5e709fc806e8ba3385487699004f6d29 |
| SHA1 | 2f32547ed5b9db3b33969fb4858945610aaeedb2 |
| SHA256 | 9ecbf989dedf1403db953fb4e5955c9f63415cbe1f6492c3246bac405a4d036f |
| SHA512 | a6706c9f76d837a7e0ab12e3c1c6d94fedde9dc52d4fecd02befd8850752155e2bf801cdf0488a98e49c50c4f0595a3fc4916950badba9bb83a5b7a35d3ffaab |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\CorePlugin.ncp
| MD5 | 7914e7302f72d330aa5f6c5c8c26df43 |
| SHA1 | 8c411f3fe5297a78cb018539b44df87c0a51606a |
| SHA256 | f66985518b1e56a04f512d110f5b79f21ed91cbcbf6bd3e17eba3dcdfb85f9b5 |
| SHA512 | 8959843f282162ff0c59d890d04012c4f62dc36058aa7095d708a97a34313082cd4ca5ea5df5623cd2d6b8b91c527297168cab08ec59c1ec48fafac5983ad012 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\DucPlugin.ncp
| MD5 | 5eca68a8368e0e144b7016e30b85515c |
| SHA1 | 0ba48b49974156e5746958aeeb1c2a26c916b3be |
| SHA256 | e2ce89b3e68b003cb27e2c5652ccba073c8938bef194e51830539b2464a3f676 |
| SHA512 | ea1d1363fb072a5c646ce070184855588124be42392dc492ce86c88fe93eae78e23f5de4f2df75fb5b0e8d67bf08ff192dd163ed3c62a1ccfb0b8436ae1df644 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoBrowser.ncp
| MD5 | 8b13fdc96af0a84c152f5a601dcc6b06 |
| SHA1 | 1250db70fda8a2c32f37bbdc5638074c6dc171a7 |
| SHA256 | 997c41b05150480bcfae9abb3132fc807f6c6b511b810b554fdb5aedf89f5db0 |
| SHA512 | 536d4e1b9e7c95ebac762d0a438106a5409c69e990940d3411709364783f957015d4a5dc0651b33591e37dcda8549e689a87b853e32f3ad065391a2d8190a552 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NetworkPlugin.ncp
| MD5 | 70e5b02349742a550fbfcfb5bb78c906 |
| SHA1 | 2319b68398af74fe08b6a3a7d6943cf700240a4e |
| SHA256 | 160030b8444b6fa86775a11d1be35df6a75252070fc5661055884d3f8b07296d |
| SHA512 | bbb5d2fd6eff637da303a4ab2fdb02f781619ffe25c5795c5b9e514214227717771a98ce6c3becc87b29c15303ac4373ee3847060ad5755a2455362e6e26932b |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoStress.ncp
| MD5 | ba6f59df971d6db7a8951edbd5d6691b |
| SHA1 | ed766de1fb4ab0889b3fbc8127f1393eb3cddc15 |
| SHA256 | 6b33a572e019266749a3e04966e2c57822e247c5197f6f9bd6a4bb8792633581 |
| SHA512 | bbd50d7cb2b2799055b8864da3d3d6037bbac41312ce8582c4627611ef856ae38ecff67dc4223e236d1b555bf02a7c0c7284a76ab90007621a2f2997b6bc5dd2 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoProtectPlugin.ncp
| MD5 | e51af633e5f5f4a817a54773fb90d337 |
| SHA1 | 0cb8a7965f9f042954b1f318ea1026b76e12f8e0 |
| SHA256 | b37602dbb924bb94df0d9745d13fcace8a6642397fb738fbe02a88f667f3ab66 |
| SHA512 | 6454305121597073d4ea2b8f57a4bb4a4fe7fafbd05336c91265534faea5a5cdec7504c1329ea0c8cb344a4f32d59c60af5348dfd89375876ae95ee2c15f0c14 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoNana.ncp
| MD5 | c5d40b767bd6b97f88ccce13956d0ad8 |
| SHA1 | ef7f7fdd9d5ea0b55ffbb17c171ee6a46b347100 |
| SHA256 | a3c39444ac74bb91f14f3f2ae6918d9b1d368268e137aca310450fefbc8983aa |
| SHA512 | 3fcb5a6afdc7de59bac645d8b4dc6368b0405a51985ff86c95fc8cd579bd59bc423cab940dc0ab3de9a0cd0d9e04dad82e380ef18030330d72b2e72936a95ee1 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoCoreSwiss.ncp
| MD5 | fcb5afd01e75aca8ed9fbd35a46e54f3 |
| SHA1 | 94b69f8612d31fc0698089d5e08aea1cafea52e7 |
| SHA256 | bf0386f6e9b4a35fefe5fe917e2be7c64867efe24521f18e4567f8af5f6dd5e5 |
| SHA512 | b587dd23eaea6de486c30864908f8603451c459153cd21b86a5e43bb9c2cca7cbc015daf620808fad76a4d56bbc4e57e127059c8e73be6c85bf958781c1343fe |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\MultiCore.ncp
| MD5 | becb82e1e914e906be158e3f9dd658ac |
| SHA1 | 725d3d658680ca8dcb610d998db4b28733b5ee52 |
| SHA256 | 5494adf651fc64e3aa6c08e38165d8dbfec52056cdf4fadae90b76b0e6816a33 |
| SHA512 | 1d67e7d5686ea225262501afb572bec23e35bbd33c660a57e84b9cad7adfadbe457b128af0059ac705d53c6b65798f5525fe4ed3c16537b0c085414cdca74174 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\ManagementPlugin.ncp
| MD5 | b612c2c9a6d361a5db14c04ba126119c |
| SHA1 | d2b29e235b0f45242088b78313438bdfd51209dc |
| SHA256 | b86fe4e126a9748a383a34d615b9598c715f2380c0aad957495c66923902026c |
| SHA512 | 194d4688935235f3ca686868c9ff53c7945d4e076d4a51fdcbc254bfa1461494766480794c65715bce314256c7cc5268bd6547c937984d3010f54f5a3db4ba9c |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\SecurityPlugin.ncp
| MD5 | 44bd68199bb393d0eeb7ae83b56d9b9f |
| SHA1 | c6cfa069a17ace16c651a11945bd54f4ca6193d1 |
| SHA256 | 25b1b0836838740d394cd35eaefc660e9eabeb611a701a451eb1119f6427fc12 |
| SHA512 | a02b82e40f66dc925de3324c03e8a0a497bfdb6ed44549001efbf86f2e5381aaf9259978908cce9ecc7798f083d3691f007b207ea301a9dc73f2430662146bb4 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\MiscTools.ncp
| MD5 | 78e3006fc6468eb7dfc7761072b84ac6 |
| SHA1 | e46cae768d2754f48a29b7e424a9bddf0d67bcd8 |
| SHA256 | 3a3a3b105eefb45e3b70cc1592e484df02df7020d5154e8c2e5d7d439e295e46 |
| SHA512 | 0daa1cc9ddae70f442ee5eed784523dc1378b9d095edfaec1df95e02f00d09b461d60ee180f716f7ba755543ef7b0c87d791a454cf254dde0033b8615b2841e8 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\SurveillanceExPlugin.ncp
| MD5 | 195fbe66986564288c3285935fe87b27 |
| SHA1 | 2fe84fbbf109b3e4c7c63b414689021ba847b568 |
| SHA256 | a2ce9ed783b26d01d58e07b9c97bcfecace9ced72960cf3ecf471fbd008afbae |
| SHA512 | 552161e555d07fdf7062a4c0d3738819b13ad4c9a5c54f09db48dccf6faf49b014eb043037500abdac7af0210ed118c5232d8d54be367d8a4caccfae7904332e |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\SurveillancePlugin.ncp
| MD5 | ed3edf12bac989d1dd6edf7146feb805 |
| SHA1 | 776a667bf2341b43e199c3601856ac223b86d221 |
| SHA256 | 3301f9fd4700458a18589956fd2bb6e5101b15c14f52d5e079ae1c3a008da040 |
| SHA512 | e6873a5d1caada8954907bdb3120aa2c60a4137fb9d04abdbb74ade58f35ada1ff87a447cf6a35f5798dbd0e1e0ed813d62e34d98de8d6402b6432746aa80413 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\AIO.ncp
| MD5 | 60c274ccb344da9e3d77449f6068d253 |
| SHA1 | ab25eddf3ddb61ef52104a01e5c9b8a23451c764 |
| SHA256 | 0a59aaee013c57f3b6190d683160d88ca1c5868565cbf5acbb7b17d3e925c602 |
| SHA512 | 9600d852b56557f31a5a18a6aa2cb76cf4fabf36ae32bbeccf82677f64737542234e2fb06ac8d917f9839120320b7db212d76e8dea24445f13096d86a474b9c9 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\ToolsPlugin.ncp
| MD5 | 699eb468e7d6bee9c429923b5b477545 |
| SHA1 | 80bc420c3e441c9b9c3813ac05ea9e168cca1e3a |
| SHA256 | d753bc28d842e44ffbf6cf99314febe5ed7759b25a74ca34a47fdd153bf2a6ab |
| SHA512 | 5d82a98e918ea3eb024dbb7552e5cdecc317b49635a5789029e7a0035d2f0cb2a3c47ef53e603217afd17d6f59fc78a918e2e5f70266119c619e41b3b647aac9 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\NanoBlack.ncp
| MD5 | 794ab16c092ebf2b1d812d6cce158537 |
| SHA1 | 6dd9edd26b50265d5af4642f9d1f1f8703a44805 |
| SHA256 | 7919b7998d6b359d7cb700018dc2d69ff6ffb45bd01c9c190b98fb4c9ff4beab |
| SHA512 | e639bb0f7d309344c45ddff3d7f91212b3c6a9db6970d06db35f6bac228b389ed8c32dbda75ae23ad1359bb60f678b0b891caa3ed07245aaad21dcb3ea4a5347 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\Plugins\VisibleMode1.1.ncp
| MD5 | 37c2ef6e5214600396ee87c4168a5664 |
| SHA1 | 69b6e1f612f5a3435fab05074cffd3ebd1c232fa |
| SHA256 | 4a8d45e13a38c502a3109d2ea17a81905fb9eabbf643ae611b62f62ef11f09b2 |
| SHA512 | 667ad370f48470d60dbd437b0601eb05de421ab59b281adcf9c6f54b9c6fd272d3aa34c35e7e6df889771dc5fbdfa9bc683a4bf156727827595edf6eb2fe8cab |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\public.bin
| MD5 | 602d0cc4e7246f8a3b8a5ee9c7fabe30 |
| SHA1 | e9ecc8f782cf27ae68339b0cdfd0f79c69aa4afc |
| SHA256 | 6de29ee3e660fd3ab419f568fcf65f8418484eb43d5bfcdbfac5d456fd8488f2 |
| SHA512 | ccaf306f4e4b4ee7de6a62954bbebcb52d131da49912d2d6ad39d07012dffe66ec6109dfbd5fbfd166e98e7bcb2c564b75eda0a2eda2ee815f71db5986506f43 |
C:\Users\Admin\Downloads\NanoCore-main\NanoCore-main\NanoCore 1.2.2.0_Cracked By Alcatraz3222\ClientPlugin.dll
| MD5 | bdc8945f1d799c845408522e372d1dbd |
| SHA1 | 874b7c3c97cc5b13b9dd172fec5a54bc1f258005 |
| SHA256 | 61e9d5c0727665e9ef3f328141397be47c65ed11ab621c644b5bbf1d67138403 |
| SHA512 | 4fa0ed4ef66e4c442f5fc628e8bfc8a4f84cb213210643996d9387027edb619c054f6104ac889ae77cece09f0304f95d5f20e14d66847e2d382ef51eecec0962 |
C:\Users\Admin\Desktop\test.exe
| MD5 | ec583bd5dfa3bcc769359c47b1220df9 |
| SHA1 | d127f79e21477d8b7b0a819f168c0224117d9db8 |
| SHA256 | e0739abff13e23f21391e43a50c2ebc1b0d561bfe808cbba0eb71f18cb21cae0 |
| SHA512 | e9683efafa165c9ca243d8bdcd6519b5d243195e46745aa1ad56669adc41873ebc5c747df494c1e161f0782d74a70ba80664e2665bc21dd58d801ebda0bbe7c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 47bc50e3c43cbdd1a7fb492d6a100e85 |
| SHA1 | 0123790d161b1dc2716ab48a3443584470c515af |
| SHA256 | 6a9db031404a6cfb5990ba7f4876e58afcfb94a464d1805a627c7969d15abb78 |
| SHA512 | bf8c26e5b5635652432cfc8a3120bb8180bbf4bf5c753a90a2e2b121e8dff708de783f78145283ee0acdcb02a1654f527d80b219116e9ddefb72417bc0be9b4f |