Overview

overview

10

Static

static

3

malware teste.exe

windows10-ltsc 2021-x64

10

malware teste.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11/11/2024, 19:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    malware teste.exe

  • Size

    1.2MB

  • MD5

    4bb1774386c0ea20158cc6e7b336d5fe

  • SHA1

    2c8f70cae8bcdb907d90c7148c9ba096f7ab4745

  • SHA256

    947efc5a2c767a06c7fa4dd1e3aba8a5fb226c5b8bf887362e053113a9935ba3

  • SHA512

    7d6dc6ec52407c9be01e7295bd93cd5c7c5b8779307c16957d5690d72eeb9e8e25b1c42654576ff1d949576564f10ac82e444c54189f918730c75d2bb4766bcb

  • SSDEEP

    24576:WE3zRyPI/k48Qjedwrdv76H70jyvrsbgfAgR9lE9kj0FghFgyFlvrJtG0NjyrPZn:WE3zRwsCWrx6H70jyvrsbgfAgR9lE9kg

Score
10/10
xwormdiscoverypersistencerattrojan

Malware Config

Extracted

Family

xworm

C2

193.161.193.99:1337

93.208.247.124:1337

93.208.240.7:1337
Attributes
  • Install_directory

    %Temp%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 2 IoCs
  • Xworm

    Xworm is a remote access trojan written in C#.

    trojanratxworm
  • Xworm family
    xworm
  • Executes dropped EXE 19 IoCs
  • Loads dropped DLL 37 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Checks system information in the registry 2 TTPs 2 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 11 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 15 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\malware teste.exe
    "C:\Users\Admin\AppData\Local\Temp\malware teste.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Users\Admin\AppData\Roaming\SpotifySetup.exe
      "C:\Users\Admin\AppData\Roaming\SpotifySetup.exe"
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:4560
      • C:\Users\Admin\AppData\Roaming\Spotify\SpWebInst0.exe
        SpWebInst0.exe /webinstall
        3⤵
        • Executes dropped EXE
        • Suspicious use of WriteProcessMemory
        PID:3472
        • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
          Spotify.exe
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Adds Run key to start application
          • Checks system information in the registry
          • Drops file in Windows directory
          • Enumerates system info in registry
          • Modifies Internet Explorer settings
          • Modifies data under HKEY_USERS
          • Modifies registry class
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:2040
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win64 --annotation=product=spotify --annotation=version=1.2.49.439 --initial-client-data=0x3c8,0x3cc,0x3d0,0x3c4,0x3d4,0x7ffc815a2eb8,0x7ffc815a2ec4,0x7ffc815a2ed0
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1852
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --start-stack-profiler --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2008,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=2012 --mojo-platform-channel-handle=2004 /prefetch:2
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:3756
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --start-stack-profiler --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=2176,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=2228 --mojo-platform-channel-handle=2224 /prefetch:11
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4840
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=2448,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=2564 --mojo-platform-channel-handle=2560 /prefetch:13
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:636
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --autoplay-policy=no-user-gesture-required --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4568,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=4580 --mojo-platform-channel-handle=4576 /prefetch:1
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1580
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=5404,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=5284 --mojo-platform-channel-handle=5280 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4576
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=5988,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=5276 --mojo-platform-channel-handle=5280 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1468
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=5432,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6020 --mojo-platform-channel-handle=5964 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4132
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=6084,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=1080 --mojo-platform-channel-handle=5476 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1304
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=1372,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6124 --mojo-platform-channel-handle=1572 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2460
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=6012,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6120 --mojo-platform-channel-handle=6056 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2156
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=5504,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6080 --mojo-platform-channel-handle=6004 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1080
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=6104,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6064 --mojo-platform-channel-handle=6124 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1340
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations=is-enterprise-managed=no --start-stack-profiler --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=6072,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=6112 --mojo-platform-channel-handle=6044 /prefetch:10
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious behavior: EnumeratesProcesses
            PID:4776
          • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
            "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --user-data-dir="C:\Users\Admin\AppData\Local\Spotify" --log-severity=disable --user-agent-product="Chrome/129.0.6668.90 Spotify/1.2.49.439" --field-trial-handle=6052,i,8834540226579455368,2198210020202744216,262144 --disable-features=BackForwardCache,PartitionAllocDanglingPtr,PartitionAllocUnretainedDanglingPtr --variations-seed-version --enable-logging=handle --log-file=4268 --mojo-platform-channel-handle=1080 /prefetch:14
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4448
    • C:\Users\Admin\AppData\Roaming\malware test.exe
      "C:\Users\Admin\AppData\Roaming\malware test.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of AdjustPrivilegeToken
      PID:1500
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
    1⤵
      PID:1076

    Network

    • flag-us
      DNS
      download.scdn.co
      SpotifySetup.exe
      Remote address:
      8.8.8.8:53
      Request
      download.scdn.co
      IN A
      Response
      download.scdn.co
      IN CNAME
      scdnco.spotify.map.fastly.net
      scdnco.spotify.map.fastly.net
      IN A
      199.232.214.248
      scdnco.spotify.map.fastly.net
      IN A
      199.232.210.248
    • flag-us
      DNS
      download.scdn.co
      SpotifySetup.exe
      Remote address:
      8.8.8.8:53
      Request
      download.scdn.co
      IN A
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      1.112.95.208.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      1.112.95.208.in-addr.arpa
      IN PTR
      Response
      1.112.95.208.in-addr.arpa
      IN PTR
      ip-apicom
    • flag-us
      DNS
      24.224.186.35.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      24.224.186.35.in-addr.arpa
      IN PTR
      Response
      24.224.186.35.in-addr.arpa
      IN PTR
      2422418635bcgoogleusercontentcom
    • flag-us
      DNS
      26.224.186.35.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.224.186.35.in-addr.arpa
      IN PTR
      Response
      26.224.186.35.in-addr.arpa
      IN PTR
      2622418635bcgoogleusercontentcom
    • flag-us
      DNS
      4.180.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      4.180.250.142.in-addr.arpa
      IN PTR
      Response
      4.180.250.142.in-addr.arpa
      IN PTR
      lhr25s32-in-f41e100net
    • flag-us
      DNS
      202.187.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      202.187.250.142.in-addr.arpa
      IN PTR
      Response
      202.187.250.142.in-addr.arpa
      IN PTR
      lhr25s33-in-f101e100net
    • flag-us
      DNS
      edgedl.me.gvt1.com
      Remote address:
      8.8.8.8:53
      Request
      edgedl.me.gvt1.com
      IN A
      Response
      edgedl.me.gvt1.com
      IN A
      34.104.35.123
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      download.windowsupdate.com.edgesuite.net
      download.windowsupdate.com.edgesuite.net
      IN CNAME
      a767.dspw65.akamai.net
      a767.dspw65.akamai.net
      IN A
      2.23.210.83
      a767.dspw65.akamai.net
      IN A
      2.23.210.101
    • flag-us
      DNS
      nexusrules.officeapps.live.com
      Remote address:
      8.8.8.8:53
      Request
      nexusrules.officeapps.live.com
      IN A
      Response
      nexusrules.officeapps.live.com
      IN CNAME
      prod.nexusrules.live.com.akadns.net
      prod.nexusrules.live.com.akadns.net
      IN A
      52.111.229.43
    • flag-us
      DNS
      self.events.data.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      self.events.data.microsoft.com
      IN A
      Response
      self.events.data.microsoft.com
      IN CNAME
      self-events-data.trafficmanager.net
      self-events-data.trafficmanager.net
      IN CNAME
      onedscolprdneu05.northeurope.cloudapp.azure.com
      onedscolprdneu05.northeurope.cloudapp.azure.com
      IN A
      20.50.80.210
    • flag-us
      DNS
      226.21.18.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.21.18.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN A
      Response
    • flag-us
      DNS
      84.69.194.173.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      84.69.194.173.in-addr.arpa
      IN PTR
      Response
      84.69.194.173.in-addr.arpa
      IN PTR
      ef-in-f841e100net
    • flag-us
      DNS
      80.190.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      80.190.18.2.in-addr.arpa
      IN PTR
      Response
      80.190.18.2.in-addr.arpa
      IN PTR
      a2-18-190-80deploystaticakamaitechnologiescom
    • flag-us
      DNS
      4.4.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      4.4.8.8.in-addr.arpa
      IN PTR
      Response
      4.4.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      99.201.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      99.201.58.216.in-addr.arpa
      IN PTR
      Response
      99.201.58.216.in-addr.arpa
      IN PTR
      prg03s02-in-f991e100net
      99.201.58.216.in-addr.arpa
      IN PTR
      prg03s02-in-f3�H
      99.201.58.216.in-addr.arpa
      IN PTR
      lhr48s48-in-f3�H
    • flag-us
      DNS
      123.35.104.34.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      123.35.104.34.in-addr.arpa
      IN PTR
      Response
      123.35.104.34.in-addr.arpa
      IN PTR
      1233510434bcgoogleusercontentcom
    • flag-us
      DNS
      83.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      83.210.23.2.in-addr.arpa
      IN PTR
      Response
      83.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-83deploystaticakamaitechnologiescom
    • flag-us
      DNS
      43.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      210.80.50.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      210.80.50.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      http://ip-api.com/line/?fields=hosting
      malware test.exe
      Remote address:
      208.95.112.1:80
      Request
      GET /line/?fields=hosting HTTP/1.1
      Host: ip-api.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 200 OK
      Date: Mon, 11 Nov 2024 19:17:51 GMT
      Content-Type: text/plain; charset=utf-8
      Content-Length: 5
      Access-Control-Allow-Origin: *
      X-Ttl: 59
      X-Rl: 43
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN A
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN Unknown
      Response
    • flag-us
      DNS
      apresolve.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      apresolve.spotify.com
      IN A
      Response
      apresolve.spotify.com
      IN A
      35.186.224.24
    • flag-us
      DNS
      apresolve.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      apresolve.spotify.com
      IN Unknown
      Response
    • flag-us
      DNS
      accounts.google.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      accounts.google.com
      IN A
      Response
      accounts.google.com
      IN A
      173.194.69.84
    • flag-us
      DNS
      accounts.google.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      accounts.google.com
      IN Unknown
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN A
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN Unknown
      Response
    • flag-us
      DNS
      clienttoken.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      clienttoken.spotify.com
      IN A
      Response
      clienttoken.spotify.com
      IN CNAME
      edge-web.dual-gslb.spotify.com
      edge-web.dual-gslb.spotify.com
      IN A
      35.186.224.24
    • flag-us
      DNS
      clienttoken.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      clienttoken.spotify.com
      IN Unknown
      Response
      clienttoken.spotify.com
      IN CNAME
      edge-web.dual-gslb.spotify.com
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN A
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN Unknown
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN A
      Response
    • flag-us
      DNS
      login.app.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      login.app.spotify.com
      IN Unknown
      Response
    • flag-us
      DNS
      gew1-spclient.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      gew1-spclient.spotify.com
      IN A
      Response
      gew1-spclient.spotify.com
      IN CNAME
      edge-web-gew1.dual-gslb.spotify.com
      edge-web-gew1.dual-gslb.spotify.com
      IN A
      35.186.224.26
    • flag-us
      DNS
      gew1-spclient.spotify.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      gew1-spclient.spotify.com
      IN Unknown
      Response
      gew1-spclient.spotify.com
      IN CNAME
      edge-web-gew1.dual-gslb.spotify.com
    • flag-us
      DNS
      encore.scdn.co
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      encore.scdn.co
      IN A
      Response
      encore.scdn.co
      IN CNAME
      encore.spotifycdn.com
      encore.spotifycdn.com
      IN CNAME
      default.cdn-gslb.spotify.com
      default.cdn-gslb.spotify.com
      IN CNAME
      common-eipb-ak.spotifycdn.com.edgesuite.net
      common-eipb-ak.spotifycdn.com.edgesuite.net
      IN CNAME
      squadcdn.scdn.co.splitter-eip.akadns.net
      squadcdn.scdn.co.splitter-eip.akadns.net
      IN CNAME
      i.scdn.co-noeip.akamaized.net
      i.scdn.co-noeip.akamaized.net
      IN CNAME
      a1520.dscc.akamai.net
      a1520.dscc.akamai.net
      IN A
      2.18.190.80
      a1520.dscc.akamai.net
      IN A
      2.18.190.74
    • flag-us
      DNS
      encore.scdn.co
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      encore.scdn.co
      IN Unknown
      Response
      encore.scdn.co
      IN CNAME
      encore.spotifycdn.com
      encore.spotifycdn.com
      IN CNAME
      default.cdn-gslb.spotify.com
      default.cdn-gslb.spotify.com
      IN CNAME
      common-eipb-ak.spotifycdn.com.edgesuite.net
      common-eipb-ak.spotifycdn.com.edgesuite.net
      IN CNAME
      squadcdn.scdn.co.splitter-eip.akadns.net
      squadcdn.scdn.co.splitter-eip.akadns.net
      IN CNAME
      i.scdn.co-noeip.akamaized.net
      i.scdn.co-noeip.akamaized.net
      IN CNAME
      a1520.dscc.akamai.net
    • flag-us
      DNS
      www.google.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      www.google.com
      IN A
      Response
      www.google.com
      IN A
      142.250.180.4
    • flag-us
      DNS
      www.google.com
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      www.google.com
      IN Unknown
      Response
      www.google.com
      IN Unknown
      h2h3
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.4.4
      dns.google
      IN A
      8.8.8.8
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.8.8
      dns.google
      IN A
      8.8.4.4
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.8.8
      dns.google
      IN A
      8.8.4.4
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.8.8
      dns.google
      IN A
      8.8.4.4
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.4.4
      dns.google
      IN A
      8.8.8.8
    • flag-us
      DNS
      dns.google
      Spotify.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • 199.232.214.248:443
      download.scdn.co
      tls
      SpotifySetup.exe
      4.2MB
       118.5MB
       84890
      84864
    • 208.95.112.1:80
      http://ip-api.com/line/?fields=hosting
      http
      malware test.exe
      362 B
       266 B
       6
      2

      HTTP Request

      GET http://ip-api.com/line/?fields=hosting

      HTTP Response

      200
    • 35.186.224.24:443
      apresolve.spotify.com
      tls
      Spotify.exe
      3.6kB
       5.5kB
       18
      17
    • 173.194.69.84:443
      accounts.google.com
      tls
      Spotify.exe
      3.2kB
       8.9kB
       17
      17
    • 35.186.224.24:443
      clienttoken.spotify.com
      tls
      Spotify.exe
      3.1kB
       5.3kB
       16
      14
    • 35.186.224.26:443
      gew1-spclient.spotify.com
      tls
      Spotify.exe
      4.0kB
       6.4kB
       18
      18
    • 2.18.190.80:443
      encore.scdn.co
      tls
      Spotify.exe
      10.6kB
       399.8kB
       180
      299
    • 8.8.4.4:443
      dns.google
      tls
      Spotify.exe
      2.8kB
       8.0kB
       15
      15
    • 8.8.8.8:443
      dns.google
      tls
      Spotify.exe
      3.5kB
       9.4kB
       19
      20
    • 8.8.8.8:443
      dns.google
      tls
      Spotify.exe
      3.4kB
       9.5kB
       19
      21
    • 8.8.4.4:443
      dns.google
      tls
      Spotify.exe
      3.7kB
       9.6kB
       22
      22
    • 8.8.8.8:443
      dns.google
      tls
      Spotify.exe
      3.0kB
       8.0kB
       16
      16
    • 142.250.187.202:443
      optimizationguide-pa.googleapis.com
      tls
      Spotify.exe
      4.0kB
       8.0kB
       17
      16
    • 216.58.201.99:443
      update.googleapis.com
      tls
      Spotify.exe
      8.9kB
       14.0kB
       31
      28
    • 35.186.224.24:443
      spclient.wg.spotify.com
      tls
      Spotify.exe
      5.1kB
       5.2kB
       18
      18
    • 8.8.8.8:53
      download.scdn.co
      dns
      SpotifySetup.exe
      124 B
       137 B
       2
      1

      DNS Request

      download.scdn.co

      DNS Request

      download.scdn.co

      DNS Response

      199.232.214.248
      199.232.210.248

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      720 B
       1.4kB
       10
      10

      DNS Request

      172.214.232.199.in-addr.arpa

      DNS Request

      1.112.95.208.in-addr.arpa

      DNS Request

      24.224.186.35.in-addr.arpa

      DNS Request

      26.224.186.35.in-addr.arpa

      DNS Request

      4.180.250.142.in-addr.arpa

      DNS Request

      202.187.250.142.in-addr.arpa

      DNS Request

      edgedl.me.gvt1.com

      DNS Response

      34.104.35.123

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      2.23.210.83
      2.23.210.101

      DNS Request

      nexusrules.officeapps.live.com

      DNS Response

      52.111.229.43

      DNS Request

      self.events.data.microsoft.com

      DNS Response

      20.50.80.210

    • 8.8.8.8:53
      226.21.18.104.in-addr.arpa
      dns
      704 B
       1.3kB
       10
      10

      DNS Request

      226.21.18.104.in-addr.arpa

      DNS Request

      login.app.spotify.com

      DNS Request

      84.69.194.173.in-addr.arpa

      DNS Request

      80.190.18.2.in-addr.arpa

      DNS Request

      4.4.8.8.in-addr.arpa

      DNS Request

      99.201.58.216.in-addr.arpa

      DNS Request

      123.35.104.34.in-addr.arpa

      DNS Request

      83.210.23.2.in-addr.arpa

      DNS Request

      43.229.111.52.in-addr.arpa

      DNS Request

      210.80.50.20.in-addr.arpa

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      apresolve.spotify.com
      dns
      Spotify.exe
      67 B
       83 B
       1
      1

      DNS Request

      apresolve.spotify.com

      DNS Response

      35.186.224.24

    • 8.8.8.8:53
      apresolve.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      apresolve.spotify.com

    • 8.8.8.8:53
      accounts.google.com
      dns
      Spotify.exe
      65 B
       81 B
       1
      1

      DNS Request

      accounts.google.com

      DNS Response

      173.194.69.84

    • 8.8.8.8:53
      accounts.google.com
      dns
      Spotify.exe
      65 B
       115 B
       1
      1

      DNS Request

      accounts.google.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      clienttoken.spotify.com
      dns
      Spotify.exe
      69 B
       118 B
       1
      1

      DNS Request

      clienttoken.spotify.com

      DNS Response

      35.186.224.24

    • 8.8.8.8:53
      clienttoken.spotify.com
      dns
      Spotify.exe
      69 B
       167 B
       1
      1

      DNS Request

      clienttoken.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 8.8.8.8:53
      login.app.spotify.com
      dns
      Spotify.exe
      67 B
       132 B
       1
      1

      DNS Request

      login.app.spotify.com

    • 35.186.224.24:443
      clienttoken.spotify.com
      https
      Spotify.exe
      2.9kB
       5.2kB
       5
      8
    • 8.8.8.8:53
      gew1-spclient.spotify.com
      dns
      Spotify.exe
      71 B
       125 B
       1
      1

      DNS Request

      gew1-spclient.spotify.com

      DNS Response

      35.186.224.26

    • 8.8.8.8:53
      gew1-spclient.spotify.com
      dns
      Spotify.exe
      71 B
       174 B
       1
      1

      DNS Request

      gew1-spclient.spotify.com

    • 35.186.224.26:443
      gew1-spclient.spotify.com
      https
      Spotify.exe
      8.5kB
       6.5kB
       17
      18
    • 8.8.8.8:53
      encore.scdn.co
      dns
      Spotify.exe
      60 B
       346 B
       1
      1

      DNS Request

      encore.scdn.co

      DNS Response

      2.18.190.80
      2.18.190.74

    • 8.8.8.8:53
      encore.scdn.co
      dns
      Spotify.exe
      60 B
       375 B
       1
      1

      DNS Request

      encore.scdn.co

    • 224.0.0.251:5353
      Spotify.exe
      204 B
       3
    • 8.8.8.8:53
      www.google.com
      dns
      Spotify.exe
      60 B
       76 B
       1
      1

      DNS Request

      www.google.com

      DNS Response

      142.250.180.4

    • 8.8.8.8:53
      www.google.com
      dns
      Spotify.exe
      60 B
       85 B
       1
      1

      DNS Request

      www.google.com

    • 142.250.180.4:443
      www.google.com
      https
      Spotify.exe
      4.4kB
       9.8kB
       11
      12
    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       88 B
       1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.4.4
      8.8.8.8

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       132 B
       1
      1

      DNS Request

      dns.google

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       88 B
       1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.8.8
      8.8.4.4

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       132 B
       1
      1

      DNS Request

      dns.google

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       88 B
       1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.8.8
      8.8.4.4

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       132 B
       1
      1

      DNS Request

      dns.google

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       88 B
       1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.8.8
      8.8.4.4

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       132 B
       1
      1

      DNS Request

      dns.google

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       88 B
       1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.4.4
      8.8.8.8

    • 8.8.8.8:53
      dns.google
      dns
      Spotify.exe
      56 B
       132 B
       1
      1

      DNS Request

      dns.google

    • 8.8.8.8:443
      dns.google
      https
      Spotify.exe
      4.2kB
       9.0kB
       7
      11
    • 8.8.8.8:443
      dns.google
      https
      Spotify.exe
      4.2kB
       9.0kB
       7
      11
    • 216.58.201.99:443
      https
      Spotify.exe
      10.8kB
       12.3kB
       23
      29
    • 8.8.4.4:443
      dns.google
      https
      Spotify.exe
      4.2kB
       9.0kB
       7
      11
    • 35.186.224.24:443
      clienttoken.spotify.com
      https
      Spotify.exe
      2.9kB
       5.2kB
       5
      8
    • 8.8.8.8:443
      dns.google
      https
      Spotify.exe
      3.5kB
       5.5kB
       9
      11
    • 142.250.180.4:443
      www.google.com
      https
      Spotify.exe
      2.9kB
       4.1kB
       6
      7
    • 8.8.8.8:443
      dns.google
      https
      Spotify.exe
      4.8kB
       6.9kB
       10
      13
    • 216.58.201.99:443
      https
      Spotify.exe
      11.2kB
       8.7kB
       27
      29

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Spotify\Crowd Deny\2023.11.29.1201\Preload Data
      Filesize

      12KB

      MD5

      aa3ef996bce08a9c34fe513d078d1ee3

      SHA1

      21688d164d442d37fd5471e13b41b1d216f88d37

      SHA256

      09d2155be71880356a993fabacc2ce01f4fbab99497ec157b53a094b8927c039

      SHA512

      285c85ca55fa54a1a12c47909b8575e8388570a76f238dc75aedece12e58dc0a3fe15edeffc41af14bb7944a0682de76f0ee0d6502d15973f8d9b1c5b2f828bd

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\23bc8ce1-6538-4ebf-b292-7a4e928d8904.tmp
      Filesize

      9KB

      MD5

      bcba75e5bf2ba222e1b50c8feb060732

      SHA1

      16a15f06463cdf316bf93e84e4c7b36520c112d3

      SHA256

      47468bb0296dd464df501607e63a48abfa47e2396f788cc849a28ae7b67af292

      SHA512

      d4e3cb0d078142d473af2d5dcfd67d6f81bba0f4393a9d28b081aeb7b33ec340256984fd01b1a86c23ea5ace9a6d4fb9d392d4ff083ece8edd2e992487084417

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Code Cache\js\index-dir\the-real-index
      Filesize

      48B

      MD5

      f574ed9ef313bfcce5a110cc8657b10d

      SHA1

      5e2d178a375e16ad68d60f42462f0f2ae8a93e20

      SHA256

      d5f0baffff86925ec67e69644f406bd677df861324ba7a040f294968e69ca584

      SHA512

      899e6d1318af0c396283e50071557d5bda08570424fab15d14d344ed2081f9a3c8183c875027d56d808976f717ebbb3eef0fbb023cdc2a3634ba5f644e857d27

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Code Cache\js\index-dir\the-real-index
      Filesize

      96B

      MD5

      a92b61c1eebbb84c5a7cd3e020cfa703

      SHA1

      929ca64f031e3d372bc49f46bdd1b2386284cf4a

      SHA256

      c2e935195686324c1dc32fb2fad146b8409dae89e381526bdf0ea3b307e3e128

      SHA512

      5e93f71cf30e64ca86131f0fd8022306a82b3f42321bc029fadb670c7c07e28e824a6aa629e356abf625281dda9cc5ed1a4c94416f46810a0b49e692fdba44c8

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\DawnWebGPUCache\data_0
      Filesize

      8KB

      MD5

      cf89d16bb9107c631daabf0c0ee58efb

      SHA1

      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

      SHA256

      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

      SHA512

      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\DawnWebGPUCache\data_1
      Filesize

      264KB

      MD5

      d0d388f3865d0523e451d6ba0be34cc4

      SHA1

      8571c6a52aacc2747c048e3419e5657b74612995

      SHA256

      902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

      SHA512

      376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\DawnWebGPUCache\data_2
      Filesize

      8KB

      MD5

      0962291d6d367570bee5454721c17e11

      SHA1

      59d10a893ef321a706a9255176761366115bedcb

      SHA256

      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

      SHA512

      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\DawnWebGPUCache\data_3
      Filesize

      8KB

      MD5

      41876349cb12d6db992f1309f22df3f0

      SHA1

      5cf26b3420fc0302cd0a71e8d029739b8765be27

      SHA256

      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

      SHA512

      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Network\Network Persistent State
      Filesize

      1KB

      MD5

      cdfdca38e90bdf64727249eb6cfa15d8

      SHA1

      5f05c79d617caefaa137ef61a252a1136df1ab6c

      SHA256

      6da64631b23b19dfda8ec9551a77e991b70de38f354ebd8d5c66923761bcd286

      SHA512

      8578644e1650c2d296225ee76635af71f4c61ed2f09ece5307b1c8fccdfe51f26141d99b4ed9280ab673d940d095ee9eef5fcfb8f604d93312c3073063c320bf

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Network\Network Persistent State~RFe590efa.TMP
      Filesize

      59B

      MD5

      2800881c775077e1c4b6e06bf4676de4

      SHA1

      2873631068c8b3b9495638c865915be822442c8b

      SHA256

      226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

      SHA512

      e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Network\SCT Auditing Pending Reports
      Filesize

      2B

      MD5

      d751713988987e9331980363e24189ce

      SHA1

      97d170e1550eee4afc0af065b78cda302a97674c

      SHA256

      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

      SHA512

      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Network\TransportSecurity
      Filesize

      859B

      MD5

      9a20bef8f2d648a750857308750cceae

      SHA1

      624ef9a65c3ceb20122cee582a81947d0e7600ae

      SHA256

      ef325d80eb3341848a394446e2591587bb4ca2a7b6472631c81545af52a260fe

      SHA512

      57cd355a1a154a6ad7ca45d4e687f044a726603580cc3a32b4f03d528ba44846032c1366409b327d91859c3a0fc5351130fe5901f823a13f33fd2eaba6df9999

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Network\TransportSecurity~RFe591d62.TMP
      Filesize

      859B

      MD5

      f119188cf123db5132ae8c3f864e318e

      SHA1

      3f4f625f2f0bf6f3e77af7640cb73517a7c2fc89

      SHA256

      8b197361784ab4ba5a81bac12ca9b41879f0416ac63f588f6c861e4c20526108

      SHA512

      0b511428063de2ad03ab5db3cf96cc65a0ff827ad8cc5f875a8a11541ab50e8596a21aaa7125e6cb99ea70a0e9c2b57bf3bb76198b52464af2e209cdba203113

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Preferences
      Filesize

      8KB

      MD5

      a09aba238ffd641f87d75bb94f69f5dd

      SHA1

      5344b2e1fef1a44d61f96922e277de2eb9ce6f3f

      SHA256

      8417839045888ec2bc1851dfc1a092f0daa0160822d52b9d074885c7137c85a6

      SHA512

      d32a53ca814c04bd6f8ddbc241424e03f958db71270be000452690f7d09ec5b7f4dbb554bf5c49fe609509879e47252c1c9df6ad58956505b019805a5887b65e

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Preferences~RFe585bc7.TMP
      Filesize

      8KB

      MD5

      3789da7b8eb2012ac9e86ca82f3cbcba

      SHA1

      0aa2664b4fc1bad999c3d184f8ac74769333b3f9

      SHA256

      f485c919c7918971bf73fb3416356924980a0d09992e1f69d6fa289bb97de699

      SHA512

      4f4214cbaa22e0f2a2b8b47523ab112e93532d8406f9402670e9defce8ea2405d8ee1a0f8636583ae78388419d96aa408297810a925dffa9905bc3a26719a276

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Site Characteristics Database\MANIFEST-000001
      Filesize

      41B

      MD5

      5af87dfd673ba2115e2fcf5cfdb727ab

      SHA1

      d5b5bbf396dc291274584ef71f444f420b6056f1

      SHA256

      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

      SHA512

      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Default\Sync Data\LevelDB\CURRENT
      Filesize

      16B

      MD5

      46295cac801e5d4857d09837238a6394

      SHA1

      44e0fa1b517dbf802b18faf0785eeea6ac51594b

      SHA256

      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

      SHA512

      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State
      Filesize

      24KB

      MD5

      2abd2fc15e1c69085b0d679502e397aa

      SHA1

      79e88209e1095db1f03d9181b58ef2d05d384ca1

      SHA256

      9412c78a8ee19e2af6a4695aa1ccba12b5cc4a92c926e64693aff696ac5f16f2

      SHA512

      02ce7cd286f5f34092eef5ff980522a472ad42f1e59671dc7f4b80e91a886d38cd7dedb7586e447a9562e7ad7b4ff5eafb37c92c60c6afc3965f6ed66e31291c

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State
      Filesize

      25KB

      MD5

      1cb93d2c04c4486f931f6747c83aeaa8

      SHA1

      bac2647729a7facbc3f9df1b653b7bf094e669a0

      SHA256

      d65e06646191ba331a17a2ae8a51fbcb5457365b5b45b19e32409a35a1e93ee2

      SHA512

      8fb216473594d7df3fde5972d4a70b80f8dacbd8de10755dc05de43fc7c7b86ae0b7a2507d5f6cdd828e9b38c26f56cb9b3e10e4fbc6cb98158bf5ff4707d217

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State
      Filesize

      1KB

      MD5

      8a171c965cba04eab086a3f7633e8376

      SHA1

      bd01db1549b6c770b44e2e24d412edb96cc20e33

      SHA256

      9f8bc9ea82c5761b804d442c4ee5ec88d9e7a22063b6bc9fa50146f42d7fc8c2

      SHA512

      f11790206709b6f61943771c6e54b4ce0365c55996909691749e91bf87c33ac2b2909261d991890c57013f0b03581b0cd1225012799bc87ef394e474634bc223

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State
      Filesize

      2KB

      MD5

      f0d152a8937ef6cb5dc204417c1f4c55

      SHA1

      f7e973e90f3083b3da2f60bb0493621818f6bca0

      SHA256

      5735fbace08a92873b0120a08f89708153e511e9a7afe674ca6d6e14e06a80b0

      SHA512

      4bda3f38535038b1f64048032f861b69fb6422ff530a541f5967cc80bf6a9478f89afcc20aeec2e66439a1dd2cf3464edb576df5b01fe733cdf86a49def644e4

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State
      Filesize

      5KB

      MD5

      d86126af8121dd85e9df098bf5cc7004

      SHA1

      0a1f838c9a3f8ef2c4439be1d6c6269d87674a19

      SHA256

      be85479770d4d3861b90a83cf21e77e30e9cd5078dfc972d7c557b77363350de

      SHA512

      f4f939bebf122c594b514d365e74272ea273441f05a5763309a699b4e69d8474ad79afeb8fc61d6d738e6d84bebf67cdc6cde5c04f8c297071408b5b9edd540f

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\Local State~RFe57f86a.TMP
      Filesize

      951B

      MD5

      f732f370f869a88e8afba5f4a544dc8e

      SHA1

      e5b7b7832cccd083b489279375af68aa7992675f

      SHA256

      0d05e02226d41528f3f64e464c7f8ee86a94ce371184727aa733b8e6b3e97513

      SHA512

      d39c70feb60fd9bbb807329d43fe7c8fb2cf93f5ee983af2b42da46c625367e1c5dc66d6426053b8f6a9de7caa8939efb29c0631257196cefe4037b3b86294fe

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\OptimizationHints\474\optimization-hints.pb
      Filesize

      52KB

      MD5

      2f6b4af55206d991bdf470ba8b8af25b

      SHA1

      fd5a8137cac84e2c0df4d2d7102467de7ee483ac

      SHA256

      32ce2a2f9910a7114d53aa57a559959d8dcca3a37c7ed3780003359bdf882c92

      SHA512

      67785852ca623e55632a56c58a910f43112c4797317d90fe96dc0ed0182eeba9ff4844db4da2f60e7e154cf6799faadb8fdef090d9809fff7a8bd93f4f7fa76a

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\PKIMetadata\1128\crs.pb
      Filesize

      141KB

      MD5

      57086b02f74c3fe7b79a5e2e3d852322

      SHA1

      6420387225ddcd5210175de4f3fdb0ab2be8ee9c

      SHA256

      a1b5be8d4aab349aff58ed34e1f3bc6647cf440830da0a12a8bd5a1c976c6407

      SHA512

      b195eb9a9129863e75be603b00b85ecfe46360910529fb38513af6940f9d17efd56f234b47963452329cd85b16bebb5a85ab5d304743e57d33bafd5b59900468

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\PKIMetadata\1128\kp_pinslist.pb
      Filesize

      11KB

      MD5

      af9a7f26ffa72d44d24d815f25079009

      SHA1

      e9acf3ad4fa036a3919cc4a15a40099f4804d06d

      SHA256

      7e3011a6b31595aa910cd9acb7884f2d47c18382719282991cdc81c5a19c2db3

      SHA512

      e36b478c05d9096a330884474a72b239f7108e8947972961ab3611ea16b0d122064efe5d48c88d349eacae099fa8e3729ed16ffd70d59dbeec2831d7c4333c5c

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\PrivacySandboxAttestationsPreloaded\2024.10.30.0\privacy-sandbox-attestations.dat
      Filesize

      7KB

      MD5

      d870ae21d5872f145f30bd1f887cff84

      SHA1

      7e1d9cc092c38f9e0ec91c9f8d30733c75c71761

      SHA256

      12684b9ba04525d62d94a5c706e168b2b170c31ee9fa7587901c1690c9bdbec3

      SHA512

      e0054e77a1a3ee7513bb32932ab55509646f40e096404e5a51e4d400a8658c851991ad027a235ec6d9a37c5f4012c6cdc304e3f402ac4ad23d6d50002714b1c8

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\SSLErrorAssistant\7\ssl_error_assistant.pb
      Filesize

      2KB

      MD5

      e2f792c9e2dd86f39e8286b2ead2fc70

      SHA1

      8a32867614d2a23e473ed642056ded8e566687f9

      SHA256

      ac354a4723aaa4f06bec385ddde4a4d0983ad51456f52b31a8068ec97d5b5ea7

      SHA512

      6a7af0ca1efa65a89a9ca3b8df0d2e24f21d91673c60cdfeeb02d33647442b01d535497249542f40e66e0d2dd3e9f8ed1f4a201fd97138d07a2b71366737e580

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\TpcdMetadata\2024.11.10.1\metadata.pb
      Filesize

      32KB

      MD5

      bfe99681bc4609bb9a810e46a7481d5d

      SHA1

      61dfcfb568bf5e85e7bfd603a6f003b7572f650d

      SHA256

      2c7a77b058e1db2bffee1048ac35ed01f37ce87d69f80d5e6b7f6dd5958bd6ea

      SHA512

      b9dddb2074582110e22d4c35694ab340daf1baf57add507292da5008863cbd1fb8e75299fb402541f0ba3d619582306553677cb1dbd537fb9fcb3b293fc275b6

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\TrustTokenKeyCommitments\2024.10.11.1\keys.json
      Filesize

      6KB

      MD5

      052b398cc49648660aaff778d897c6de

      SHA1

      d4fdd81f2ee4c8a4572affbfd1830a0c574a8715

      SHA256

      47ec07ddf9bbd0082b3a2dfea39491090e73a09106945982e395a9f3cb6d88ae

      SHA512

      ed53d0804a2ef1bc779af76aa39f5eb8ce2edc7f301f365eeaa0cf5a9ab49f2a21a24f52dd0eb07c480078ce2dd03c7fbb088082aea9b7cdd88a6482ae072037

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\User Data\Crashpad\settings.dat
      Filesize

      56B

      MD5

      d6841cab84e27d3eb3cc06a343e7b1bb

      SHA1

      7651fa96c12fbc6a471c06162a9ce5eccf3726c6

      SHA256

      19306a6f32beaa7e8c09f1aa3effbcb3f173a09cf56e5584fec6a68a86f89db7

      SHA512

      703173b7d994b098b92dea063c906cb2c3721cf3f05068edb1cdd9cf7a5a223629b2b86bd0d21240df13eca27b7adcb63d74b846ffb94331e6c0c2b9b38b3dcf

      Download Submit

    • C:\Users\Admin\AppData\Local\Spotify\public.ldb\000002.dbtmp
      Filesize

      16B

      MD5

      206702161f94c5cd39fadd03f4014d98

      SHA1

      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

      SHA256

      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

      SHA512

      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

      Download Submit

    • C:\Users\Admin\AppData\Roaming\SpotifySetup.exe
      Filesize

      1010KB

      MD5

      b10f6fefd3e1000f950323b961108bb2

      SHA1

      26dfa48343464c574102607e75e9deb6d92e01c9

      SHA256

      56b68adbeb6085189ec52a7f8c3d70f6946505e2c778e0efbcf5a501dd7e1938

      SHA512

      541af6f3db8c662b81a94518b4371b19441249608d35e92c45b36b3a207969d1bd5fe0cfd7e5271c946b337e2ce1737add082804b5a59dc91ac99b4c2df0ddc5

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\Apps\login.spa
      Filesize

      3.5MB

      MD5

      04deb28fc52a7f7ae1a3e45c70961cb4

      SHA1

      c9b79891a7fd7665f82034808ea2b0ea50edec8f

      SHA256

      bfb18ab61700d5284e4adf42ac37593eebf9962d216241cdfe5ea3d8917c8f1c

      SHA512

      76abd2a3b18c2a6e3cef8a1ddcdb869b24488190b04a9946c73a5a5a5a048a07ad1e549418ea8bca2264362ea99828e4c49a1807bcf42fb542bc887fc0a0bbbc

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
      Filesize

      34.5MB

      MD5

      7bad85af975fcde64345c3d9a37a4599

      SHA1

      cd3214fd2b6acdfe37f01d4fee1001e6d3c0de57

      SHA256

      36094c5e6a62adf40e23d0765f29be9b5e7cb6e0c5a85ab8c53bfb0f8f2abddf

      SHA512

      e26d44c958416eb95a682f2309ad7fa59e7f117241d7f1d40cd92ad794b735ecc67659e3ba4be0f0f4d150ace73fe3990e0e16a581970b07a4419f0bb0fa0c37

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\chrome_100_percent.pak
      Filesize

      679KB

      MD5

      315618a9e00e46ff870d9c0de2509121

      SHA1

      a1401e40bc28ddbddbd6fcacb29c4aba43741e5d

      SHA256

      9e3bfa5ab9ed42990ad4bebc2edcfa01ce9ff694df9f09cf2fa0b2b235e94710

      SHA512

      8ab44c9b7e12702daf703d97346738148c950d779329983a1f2806b0fb350d77726e73a7f96f3eca1197e411116401ab6550e1ca92e89dbb5fb7a163569a1d5e

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\chrome_200_percent.pak
      Filesize

      1.0MB

      MD5

      6c5b88cb407f1e109fd5e8efc759022c

      SHA1

      1a51194713a44f7f6cde9eb4654b105a18106aec

      SHA256

      9158e9ffa46b73bd6d2f5ad7cb8c7e210b4cfd66dcd0ffcac051939c60a7c93e

      SHA512

      48666fa041c13b21966d4d8fbbef070c8ed09b0c81e37b127f0526b01d8e146cab452007fcc84399f34e5309ee48681083faf3fe64d2e92a088f2dc7470404a9

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\chrome_elf.dll
      Filesize

      1.3MB

      MD5

      5a484bffb1f3b7724e612d2d6087ae68

      SHA1

      47e209557147cb1c4acdbdbeda43cc004c4ae054

      SHA256

      ea6c466e98fbf1856062afa9f59a1b3dbe2d41f891c0691ae1ecd4a006b994e6

      SHA512

      04acd3c14fa771eec9c9247549a44e47d8ef9992f7cef53efb6bbbac074d91906e456453c3c77ffc179aa7b3a33e1284643406066d4aba1bfe09f41649fbed51

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\crash_reporter.cfg
      Filesize

      577B

      MD5

      d986a0ce2e2bfcd99cff8e85cf117f90

      SHA1

      c5fd9516b09dbe7ad2486ed6c11f983bae68ac76

      SHA256

      384dc4f65c8ebe6fc1c8c516fb80351a3efe90a902c2966db16ab2748bfe435e

      SHA512

      c9c1e6dc1110a9fc97b0e60c385b271c785b79ba67ced87fecd8d2f5da9e7e021c68608d66c6fc78e96cf39ba31a2b589afae6292448c77e2e84228d4fb1b490

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\d3dcompiler_47.dll
      Filesize

      4.7MB

      MD5

      1ca14592a99cf6b6e4a5792b3dbf390b

      SHA1

      9f08373e059a45733b70bca5a5cf24b947d93ccd

      SHA256

      bca5417595a8a5f269a8b3cae6e02fec6ee508badd26fc531f2d4a568fda1e24

      SHA512

      896645f348097fcfc2a78bc2dae19b6714c225e7309997ba9688a5170e8448034ad45516df251a01c7fdf044614002e060a24a9e98777ad6d0dfd858b2b7866d

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\icudtl.dat
      Filesize

      10.0MB

      MD5

      ffd67c1e24cb35dc109a24024b1ba7ec

      SHA1

      99f545bc396878c7a53e98a79017d9531af7c1f5

      SHA256

      9ae98c06cbb0ea43c5cd6b5725310c008c65e46072421a1118cb88e1de9a8b92

      SHA512

      e1a865e685d2d3bacd0916d4238a79462519d887feb273a251120bb6af2b4481d025f3b21ce9a1a95a49371a0aa3ecf072175ba756974e831dbfde1f0feaeb79

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\libEGL.dll
      Filesize

      493KB

      MD5

      27889c2ec43cd414379d4931d301ed37

      SHA1

      958662abb73afbb6cb37c7b210689cd6d0023282

      SHA256

      d006bb099a52f61f2b470574fc914ab4edb9fdb83667b75eb3ed244a1752275c

      SHA512

      9f53ba9d30f624783613760e5414efcf64156375191f239cc0d3e63ff1915e4636f48c74aa6c43ac10e6b698a44177ef403bda7d714dcc58468aba250e9bc883

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\libGLESv2.dll
      Filesize

      7.9MB

      MD5

      7440c36df0f59fc055c8937aee89a1ae

      SHA1

      1ef04b3f6672bd6250664d4980cff41a003d9420

      SHA256

      23fdc45cf1ba053443200a9b95316d90187219556ab0808721e0827af9f3c29b

      SHA512

      876c256a6d9298fa4b6a5d9c4436619637c2a43f6f1fed5b4778fbac7eebb9dfb26966e2c2d1f37c012a4e13e8fd965e3cf5ba97d2304b625dc63c3fa8878c7e

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\locales\en-US.pak
      Filesize

      489KB

      MD5

      fda63a59f6f00864ff7b4992b994df92

      SHA1

      3d65883b5d35dbf7b80ff3f5d1812d281156d645

      SHA256

      e9b342f0a903b1dfe41298dbfe103720466b104ee90c696d5af7f489b6deeb88

      SHA512

      5a6b74e1424ade1f1bda8a2f91c47dc17c2a5a671c6558e347790bff55b01cfaa367faec4bdba13b2ecd8e678b04307238a23d3225a4393d4d7591aaf8fcbdbe

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\locales\en.mo
      Filesize

      16KB

      MD5

      87c1890da8303ed7040602d7b20dca83

      SHA1

      b8c6cfe3cf2486388715f1f854290186174520c1

      SHA256

      91360c336405111a7f0ef18cbf0f4ad95d59600cb8a1b57d2a205612b5fd13b8

      SHA512

      472006d4a2f77711320d71a6267aed3fbbf64336da9fc1283878fe672470c42da798ba20b0a34c0575b8346400fd4b943fd5decedfeb395632dd219151e616f3

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\resources.pak
      Filesize

      8.4MB

      MD5

      49a1019b3eaf66dc7859bb15cb66b56e

      SHA1

      2bb25cc83ec2fc9049c176e377aa081e17c4b835

      SHA256

      d16040ce315f751c424ff81f8e31aa4aa8706b939c0e31b4040048813fe3996a

      SHA512

      db24ccaf3546e2eb786213f635f7751f0432dfee9078817d05db5c68e63d93c42e03f7c227f11d62f13b6bf0b4a145b0120a0f1e912cf27de2df3a2dc27bba73

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\v8_context_snapshot.bin
      Filesize

      674KB

      MD5

      e4891fff1d2ec3b05b842f7f8748138c

      SHA1

      2f80a8e0716b8849d71d30bb4d8225acad2aaad9

      SHA256

      4850882ed1bab3718d815ea31e793808c1505f92c05605cb21ba32e234b0edae

      SHA512

      f6d11610545a61e33798ee2a4c9ff5aad9c155c61d31879344c57a8a0b2c6767cc34f9c9ad4751966699d0eac131acb451c2b2e990d560ca07e5f60b4d31ea94

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Spotify\vk_swiftshader.dll
      Filesize

      5.1MB

      MD5

      4a0013617495203068a06af8b286a530

      SHA1

      cdb8417885a287f0526645125bbd140fc32df337

      SHA256

      3c2d06b7d4c6b9e7545b89e371fee3d6db18fdf00e3aae0d90e11c9a38c35675

      SHA512

      3d3c4d6422512788ac4d912a949eb23d5b9525b30796967d85b08e826ee1f52b50d591bf10dc683d1a59ad82ce64da59148c0e91018802dc64ac5359ed36de10

      Download Submit

    • C:\Users\Admin\AppData\Roaming\malware test.exe
      Filesize

      197KB

      MD5

      a136a6cd249185514736e6de89c1bb84

      SHA1

      52c9c02b19a3d5eb7aae4a8b32200cd4bacc7531

      SHA256

      11f13baad0093bfd89149eab0b58df7ba74b49d6209a9da8c7cbff3fbb47777c

      SHA512

      15cb3c8d36ae307bc193c4b2c2502151d2b52991e234e4666e7669017ad165bf6c5ca780a02dd17e08dbb80015c2b3220088bd21a6239be6821a10218698ee14

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1050973456\manifest.json
      Filesize

      73B

      MD5

      5a4e52a06859890d9d630d48b364d7ee

      SHA1

      7c7125c02aeb83e6f327345b665fa8651e17ee23

      SHA256

      7ec5906e1cd1aeb6a36d55b3bb633ed1a5b2d5fe46547a1609279cb046092f09

      SHA512

      a5c39be4547a1937ba2019f95a2c251afb70384568ae5308b85af943370cd0c72eaf0138921aefd4dd988e3c18773e1461a5d7ab17ccc64c43321a70e3f83a9d

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1066953173\manifest.json
      Filesize

      76B

      MD5

      4aaa0ed8099ecc1da778a9bc39393808

      SHA1

      0e4a733a5af337f101cfa6bea5ebc153380f7b05

      SHA256

      20b91160e2611d3159ad82857323febc906457756678ab73f305c3a1e399d18d

      SHA512

      dfa942c35e1e5f62dd8840c97693cdbfd6d71a1fd2f42e26cb75b98bb6a1818395ecdf552d46f07dff1e9c74f1493a39e05b14e3409963eff1ada88897152879

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1188477345\manifest.fingerprint
      Filesize

      66B

      MD5

      d4c6c17ad54175991c293c7a3bff19e0

      SHA1

      11d93f1762413233290a9e80bee28abae76dfbb4

      SHA256

      d60f7b141c097d144b99235825b53957a6cab29fec651fba510515367fdf5f34

      SHA512

      310592c88d2ee816260d0cc406aa8785433f0e310ed89be930405364a7a99e1da22acb44a353c4df85381bf41a000043dd72ef310f67fade5e9f0ba8fe092278

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1188477345\manifest.json
      Filesize

      98B

      MD5

      4dd9ff84cee7313157e72fe5e2477eb7

      SHA1

      b0aa5b72af2940c10f761e2b981df5b56ec8bacb

      SHA256

      953bfed324c6cd16befc4d9537f8972014ff33e22ec1d8bad14c543e6ed3b531

      SHA512

      bf79799e252cfa48dd8d921325f7d0da0e341a0553ccaa1a501ae7131b11e0cce772fe4ce18f22834a4e15a21833ae1a02037155bd622118e3ac4ff664eccf85

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_145941090\manifest.json
      Filesize

      80B

      MD5

      077da41a01dde0173ebbf70d3b7210e2

      SHA1

      4b3c3deeb9522ca4ef4e42efcf63b2674f6a5c07

      SHA256

      23bed5c8ebea0c376483374bad7baf633a7e52f3e0a609371c518e06e645bda0

      SHA512

      2822d02e2b3c6306e6d71fa62e7f472b4c3cdf0cbe499b70ac60a0a50e547ed47c394d7de88bbef2e6015920442b9d30cbc0d6869d154e02ec251712f918deec

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1876301209\manifest.json
      Filesize

      108B

      MD5

      3bfff137cf06f4bf2c6de03dc24947e2

      SHA1

      25971600ec83c3fd118ef8c42ec7682f93d11fa4

      SHA256

      ad1b51fb7cbaca53d730c3cb8daf7e5a984546fc022d8a4d16bbfd709a82548a

      SHA512

      e6d4b4c5accc74e1aa8a02fc2be14c971b2d7d480c6ba9fe1f416cb56b2c83190f661d363e5bc63daa04ef2d793563dce3e60192554e33d414ccd1daeea3f38b

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_1894291753\manifest.json
      Filesize

      109B

      MD5

      4a1506f39aecad866a229fe927f2c2f7

      SHA1

      3f220533e12f0d8b5f0da20af857a156626ee28b

      SHA256

      ce1bbba96b8b7ce09bd98b07e0f0d3e4db05c0a9f2477a5cafbf7fb8383b4616

      SHA512

      a118937b238272e0070227962a17260711a96f7333cdaf1497a9fd0bc50b8fd511c47bc3a75b2090fcce4565ddd08f307e43f95ea7216a1d694f2e6211a3519c

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_351042165\manifest.json
      Filesize

      111B

      MD5

      225c08f039684dfb54aac162dd9d5b9e

      SHA1

      426bd1044bfcd5e1a10b58ed1f217a6b33b2e9c3

      SHA256

      98306b21c0aaf9546301f4ab7fed785dc369c67e2fd2ad4d62fc63f072a51e3c

      SHA512

      d6ff6cea0c08d13a642996a110432792048d21160c04543fbcacc60abcde362318e13a42fcd7520bc7673e98544a68a3eb6cc4338f4f4d8e90e0dfd5c40b77b7

      Download Submit

    • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2040_90341354\manifest.json
      Filesize

      98B

      MD5

      05c5976d715ddd3cd7c7cfb35ed3ef25

      SHA1

      814895d5d1b3e221dd20fc175aac0214ada6f83f

      SHA256

      a5f3d847ebeea9c9e21bc1640672ba84c0f15f0010758a50e384780f337eb119

      SHA512

      3951a45638e6f615eb022dd65b5e00fe5d4d77b79c18fc4cc5714a59053125b3b14ec7655b3405193ae27a035f2b3dc9e98bb76d7da6fba1266549ec709506fd

      Download Submit

    • memory/636-285-0x00007FFC8F140000-0x00007FFC8F141000-memory.dmp

      Filesize

      4KB

      Download

    • memory/636-284-0x00007FFC8F960000-0x00007FFC8F961000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1500-34-0x00007FFC90BE0000-0x00007FFC90DE9000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1500-33-0x00007FFC90BE0000-0x00007FFC90DE9000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1500-25-0x00000000002C0000-0x00000000002F6000-memory.dmp

      Filesize

      216KB

      Download

    • memory/1500-24-0x00007FFC90BE0000-0x00007FFC90DE9000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1852-281-0x00007FF71E470000-0x00007FF720735000-memory.dmp

      Filesize

      34.8MB

      Download

    • memory/2040-256-0x00007FF71E470000-0x00007FF720735000-memory.dmp

      Filesize

      34.8MB

      Download

    • memory/2040-468-0x00007FF71E470000-0x00007FF720735000-memory.dmp

      Filesize

      34.8MB

      Download

    • memory/2788-26-0x00007FFC90BE0000-0x00007FFC90DE9000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2788-0-0x00000000002B0000-0x00000000003E6000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/2788-1-0x00007FFC90BE0000-0x00007FFC90DE9000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/4776-1935-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1937-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1936-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1941-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1944-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1947-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1946-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1945-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1943-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4776-1942-0x0000020B0C150000-0x0000020B0C151000-memory.dmp

      Filesize

      4KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.