942eac71508e78e453a97cf39154d8f36c8f0c37a9facaa3c3190466d02ae426

Resubmissions

01-09-2024 20:43

240901-zhrxqs1hpa 10

01-09-2024 20:30

240901-zalqra1fqd 7

01-09-2024 20:06

240901-yvmm4s1cmc 7

Analysis

max time kernel
120s
max time network
116s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
01-09-2024 20:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Cozy Setup.exe
Size

75.0MB
MD5

068eaf8b3b110ee23dc4fef1a869cb23
SHA1

18c4481f160a58fd4ea0e26af83cc6bdf14ef4c8
SHA256

942eac71508e78e453a97cf39154d8f36c8f0c37a9facaa3c3190466d02ae426
SHA512

73d7e9b89430a5e738639b3f95b94494c0b35c9e764920cce4b3eb55a0211988f035664d3407e27f0d9da3a63cc824df939a3b83625aaf28f16c06fb35996971
SSDEEP

1572864:kRu/x6vSa4mq+it03SZurRov2WS0SJwyQPYymwjrujiHR:kRx6r+2srWW19QP/jrujix

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 4 IoCs

Processes:

COZY.exeCOZY.exeCOZY.exeCOZY.exe

pid	Process
1500	COZY.exe
2404	COZY.exe
2968	COZY.exe
2592	COZY.exe

Loads dropped DLL 15 IoCs

Processes:

Cozy Setup.exeCOZY.exeCOZY.exeCOZY.exeCOZY.exe

pid	Process
3424	Cozy Setup.exe
3424	Cozy Setup.exe
3424	Cozy Setup.exe
3424	Cozy Setup.exe
3424	Cozy Setup.exe
3424	Cozy Setup.exe
3424	Cozy Setup.exe
1500	COZY.exe
2404	COZY.exe
2404	COZY.exe
2404	COZY.exe
2404	COZY.exe
2404	COZY.exe
2968	COZY.exe
2592	COZY.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

Processes:

COZY.exe

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	COZY.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

Cozy Setup.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Cozy Setup.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

Cozy Setup.exe

pid	Process
3424	Cozy Setup.exe
3424	Cozy Setup.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

Cozy Setup.exeCOZY.exe

description	pid	Process
Token: SeSecurityPrivilege	3424	Cozy Setup.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe
Token: SeCreatePagefilePrivilege	1500	COZY.exe
Token: SeShutdownPrivilege	1500	COZY.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

COZY.exe

description	pid	Process	procid_target
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2404	1500	COZY.exe	87
PID 1500 wrote to memory of 2968	1500	COZY.exe	88
PID 1500 wrote to memory of 2968	1500	COZY.exe	88
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89
PID 1500 wrote to memory of 2592	1500	COZY.exe	89

C:\Users\Admin\AppData\Local\Temp\Cozy Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Cozy Setup.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:3424

C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe
"C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1500
- C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe
  "C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Cozy_World" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1736,i,6399605198420499392,11752879385498168709,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1728 /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2404
- C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe
  "C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Cozy_World" --field-trial-handle=2184,i,6399605198420499392,11752879385498168709,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:11
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2968
- C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe
  "C:\Users\Admin\AppData\Local\Programs\Cozy_World\COZY.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Cozy_World" --app-path="C:\Users\Admin\AppData\Local\Programs\Cozy_World\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=2352,i,6399605198420499392,11752879385498168709,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2348 /prefetch:1
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Programs\Cozy_World\chrome_100_percent.pak

Filesize
148KB

MD5
cb4f128469cd84711ed1c9c02212c7a8

SHA1
8ae60303be80b74163d5c4132de4a465a1eafc52

SHA256
7dd5485def22a53c0635efdf8ae900f147ec8c8a22b9ed71c24668075dd605d3

SHA512
0f0febe4ee321eb09d6a841fe3460d1f5b657b449058653111e7d0f7a9f36620b3d30369e367235948529409a6ce0ce625aede0c61b60926dec4d2c308306277

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\LICENSE.electron.txt

Filesize
1KB

MD5
4d42118d35941e0f664dddbd83f633c5

SHA1
2b21ec5f20fe961d15f2b58efb1368e66d202e5c

SHA256
5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d

SHA512
3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\LICENSES.chromium.html

Filesize
9.0MB

MD5
aaea51a605688fcb2f178fd60e4ca64c

SHA1
69d4791bf3cfedb68bc4d8f766878103578171cb

SHA256
96837a4a521a61bd3d34f2f660e29902d228aaec501eeb2a84403f1926c3df9d

SHA512
d328bf2f9ff7372a716a09e5882b9e3c0051b0135412b3258453085db1de2c7699c8aae24edfaca7798f468802db975977c9976e19fca84fffe884bf8594c33e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\chrome_200_percent.pak

Filesize
223KB

MD5
e9c1423fe5d139a4c88ba8b107573536

SHA1
46d3efe892044761f19844c4c4b8f9576f9ca43e

SHA256
2408969599d3953aae2fb36008e4d0711e30d0bc86fb4d03f8b0577d43c649fa

SHA512
abf8d4341c6de9c722168d0a9cf7d9bac5f491e1c9bedfe10b69096dcc2ef2cd08ff4d0e7c9b499c9d1f45fdb053eafc31add39d13c8287760f9304af0727bf4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\d3dcompiler_47.dll

Filesize
4.7MB

MD5
a7b7470c347f84365ffe1b2072b4f95c

SHA1
57a96f6fb326ba65b7f7016242132b3f9464c7a3

SHA256
af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a

SHA512
83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\ffmpeg.dll

Filesize
2.6MB

MD5
07a87230a996c769fb5ea708352eb2cb

SHA1
b9829f43451b04623f283cb073b805f0008b44b3

SHA256
cbeee79f83bce3d880f7b01e75861bcfc67204898826aed17f17c954f2f5155d

SHA512
a24a9274b571786619ea0a122688ae16a818454a94d8cfaa99a6cc3205ed105e2eb31e1fbb761ed7462125c2588bbe9c2adfd6f348fc517e09afeea70442bf75

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\icudtl.dat

Filesize
10.0MB

MD5
ffd67c1e24cb35dc109a24024b1ba7ec

SHA1
99f545bc396878c7a53e98a79017d9531af7c1f5

SHA256
9ae98c06cbb0ea43c5cd6b5725310c008c65e46072421a1118cb88e1de9a8b92

SHA512
e1a865e685d2d3bacd0916d4238a79462519d887feb273a251120bb6af2b4481d025f3b21ce9a1a95a49371a0aa3ecf072175ba756974e831dbfde1f0feaeb79

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\libEGL.dll

Filesize
470KB

MD5
b12d025eccde84d51b52393f3096262d

SHA1
4f0535c338d6828edb8cfb3aa3a3d41bf7555231

SHA256
801168075749f28ad7e8465f7a3f05348c74364af8ba7f0eebd41e5fb2451a84

SHA512
a7474d01df05fcd1d79349411a13c1c7e4d247d1d0a9bf9ad865ed5d75473b87e18a9bb391ed895bba0b19b16eebb71aed6ad37d225a0cb923a35bbc53e3ffa6

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\libGLESv2.dll

Filesize
7.7MB

MD5
81681dc59b970cceaef66e2b4871ced8

SHA1
b4ca6bffae594559ffcd5d3579e458de0e6185d5

SHA256
bd1d38ca12360f51fb1077ea392240b99f82c98ba21c05fe348ab812c795b11f

SHA512
ba947497ef42ee802435a295fcf04a0ca1a6053361bdc0cd8c4e83d745874177af52a87a99e8b84481a0212036399844a8637d838c036b449969326007bd602d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\af.pak

Filesize
494KB

MD5
e48860fe82ef022ffab38cbc4c96dffc

SHA1
a832fa66bfddabf3ae7f219cf379f66d2903162a

SHA256
e2470090a09ca500679e68bb5e3b1acc35a5873fea4f93af25a23c82122f2c13

SHA512
e4d0973ca7e59091c482d2acc384aa48ec87d3ce72d8d42a03a183b230fd209e085a4e907473a05d02d41e15ebc527df942774c23b4804c150367fcd727af7b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\am.pak

Filesize
799KB

MD5
eb869449704e7b2bc571e229c08438d5

SHA1
0c6474e1e0250c64bd001bab25eb6e7cc383832c

SHA256
ce069893f931cd1f095a47b50c5edad023a558e6b129f942b390d63a2d913fe6

SHA512
88992285dcd7642c5ac136d95995e8cd525e6fa211c461e13a8516efe0774ef81b221691bff3066a7437c5abaa695dbdd51eefe8716b21da354af3101312a370

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ar.pak

Filesize
874KB

MD5
c49f4afca050466af21212e88860f8fe

SHA1
adddf85ea75a24b92f1fcc4fe07a81a35d08f2c4

SHA256
11df77de069364d7f0e2b42fd2b7291abd8da5e4fa2d69a1b82c12a98a89dd00

SHA512
6060d96a59e424f9a630e70efced6866c074f8bf0c89273a28f9766e8c2b625bc80ea5c691a8c33c1f11a3cf1c4d34d96cdacb19a2ca61b61fcd45365d138843

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\bg.pak

Filesize
913KB

MD5
e6608ecc589e87a6f78f9ce553ec2609

SHA1
9fdb2ff6291549df773ba243b3a92b984b15bdf6

SHA256
97ef7984074775282b68dca5d5a469efdb2b22474ee6669fdfb5197d3f1b3768

SHA512
25450b23acc962be85977ef08be9b484c2a9127775039c521158c1801cd57d5781bcd8d5b8784f8a8b9403ce44b59964a20dbe36ce181f1d239143b22b53d5e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\bn.pak

Filesize
1.1MB

MD5
57eab375114893a5ed0de36a516e8252

SHA1
16f23ab3eb62bc7a2525a7a5d86139fa88670b89

SHA256
1aba82aee8c985e5e370e7cf2b35c9ec20cbe5174db5fcb54ec7d19ec5d79587

SHA512
895bc282484ed028f5f023cbbb6e2755091f036e540c531b6ff639cf9e0ae5da02801dc81d7910eb141edd5c255d8b088d1abb531b152fbb161d6c2bf9615f4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ca.pak

Filesize
556KB

MD5
250958a8ced000d119daebfb461620e9

SHA1
898ca898c87ac5135ea07eef0b4de99b053b4133

SHA256
bbcf50836923477b3105a50ff4a45f80bf69326a17b907b00b37f13a04282a30

SHA512
4a07f1ba9743160e5e1e2fe21501d845277684ecb1df68b2e2098a9d634cf15429a5e455a37f812876391ea2887d0e3057ea28f91274022aa30c7e2f3e13dd0a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\cs.pak

Filesize
572KB

MD5
47dbe8b4a15efd5e8e0b8a8d3a4ac8eb

SHA1
3b19039f4b7339facfb040f9e6b7386047efa3af

SHA256
0e37d82e1022d98fd44a2542f8ce82cdaba181246f728e5f099dfa47a6ecb469

SHA512
77978e8052d5d019909be8427f059c38ef4d79eece3c2faf3daec5a8e96f8ad1b408a057de6af253930f2ac01d832821e6f879b02549b659f27435864f65a6b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\da.pak

Filesize
518KB

MD5
c22b2477e29ddbd8bcf1df1b51b738a5

SHA1
482f5591e4938ee86ab2c2339fe63ed84d17ea8d

SHA256
4738f526d617a8eae389e239925019ba73a7ab9d584f512b5e1000c9c3e81af6

SHA512
cb23d13ab54de8b232530ef5b9ac8aea6be942c32375323c5a88438ab79860d5b38c94642a35f2a42be233dcf3d1f1d7ff7e2675de9daababdfbd27b73b90fa9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\de.pak

Filesize
553KB

MD5
d1a513308f9de55b6c7bbeef7c4fe90b

SHA1
a4a5e99fe73d5f9df2e508c3c8e9b73dea03a76d

SHA256
662496eff49febbe49f0a03cf2c51acaa743cb2237de3c41014556e16f3d8e2b

SHA512
9756e16255976569584a3a5e2a17421a31bc8f9b158c0ad3d30f6fe624ecd0e77c255571e46554c03c54d58b06d3f7b0fc77d347548f435547eb1ed9173b30be

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\el.pak

Filesize
1001KB

MD5
34c6150acccd20c7f260b269bce06930

SHA1
277b6d2387f600c84263847d6fb2342fd4746cfb

SHA256
162e51bc7d682e223e498f4ff8c81f019d136d857bd25a1c982d4a1084a8c840

SHA512
58308b1f4f92f1eb26af8516351194b96defa8b40f26cca2776aeb9e804e585fdb9918bd2acb9c6318b63c3768c29893574bd0a4fc18fa9dee96b9112732ff94

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\en-GB.pak

Filesize
450KB

MD5
56bdf77ab3487e28d354a8b0f9ba8d2e

SHA1
b10ee918320a50a417b1ee6a28cd4b05a5f77238

SHA256
7df934906a61c0ae7a952f9ed058f4a06cd3989663a7d9f50afc3c9f830135bb

SHA512
8d74c79ba3a554d69f26fb8c20210c9a339d85c0e9a9af445901e8a5c7ea544ea6ec713f9dd2db7b8bb5cb0afb0fb385236d4668a73af37dc9ef8d2f73c57fcc

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\en-US.pak

Filesize
454KB

MD5
5c52a86b21633b55b383c20f16859b2f

SHA1
126585e68cb17f241351004e21c1d30e65de1cf6

SHA256
41123d72bd8e289e85bd35227aabb4cc61fe1de02b5cd7a7834e5ec200bc2078

SHA512
2a1b6a4becfb97d470cd7de74857edf2cc9cd4a77f377ccd9bf60c30539862ff1ac3ed6cc849632a3ed4ea0e5b92679f3cc5b4cb26cc7eaaa2bb2f4ae9974a6a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\es-419.pak

Filesize
547KB

MD5
a5541f2f1038c29f12e3fc3840590e8c

SHA1
d22b47aac65080ac8d96d677183891203e69d218

SHA256
6d1681b67b593b58f9de9822201927f1829d348e88abde360ec1e54443acc60a

SHA512
fdffa76dff56d610b446f67bb514f8b1beade201af5e336eb96da3e791855c6fab8ef695730fb7fac5e8c7a38fd378721dcb16481624a972a6292a711fe95b14

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\es.pak

Filesize
547KB

MD5
39ddf01168864ab8b3861503b5aecd60

SHA1
332442c16ab2112313ccb67fca796cedfc3d6b89

SHA256
5f5c737b7778932c2aa9cec8f54b99c7e82c5bf7eb28172c8a49494fb361ee06

SHA512
cd54485e31707ca30dd47c415540e2a0bc44c12274c14c6acab27fe25908f49f18ee9e27032a9c403f55a6b5819f3829af6f0d9a87730a4bc573f9a40a531ea1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\et.pak

Filesize
497KB

MD5
c0610f85a202bca2f540756ace2323e7

SHA1
f770e638e59fdd47484ca51f1c1f42cd933616ca

SHA256
77822b71398a329c43b57d9d8c0b27fff7f30c3a35fbd7850161549a23b0b9b2

SHA512
386b65ce118ee0602dfd195290f922c5abb7b38bf974b04ee4477f765d507cb4c41a0b443930eca2aae5b4e1de23d8013ba241ebbb99713da4d26df46e9aa29c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\fa.pak

Filesize
813KB

MD5
c2dc7c27385de3e4647728565e62c1fd

SHA1
5d67672fc9272e68513d6e644f79b7d3724cbe39

SHA256
bd9805146a6fcc17fb7bcabce894757cf4fedcc0a0a5178f9cbc1b1d4657fc73

SHA512
642feb1c579924f9f853a8f1778a6a0f58779e6571275229b613cacc55a688fce62ba771c1f0b08f4fdde796d481c11483a8000e6e0d41aa0c63db5a288df7ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\fi.pak

Filesize
508KB

MD5
6d7aaddb1365b3efee94d4c510a3002e

SHA1
2a970204894c5ac163c980ec0fac2dbd1711e5b5

SHA256
11b0b9b0f74d01f16db7aa49be9dceeb55fde9da56f17419c4bca159cdcae274

SHA512
f44bab9cee552dddac17d4ac1949870943cf138b3fdb0e649e8827acb6de9528dd9cf738757e5b495587e165d1c750b8bcc6205bdd029a01eb92aecab22ba49f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\fil.pak

Filesize
573KB

MD5
c744b92c8feff1c026034f214da59aca

SHA1
95780d3374841efdbc0d8a46cddc46bb860a26e0

SHA256
d7fdc7fd08dcc421bc8aaae3fdc72599c60a3b96f05989a3e46736f0de06e745

SHA512
eeefc73474642e75da61056f2841e7cfeb8d8475be55a39852dfe7de8a972f7d86e9d1df4614b3ca3ae4fb01b68e5ced664bc8e46ccfc94f44b06e29a5035b43

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\fr.pak

Filesize
591KB

MD5
5e38d6ba16bbc0e593ccb43d989a2346

SHA1
56626415dfaa0002e65939afeecb1c6c2b690494

SHA256
a82b41f40fea984c4a01628d58fb9047d591c4a3e2aa80433b71d217865e6a4d

SHA512
62bd5a4632b13015595efe351a6c281c273023e38a0595c5910443d006cbd3cbb39364a2b7a9bdf5216e7078e18d7a65baba5d888b37f95361bd9be58bdc5058

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\gu.pak

Filesize
1.1MB

MD5
7667d758f90e0d3c147da74ba06425de

SHA1
a453e2f358095849612756a1fe6e2849e1f3f7fb

SHA256
94cb050bd6ed8e588fc0148123c0440f3a1bc8b459ab4ca54f954d098eeb2a46

SHA512
0b469fde98b8558a8a037a7cae1066ff343d1355168e12fcfd80e9aae9c870525fbf4113d7a282728a2e40b606108430e967b574104e8d192be234a3eda4d09a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\he.pak

Filesize
713KB

MD5
921748ddbc20e6412c7c360130f37662

SHA1
cfe4d4318ebe40738b83893b81319d340a406abc

SHA256
178cad88217251b9ad66449340eeb4c1621fbbe2c4946c1018bd82d0b8a1009b

SHA512
0e9f43ccb26d859a814e520940416187a4d3a93e7492cf0a52d0f6d756493f86829b5b82233a1e8736ea0f6b24f420b14ace4cb4a50af2887a826f153f0f9b32

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\hi.pak

Filesize
1.2MB

MD5
eb95377b86ab5805d041a084535318a8

SHA1
4d2c8700699e553ba2710a9d01877e2976c7521b

SHA256
c27e6209c67e015cda2cb1ef3b1733c2dc95d1f5227d8ff6ca8b399c2e5295bc

SHA512
1f265807f0c0ae0d99dafef928c244a0039baecbb028ce9a8e80c706172a066e2560858932c6643c823d715d78e2f14dff5ce850c0e8f4dd0923d310660491d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\hr.pak

Filesize
551KB

MD5
202cd54c38c8eb6170b6fbf9704c33c4

SHA1
90aaf8f2f3b054f86d28ba983fd53b270c1a423f

SHA256
687b532c7b260d4caa9c162a7c290babd7632159ea37f51480f746c649db707b

SHA512
0106c1788cde349d7a39e3e75841899ab5ff2dfa5056c84a7bd81ebee468d6a71c05dd406804599110970297e0659451a4bbaf53a8ffb0c70f1170d888131074

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\hu.pak

Filesize
595KB

MD5
2515bb367f56f282657b3dd3b9ffcbc3

SHA1
8cc350e359f1cfefdf0ce3b016109dd483d45a8e

SHA256
b4e6a1135de8bdc42c04f4db4eb1ce48256f18eb46a5146a21010b6165a90e7a

SHA512
779a77b3380f08dfb1d1e9bd65806f3d5ab56619d040bd6ecc9726c17944f4d0c3a619edee06d638549250fbf4c6a2be46cd6196a3a8862d184a68d45d6f6d72

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\id.pak

Filesize
490KB

MD5
91bad2312491410c7f0393be512b895f

SHA1
6e4e9cc985c5b96eaaad91787f8bb7f72cddb604

SHA256
a21f9474a19fe2d7f26c59f5ba8d6e72801a8a057b7dbcb8b3f96471043d9059

SHA512
5c0e1cd1741e78fff90f3ec2be02bd47bfc669e50ad0cdde975238a74cb4081536faf80d0a28dc9fea6efda6548dcca4e569c54b903f5c2773c17f72000a99e7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\it.pak

Filesize
539KB

MD5
033cea0b189033adf6aff0030722cf4e

SHA1
58606beacfe6c47c45f883ef0e50e3dc9d22b0a0

SHA256
f3101e941e40e8e69d646e7de7992ed695db7072e89855a7dd9f9d6bb8a204ca

SHA512
414eab311f2370072c749f55f13d1740745dac7f4e65433ed27c987eef68037190ede845e1a534439110afd4582802bb0093e071ed485c2f75276f80fa65bd0b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ja.pak

Filesize
659KB

MD5
001884fb759217024364b6ef3cdb86c5

SHA1
e48abc635109800ece32539064f5085b1a108970

SHA256
f2766c8225cafdfd0649f4cc5626b246d0f3a4f1ea8bf5e4b18347d1fe5abeca

SHA512
4c3b5aa9ecbfa3b66274f528d64ba53785ea3237ef51d4ed96b683c98e249a4f812e47be43558122a0cbae4ed9fa6b6e922e872e031c5e34554bce93e5fb089f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\kn.pak

Filesize
1.3MB

MD5
2064b792d030c421bcf649ef728f24c5

SHA1
fb98b9332927b58b57e1278d9cd54972e8ed7b5b

SHA256
2029902f3ea9da2c88c079c097ef481a184275d988dbf3bcfbe9dda84dfe1379

SHA512
691dc9ed3fb3cf1f294b5c7455a7a32023ae9ecefbccb666b3d68b7543434050f634525e99ecd67cff1192a238c5d3dc95754801644da253ac65ecaaecc40387

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ko.pak

Filesize
557KB

MD5
965ac0d213ccdfd83ac4970de23a8f11

SHA1
8326841ab80c40a7ca8b13589a3f5ff54fc15827

SHA256
3fa72d61a997c36f9c093f769f4bba60b290d1fbcb71d5544f85e8e1efe51d07

SHA512
5eaf14ce5c493bb4704716add07428edc6569f2dcb721679e140916c0e426cfa8e8ce27a2c38c48ae6e60461a678525e48e42c2938ce40e488b59d3f97a2f9cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\lt.pak

Filesize
597KB

MD5
20906aec4a21bcbb8bc8bab067075ba6

SHA1
369da9c1567d4376852cebdb87cd9213dc4bd321

SHA256
a1257d10e673311747363e6929832e70f36668b1fc0d6a5ddd550fe88007aa58

SHA512
8d1ee40bff980b889af83b95fa408bddf2ff5d257f532d2da46bfc3ddbcc31b9cf14b473fdfca1a574c0316fd689a424ae241e9bcc533b7dfe0c7203d4b252fe

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\lv.pak

Filesize
596KB

MD5
9f9d09b8e8b943733574c32e924cc834

SHA1
cd68a843884aec9eeba36a287902e5b39f128f82

SHA256
3e3c9953e679f391167a5d5536a4ace4d56558909ac8ad5b9f08650254d99f40

SHA512
8062ec8f8ca2507ac8e10d0a9a8a76ab02feab8993989043dbdfce3807d216087017ed14e6e9f52d87a2deb87ae5a69393e5d6c6963472ed98ecb22fc45d594e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ml.pak

Filesize
1.3MB

MD5
39d4a5ed8cf7c8e0df946220fbfc0f68

SHA1
70794849b41d00f2b895f1211a6baaae3fa7d261

SHA256
87384db1ddcac012b0b40ec89daf47ebbbcf1497705f023a6983fb2470e4abd6

SHA512
ac992b9cebc2fd51f7477b36f1aa4d9157a84c3023949c02ea236d909c78fb5ccce28dd213c089820131ee3f669164529daf58901766630ebcf40546d33e132e

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\mr.pak

Filesize
1.1MB

MD5
649e76b6666096a2258b942745ff9fe1

SHA1
82edf8ca68dff0caa36b17901c1e12a17172fa51

SHA256
039f4e0176c38867fef57482825d043fa63bf1356c85eab0fc665f118db125e4

SHA512
92f51140416cd6dd53109ddcc1ee24c1d26999de5cd48a11e6954dbbc985298c1b90c0b4a7bbd8701a2737b71340e8a257e8b1ace85ff3b4876b714c60befdce

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ms.pak

Filesize
514KB

MD5
9fb7c18f376b46b254ef9a960e08655f

SHA1
31cb060fc606d011151f1b5464e2a469372113a2

SHA256
2f0c83b5b3bff8f624d78e0670a31c509e7f1d5330f72aaede471b2e97c956e2

SHA512
23ea07d917bc0cb9a2f530f985c4c1930d31eb6e8271804709126b8b0f5266dc51636f679944d2e3d8dd7b603564defe85c1088a33a922e9fe15c2073b509a8f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\nb.pak

Filesize
499KB

MD5
94328f521f4f02e9b27f64f35987f65b

SHA1
e0fcfebe197b58daeb1b27b89cee3bfcf6e9d89f

SHA256
b824d440176ac07aa50badd87b91ce7989e263344edec5372c6f50ff7db12c9d

SHA512
3dadb2db1ff76d5c7d13470502a062c77c6f7483bcd99112f7747b3e0bf1b4b3ec15cda0e97a38fe26fa56246c20b19312aa7d0a277e23ff5e69e618e4ff23fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\nl.pak

Filesize
516KB

MD5
d59fed8986eee2b9d406ad52d88cbcf5

SHA1
f7e409e17723e21174361bc81e54bcef269f40f7

SHA256
619c61701b3a142733d23ad8c7117bc013867a842d3d1d572faa56895ad8257e

SHA512
234aaddaa7677b39667b4078dc3a630d67b4f2ab7df5ce763d509183a4d88e8f7bd1a231113b8a51418d577e4aa630860a7f2735c34ef59e0f65966cef825597

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\pl.pak

Filesize
574KB

MD5
f73a49fde908f5de230c282e3ea461dd

SHA1
2776d2286e2d414373ca1ae60f39daf4b22a999e

SHA256
c9ddc6daa007d98cf90caebf71b3071601d5386eb34442d86020904e39f706f1

SHA512
578a7872504c9d6bbbd07335b38940bef6bbea94820147accefd31806cc2e1f7c9d8bc3f130efc754db55745cb6f164f9ace149e42439cbeed945a3491cc6ae4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\pt-BR.pak

Filesize
540KB

MD5
58e37f2afb647343fa879d748d7492fa

SHA1
bda3c160202e4ca950c6592851e3eabfe84e6a96

SHA256
c17310ce98918c16bd9c06bd2f752ce6d2d1e4bc7b3e8ab74519e57e7e751843

SHA512
5574dfabfeb4a4d17ae156eba18fab5f0bd6ed14737b7999117ccbe385d5068f99839ef130fe5a125bb9fd6d0c3486f585b3e109966c138f06b08af30bfc8674

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\pt-PT.pak

Filesize
543KB

MD5
f2eafa0bd70b7ff64c64fa0d5590ebb3

SHA1
9a945c61d79e886f05f3b13cad0420b020e7019e

SHA256
8ba5d7dd9100e14a51a9e77e2f8cede706978bfd21eaa6f334140d12af6ba974

SHA512
ed032c0373ccc59f64ae709f3c462f1c1c55b1abaf5b16398c9b64480ea5df94ab35e6897dfd1f98e18296e12528e3f27150948849b0bbb0e91bfef140c0bac5

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ro.pak

Filesize
562KB

MD5
cfd7cb2444248216e12193689ba56c10

SHA1
0a9d65fdbc68688bf1624a8c98fd42673961e0d2

SHA256
655c175903a791d0ff56264a487c53f7bd09ed037cf04cfa6e79eb8be5b677e9

SHA512
7ab384dfe93c4de0d82d3a581d0c4b988f823f49848cedf081067e052be2d43c42389899588839dbc7cb35ba70617648bd0c7c199900e78c487f3dd77e64b4fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ru.pak

Filesize
924KB

MD5
04e23a841bcf29018d0bb55a730d0fda

SHA1
b3545f3ee053af799bc76c69121aab034535885f

SHA256
d68be272e1734979baf3c19134e97f3e7215ba871460fb1906e1672329434040

SHA512
efc1de023f6503c3b7c56e1d836137998de89fb112da079dab09f822f5e39e54137dfc07c930a099740b532f752333cdd850d2050ee9783b1ada3dec6ddced94

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\sk.pak

Filesize
580KB

MD5
7773015adbfd66d42b4a9cb11a29a7d4

SHA1
bd96538a2ff6c8884a545a7b10495107fc1f8395

SHA256
bfd5b52a544428c5aaa4f418903610f1373c808c20110c145d95b34c51c7cf80

SHA512
e8abceffff4fe1b6b1957ad99288bcf562fed2ccaa8ec20ee369fc5d50a3fad1ee823045860ad1028503f4dc730c5e816861ba5b2e0417433000dbe2db6be795

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\sl.pak

Filesize
556KB

MD5
33aa83936f6fc0ead34f2d89a3f6d3ce

SHA1
7e3a1df02daa63760e689f4a4bd6fb47fd888de8

SHA256
f7539df33ea860bc42a76047fa4fa0dc75044df6d602f8735c9acfa5d7995198

SHA512
f37979e94063ef24897657e33d3aab5cfe6258e071cbef13ac01dee1647353071f7e269f986d45e750013cde5ecf69599e94dd27fcd097cafa7054684018a684

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\sr.pak

Filesize
859KB

MD5
acfeb4e65ec2a66ce1b53e93c5a0d897

SHA1
0c37160a70d8317f6a80ad4909a152be7e94fb93

SHA256
c13f495540ade0670d2fa2231a833de32124500e301b8abf8daee8a6ee2224d2

SHA512
4dea3a3522525345a5d7cf821c85c817e8f779590533cebe8114253a742b82739d16230b5ee155422840f6ec58d27ed23ebb00459d6adcb9984ceb9e9f2dc015

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\sv.pak

Filesize
501KB

MD5
819b5e4f2b7734ea4677f6d579d72f84

SHA1
aff3048d8e35fabf68a756513b67efedba59f85b

SHA256
105460cb717104d82f99cf8c5e2c51ff252211a605bd1c98bf75981f100d619e

SHA512
3e1ff5d934c7e0656dd16265be697420c31b191f88a5140c3598b4fe37a6bd3031f50d45ac7e961acaf0886934951a48230f7b10a53d85e015d6d5e1602c3eff

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\sw.pak

Filesize
529KB

MD5
d3ae31b63eb14fc353b6e8b872d266f8

SHA1
011647736ea51490cd7ccd49433f4529b708ccbe

SHA256
462809f4337c1d6511d53e496937828ed07d64e7144954da794c36584c94b543

SHA512
aad3c37beaf1224478214623f95a549b6167d1d061baf6c2e2adf8b8d034e44e8bc4a1e9409533f2830ec3bdb06208a1e144bbc4e3ce2a6cfc6bc82002d32b04

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ta.pak

Filesize
1.3MB

MD5
52ee28471f2f9d01ef3f57233496554b

SHA1
abd7dd9989fac90636626a41f007eb6aa5ec7a2e

SHA256
1cebac8d758298ed2763e62b9bdfb17351831e691ff3e1ba85252c9a66d66242

SHA512
af2e9593faf60319244c90e9c06604dd3830705f14c18cd380dc2338aaa0c1e137bf751603ab9beaf7f1783839f83bcd4fda357b7cebc66ee94155d560b6f691

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\te.pak

Filesize
1.2MB

MD5
3a71904057869c23d1bc108f1e8d0d31

SHA1
6fb6e60c80bc332a2bb66d02a1e3db69961a9c41

SHA256
8264244c6de861817f5b19cef282844a18ed8cb7d4e059451489652749fe931e

SHA512
7248058b2d357c4a8b9c2e95d580a2000a96d9a5adb0b822adeeba5c4422e08cc12ef84b9b9a627a1f6cd07a08698ec000510885d14d64afd40c6e8d69376022

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\th.pak

Filesize
1.0MB

MD5
879a881174501e22c3de65b9f80bc19b

SHA1
a2e020d5ed1be7dee50a495a2f8581e751cbf735

SHA256
647ad394e92e7610bd0f6c4e08d28748408fcd5a816a35e4622ea7f71cfa7a9d

SHA512
b8961a90036b94340283237da57659cc277e65e545764251f7d3e406dc5f70c9ae29366184d0aa8831aaa0a7cb5c12ff825078bb87528606cae223fba58c73d3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\tr.pak

Filesize
539KB

MD5
2c8ec2110d635c90a4d83f15b511b10d

SHA1
c688bf904f238eff46624a53102210e9c9ca5422

SHA256
8c09ca9f56200f55ee73a6f5daa017c5098f788301616db61bb9f6094f5a61f2

SHA512
24e83d545f7c3db449937c721516754b68bba4c137dc362e23944dfcfe8973241bc19c1271b787cf464e5ac281e4876360b9cd942c062952736dc6098b2aefd1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\uk.pak

Filesize
923KB

MD5
64f72c9f76578693c28b9c4fd6ed66e7

SHA1
dc321254fc902b787dd46a05ee22663f5049eee8

SHA256
121fe02499718290b4bf84e80e613b06df45730603ac1501c65f5c115412d99e

SHA512
70f107defed8c581f1bd9b4ec098232cd83efa31a3010764a78966f890b277ce48460087be923537969b74022ad8180b53954d663c7e94f5acda73d2c5101cd5

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\ur.pak

Filesize
808KB

MD5
fb978b7d211112a0774ce09ca54ca96f

SHA1
fb0c69801230437dcd20e3803db81ee60fc042b0

SHA256
60310f9a3457fae0395b447a30646211ef4160ba84bd7c36d291af4c8ec2b79a

SHA512
abde8d79f46b27e0e315034025837a3126d6e5d2bc52504d49c946fe96828bd9b20cc4a5c05283fb9f8813e6820a28249cfd68b30cb27fba216970c16ecc8d44

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\vi.pak

Filesize
639KB

MD5
565abf3f9b296fcff95fa5b169a7d598

SHA1
24de1221b2adec13b5bcc23c4a54b8e987e9f12e

SHA256
fb9463d5655e73fa69cace9800d95f8cd077ee9284fef3bfe162d2bfe220c257

SHA512
53bfe0c1c289ecdf48114048e15807c3143dbbe357736753cb845a31a6a3fccd0dbae652294508706076ca4b30e5da00e53bc6aad11b06fffbf2621997e7de36

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\zh-CN.pak

Filesize
460KB

MD5
3fe312d9859b299c3a332373172c33f8

SHA1
ce6a99d79dcfc363bcf68bdb1ddd4e6862236020

SHA256
f0c0ba53c954325b3bbefb333ba23f7fb40a7a4e506043e9f7886089f611943b

SHA512
488a6043381834c9d69a906edd9e3273da01b618e9f3351a89082e6a4727f9f882e435eca3d590cb30336cab289fc71b109322d43804ddde5fa038a63a0b84f7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\locales\zh-TW.pak

Filesize
455KB

MD5
e302e1102f3f5a21860f38f41b3c30f8

SHA1
78b5d1c451cf674a7641dfcc815f966fc920cf57

SHA256
d4033cb3264c7c4cd2636ea2a202421650c449e5bfb10f29949e4c44e91ca93b

SHA512
1f96b197eb7ae6b7983ed38d4ce33ea0c845ffe527fedfbc9e53a6009871dd3c39084a04cd1d43fd6dd24e7f26e3ec4845d4225df828de0b9ba346cbc98efea4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\resources.pak

Filesize
5.3MB

MD5
c9d196164a4a2f4c1190ee0e2e9eb1c6

SHA1
0a38f2328f3c9f0f03e3281df8b441869b4cf969

SHA256
2d00750fb042ad55dda47d78536eb26733d1575c1040f18a09bbbc08748c0f68

SHA512
e382bffb89e05bc84f35514199ca34f2078f216bfa65a56b2c8909563287954256ca30865abf4b7723913cfac8868512b37c2ee713e3ee22284692cd0c0728a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\resources\app.asar

Filesize
470KB

MD5
ebcc5beb09176cd6f069fab352cd9fa6

SHA1
7af9b95b40f98a4cf0fd0ac8cc7cb559bf151df9

SHA256
47a578efd5067b2f583bf010948e3a6ac9ff7c40a5cb7ce8945b0d0907c2b14d

SHA512
4d1a89a7e6e47b80f70d5efb60f7144c0bb318a878d6b8750d9e17c9b9edab295ac7af30d08f9476773fb0172afb6444fdc4dc70535a0ce8aa77910b5c92d5bb

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\resources\elevate.exe

Filesize
105KB

MD5
792b92c8ad13c46f27c7ced0810694df

SHA1
d8d449b92de20a57df722df46435ba4553ecc802

SHA256
9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37

SHA512
6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\snapshot_blob.bin

Filesize
302KB

MD5
10585bea2d95df40b857a51e57c5cbb3

SHA1
e031d33c96a0c6923314f10ce16b4746cac25f1c

SHA256
1b9cd2d03d7243f26b6793b17b5240bf2f942b33caeeb7236b6f4ae0300c52e8

SHA512
4ede1f271520e2c8b4a9675adddfdc43095ecb82e6ad4374442656a42ba19d1b32ebca255b52d29d0c91db05d5ffdf93a1b90237a11f6cf4bc236f68dad2313d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\v8_context_snapshot.bin

Filesize
646KB

MD5
fb63a59e95b34b7730246c8226056af5

SHA1
75968afb6f38d1c49f03cae7f3289f7eb186705a

SHA256
10d0547126eda664ab1437c8a87ef6dbd32eff74f1b3c9255323dc8aa66faac0

SHA512
f53667fa4fc5903741287b9cff1f3638197a9eaa0d6cc7c753c66d2b3ec0248731612110a77f9402dd554c1fad8d522ab70e29510973ac63505e3f04ca37a70a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\vk_swiftshader.dll

Filesize
5.2MB

MD5
37d26be50bf31b7a85bc8b86d64773ab

SHA1
88b6c1878633f9f7e4c1dd5f8b5dd9c5b7b6cbf7

SHA256
7c35ee5d2b4db312d09875269d3a17dd394966289de426bab40b08173b2b4728

SHA512
df06cd453dbd05d6cad99d2bd23ff4aeb5fad4ecc65ae935d89a6f8ebd0b4a328068955c57073fe854790b114bf6908d52c572c2cd4d81fc156670deb1b0b41f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\vk_swiftshader_icd.json

Filesize
106B

MD5
8642dd3a87e2de6e991fae08458e302b

SHA1
9c06735c31cec00600fd763a92f8112d085bd12a

SHA256
32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

SHA512
f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\7z-out\vulkan-1.dll

Filesize
938KB

MD5
43be195025f4c1d3d3a4fd10fed5c073

SHA1
e9eb657173bc97e12d5990da385f49cb6a35c1ed

SHA256
d5ef248641f00dd38a81d2f94c37034b7820edbdea4fa96f91d4f9e64996dc97

SHA512
81fa7abd4c749c2b67504e866c5d6d37ab50c902df997e8f371f0610027ac80366904fd29f8349d034f0231495fefa3e1896a201a8df3c4845854a3ce8467ee9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\nsExec.dll

Filesize
6KB

MD5
ec0504e6b8a11d5aad43b296beeb84b2

SHA1
91b5ce085130c8c7194d66b2439ec9e1c206497c

SHA256
5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

SHA512
3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

Download Submit
C:\Users\Admin\AppData\Local\Temp\nskB9CB.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
C:\Users\Admin\AppData\Roaming\Cozy_World\Network\Network Persistent State

Filesize
300B

MD5
877a72fcdf8106001279b12ce603ecf3

SHA1
7571ee3645d1a3467fdc36eada818527e0b5ccfe

SHA256
30f4472fde7dc65bf6f1458bf28d49f0cb189207c55c8937c6108e331beaed54

SHA512
2121a820115a8e8bd4dc6cb5e68079ae49171f456e8d45655247081686bcef311b5bbcb9e5b0d5c022737949623ea46b071f8a443266647781e000053e50d331

Download Submit
C:\Users\Admin\AppData\Roaming\Cozy_World\Network\Network Persistent State~RFe59166c.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
memory/2592-636-0x00000255E4360000-0x00000255E4361000-memory.dmp

Filesize
4KB

Download
memory/2592-635-0x00007FFE86D90000-0x00007FFE86D91000-memory.dmp

Filesize
4KB

Download
memory/2592-811-0x00000255E42E0000-0x00000255E4309000-memory.dmp

Filesize
164KB

Download