Analysis Overview
Threat Level: Likely malicious
The file https://f29cc861.solaraweb-alj.pages.dev/download/static/files/Bootstrapper.exe was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
Loads dropped DLL
Executes dropped EXE
Unexpected DNS network traffic destination
Checks BIOS information in registry
Themida packer
Legitimate hosting services abused for malware hosting/C2
Blocklisted process makes network request
Checks whether UAC is enabled
Network Share Discovery
Enumerates connected drives
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
System Location Discovery: System Language Discovery
Browser Information Discovery
System Network Configuration Discovery: Internet Connection Discovery
Enumerates physical storage devices
Gathers network information
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
NTFS ADS
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 08:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 08:52
Reported
2024-11-13 08:56
Platform
win11-20241007-en
Max time kernel
209s
Max time network
208s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\Solara\Solara.exe | N/A |
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\Solara\Solara.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\Solara\Solara.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
| N/A | N/A | C:\Program Files\nodejs\node.exe | N/A |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
| N/A | N/A | C:\Program Files\nodejs\node.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\Solara\Solara.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Network Share Discovery
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\node-gyp.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\arborist\load-actual.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\fs\LICENSE.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\npm-bundled\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmexec\lib\run-script.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ci-info\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmpack\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-fetch\lib\request.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\metavuln-calculator\lib\advisory.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\commands\find-dupes.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\make-fetch-happen\lib\remote.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\iconv-lite\lib\streams.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-dedupe.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man7\package-spec.7 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-fund.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ci-info\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\utils\open-url.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\has\src\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\buffer\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\npm | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\qrcode-terminal\example\small-qrcode.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\events\tests\common.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\pacote\lib\util\npm.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\config\lib\type-description.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\dist\parser.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\wcwidth\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmpack\README.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\util\promise.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\models\metadata.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\err-code\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\debug\src\browser.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\hosted-git-info\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-fetch\lib\fetch-error.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\read-cmd-shim\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-config.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\util\oidc.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\commands\doctor.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\make-fetch-happen\lib\options.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-run-script.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\binary-extensions\binary-extensions.json.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-uninstall.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\docs\binding.gyp-files-in-the-wild.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\using-npm\removal.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\error.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\cmp.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\concat-map\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-correct\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\text-table\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\internal\streams\writable.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\sigstore.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\utils\json.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\make-fetch-happen\lib\remote.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\socks\typings\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-owner.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\internal\validators.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\npm-registry-fetch\lib\check-response.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\pnpm.cmd | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\run-script\lib\make-spawn-args.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-explore.1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cacache\lib\util\tmp.js | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e582bed.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3081.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI35F4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3623.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3990.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI51BD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI524B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e582bf1.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5569.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3110.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFB0F7CE94A619B3D4.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF5A96B4CB3A160340.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF83A523C366456AC2.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3537.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5420.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFBE673D0F84F0E6F6.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e582bed.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI30FF.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3970.tmp | C:\Windows\system32\msiexec.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Bootstrapper.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\wevtutil.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759615857714475" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\npm | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPath | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0 = 5a003100000000006d59bb461000534f4c4152567e310000420009000400efbe6d59af466d59bb462e00000046a80200000004000000000000000000000000000000f40df10053006f006c0061007200200076003300000018000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeEtwSupport = "NodeRuntime" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0\0\NodeSlot = "4" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\DocumentationShortcuts | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Version = "303038464" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductIcon = "C:\\Windows\\Installer\\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\\NodeIcon" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\PackageCode = "347C7A52EDBDC9A498427C0BC7ABB536" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\MRUListEx = 00000000ffffffff | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\corepack | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\MRUListEx = 00000000ffffffff | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNode = "EnvironmentPath" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 19002f433a5c000000000000000000000000000000000000000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = 00000000ffffffff | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0 = 7e003100000000006d59b34611004465736b746f7000680009000400efbe4759d35e6d59b3462e000000365702000000010000000000000000003e0000000000a275b1004400650073006b0074006f007000000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370036003900000016000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 = 78003100000000004759d35e1100557365727300640009000400efbec5522d606d59a3462e0000006c0500000000010000000000000000003a00000000004d98070155007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\ProgramData\Solara\Solara.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\ProgramData\Solara\Solara.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeRuntime | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductName = "Node.js" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\ProgramData\Solara\Solara.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Bootstrapper.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\nodejs\node.exe | N/A |
| N/A | N/A | C:\Program Files\nodejs\node.exe | N/A |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://f29cc861.solaraweb-alj.pages.dev/download/static/files/Bootstrapper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe874fcc40,0x7ffe874fcc4c,0x7ffe874fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1660,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1708 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2068 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3068,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4864,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4880 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4872,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4884,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5236,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4828 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Desktop\Solar v3\Bootstrapper.exe
"C:\Users\Admin\Desktop\Solar v3\Bootstrapper.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c ipconfig /all
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\Wbem\WMIC.exe
wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding A899DC2EF3CB5D1F69997E3D062F0B54
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding C0F2C4006AF978197476ADED7B62F561
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 9AA89F503AC81CA51A175263C3A750C1 E Global\MSI0000
C:\Windows\SysWOW64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Users\Admin\Desktop\Solar v3\Bootstrapper.exe
"C:\Users\Admin\Desktop\Solar v3\Bootstrapper.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c ipconfig /all
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Program Files\nodejs\node.exe
"node" -v
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Program Files\nodejs\node.exe
"node" "C:\ProgramData\Solara\Monaco\fileaccess\index.js" 568275d19c0a4743
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=764.3408.10499041373260605702
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x11c,0x120,0x124,0xfc,0x12c,0x7ffe67d73cb8,0x7ffe67d73cc8,0x7ffe67d73cd8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2008 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2488 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4480 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4276,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4992,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3368,i,532043908513101395,15844258770936622021,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3052 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2892 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4160 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1916,1526911065938798786,15531413882300031248,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView" --webview-exe-name=Solara.exe --webview-exe-version=3.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4772 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | f29cc861.solaraweb-alj.pages.dev | udp |
| US | 172.66.47.197:443 | f29cc861.solaraweb-alj.pages.dev | tcp |
| US | 172.66.47.197:443 | f29cc861.solaraweb-alj.pages.dev | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 197.47.66.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| AU | 1.0.0.1:53 | 46.23.20.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 1.0.0.1.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 1.0.0.1.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | ctldl.windowsupdate.com | udp |
| AU | 1.0.0.1:53 | 233.38.18.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 1.1.1.1:53 | f4355544.solaraweb-alj.pages.dev | udp |
| US | 172.66.47.197:443 | f4355544.solaraweb-alj.pages.dev | tcp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| GB | 216.58.204.67:80 | c.pki.goog | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 1.1.1.1:53 | cdnjs.cloudflare.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.187.31:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.187.31:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.187.31:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.187.31:443 | cdn.jsdelivr.net | tcp |
| N/A | 127.0.0.1:52728 | tcp | |
| N/A | 127.0.0.1:52733 | tcp | |
| N/A | 127.0.0.1:52736 | tcp | |
| N/A | 127.0.0.1:52739 | tcp | |
| N/A | 127.0.0.1:52742 | tcp | |
| N/A | 127.0.0.1:52744 | tcp | |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| US | 76.76.21.142:443 | solaraweb.vercel.app | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| GB | 216.58.204.78:443 | play.google.com | tcp |
| GB | 216.58.204.78:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | consent.google.com | tcp |
| AU | 1.0.0.1:53 | 206.187.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | www.roblox.com | udp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| GB | 2.19.117.32:443 | js.rbxcdn.com | tcp |
| AU | 1.0.0.1:53 | 32.117.19.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | roblox.com | udp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| AU | 1.0.0.1:53 | ecsv2.roblox.com | udp |
| AU | 1.0.0.1:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | apis.rbxcdn.com | udp |
| US | 1.1.1.1:53 | locale.roblox.com | udp |
| AU | 1.0.0.1:53 | apis.rbxcdn.com | udp |
| US | 1.1.1.1:53 | images.rbxcdn.com | udp |
| GB | 88.221.134.122:443 | apis.rbxcdn.com | tcp |
| GB | 2.23.210.92:443 | static.rbxcdn.com | tcp |
| AU | 1.0.0.1:53 | images.rbxcdn.com | udp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| GB | 2.23.210.75:443 | images.rbxcdn.com | tcp |
| AU | 1.0.0.1:53 | auth.roblox.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| US | 1.1.1.1:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 122.134.221.88.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 75.210.23.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 10.178.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 13.107.21.239:443 | tcp | |
| AU | 1.0.0.1:53 | 239.21.107.13.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| N/A | 127.0.0.1:9912 | tcp |
Files
\??\pipe\crashpad_3164_JAEOAFTZFHJKNRPF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ed4533ee-bdea-4d6a-9990-7a45d2d33132.tmp
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\Downloads\Unconfirmed 183892.crdownload
| MD5 | 2a4dcf20b82896be94eb538260c5fb93 |
| SHA1 | 21f232c2fd8132f8677e53258562ad98b455e679 |
| SHA256 | ebbcb489171abfcfce56554dbaeacd22a15838391cbc7c756db02995129def5a |
| SHA512 | 4f1164b2312fb94b7030d6eb6aa9f3502912ffa33505f156443570fc964bfd3bb21ded3cf84092054e07346d2dce83a0907ba33f4ba39ad3fe7a78e836efe288 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d436b4e78a6b6c5f3d09790cbb4894fb |
| SHA1 | 3ca462af7bcbe05c0697c9142005c45aef01eb30 |
| SHA256 | c7f55822364ec109322cb521fd7d82151fc1d8ec6fdbd2b28a3c6c602c9cda62 |
| SHA512 | a3fb289c99816329ed0304a49bd6cbb738885fa43c173f8e06d4150446ff0e79282c32cdc3ecc233c05415a8ff368c30026cca2e6bfd2077e3301c7ae9464ba6 |
C:\Users\Admin\Downloads\Bootstrapper.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\73467d72-270b-48a8-a31f-47cc272f6f8e.tmp
| MD5 | 2095af4759259d802ed096b12c10f71d |
| SHA1 | d36a32639731fdc36d147bb21f0ae1412c052697 |
| SHA256 | 7b868290503881c8f18ecc0ce6d4278c24c4088c9c2cc641e6f905fa5ec2181b |
| SHA512 | 0d27dbe4717a61ec401ebda77533857144bbac7e4c6e3cffff988af67638e717acdc1c9fb4c2624868681a39d5bea94b5121b5f8c4a328b635891b721472312d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b17d4ffdda9172fa14eee4e478f06952 |
| SHA1 | 727aeab502849be3ef178140317920f7450a9a03 |
| SHA256 | 627ab0cda63e8732949632745bf8b389038dd1ef9266203bf9ffabc454db7d9d |
| SHA512 | 68111a7921d36a62ce6f4f399092ed39c809519de78e045bbfd481952d15918386c80b2a8ae50594a4a06a870024676dae4d77b191d8036b8afc934b1002ad04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca0e9e332b015cbec9e1619d6ddba238 |
| SHA1 | 2d4e50f3bc2a209d6d77c7507bf787a0e2650593 |
| SHA256 | a2f0a4e5f4ac56098c22838fbb4a123706c809b07235756d1d566a812957f1cd |
| SHA512 | fe350b60db53eabb541bd48e04d61bb6d4a0ada9764a3b11e7a656759fba6017be15ce525b073e461e53fbbd9ef8bacbb298e212f441850ea646193797408535 |
memory/3160-62-0x00007FFE715B3000-0x00007FFE715B5000-memory.dmp
memory/3160-63-0x00000184804B0000-0x000001848057E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c5600f6f89d2264fb747bfa1a40a165 |
| SHA1 | c196ef4a2747e27fdd6046b69b26fcae52d7dc69 |
| SHA256 | 59651ea236cf4c03d07d6131f3c9474ea23117e6fc087fb0b1d06aa4afe716b2 |
| SHA512 | 5971c7bc0b6a93b1016dcbc2c0b7267664a90c0a16ae624ebd91976415e613ee1ebf3e9078e63091b278862acd75c80a368a46795bb1bd48eb2744e5bfc57116 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 40d86e29eace9f003f77ba26c440494e |
| SHA1 | 03cd98483d1f5430b958e4d67280d7305abd2eca |
| SHA256 | 33d8ba42af2221dc6c2ced521536fa41723c619e909cabe3316239c666a122a8 |
| SHA512 | 874a3c1d5a703d51f4f638ab93dccc6e1eb310ad6a5aa8c28c0248b222f497722187a8672c272a0cb9e2b7254e72c785c35c53324da6c30057423049e8f0baeb |
memory/3160-82-0x00007FFE715B0000-0x00007FFE72072000-memory.dmp
memory/3160-84-0x000001849AB90000-0x000001849ABB2000-memory.dmp
memory/3160-85-0x00007FFE715B3000-0x00007FFE715B5000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
memory/3160-89-0x00007FFE715B0000-0x00007FFE72072000-memory.dmp
C:\Windows\Installer\MSI3081.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSI3110.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78ad84129491390308cd6e4c9934f067 |
| SHA1 | 5398c4bfa5ad6c65de5db88f81ab87645954af8c |
| SHA256 | 91afd78987d4a4085452876c42cdc4880438d602cce94e13dc7dc08c6d56251d |
| SHA512 | 3da78eb626f8050f0d6e4caafccbf1b701053e614fa03656fd4011873379df5b03c77630725ba4fc868c8f0192b5f9599302d5a6c6c46934dda4970263d75ae1 |
C:\Windows\Installer\MSI35F4.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 2a6686d512ee9ba8b75e0bce9a794770 |
| SHA1 | 465e00320c74d4481a5e7e7242aaeb60d02e2fab |
| SHA256 | 5afa5bcab0d66f0dc65ccad359650730ace53dff1d891cd33a9f54aa43d34419 |
| SHA512 | ff44d6f3e7be06c98077a00854edb0ca122fc5c98c976f86787c7b003d224f62c1079412e7c5cdb36c2a6df0825dd17ccbffe44eb264fa63e3d1e44654af74b2 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Config.Msi\e582bf0.rbs
| MD5 | 0b656983ca40225a9bb1f834653fb59e |
| SHA1 | f97771fc1400a1afa8c984aff1b420a5913ba1a1 |
| SHA256 | dea155c4c8fd1e847f9cb38f9de30792f2d082636184dd202f4df1468a94c1dd |
| SHA512 | f441e3de1437bb634ef32edf8aca9b76ef03a6c75f2609ceb3f49b76ffa77bef8c7fa8ffa61062acb67c50f3fa798cfd6105493d5849e051abfed9bff116f0e8 |
memory/3160-2475-0x000001849AD10000-0x000001849AD1A000-memory.dmp
memory/3160-2477-0x000001849AD90000-0x000001849ADA2000-memory.dmp
C:\ProgramData\Solara\Solara.exe
| MD5 | c6f770cbb24248537558c1f06f7ff855 |
| SHA1 | fdc2aaae292c32a58ea4d9974a31ece26628fdd7 |
| SHA256 | d1e4a542fa75f6a6fb636b5de6f7616e2827a79556d3d9a4afc3ecb47f0beb2b |
| SHA512 | cac56c58bd01341ec3ff102fe04fdb66625baad1d3dd7127907cd8453d2c6e2226ad41033e16ba20413a509fc7c826e4fdc0c0d553175eb6f164c2fc0906614a |
memory/1768-2893-0x000001BA60240000-0x000001BA60264000-memory.dmp
C:\ProgramData\Solara\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/1768-2895-0x000001BA7AD90000-0x000001BA7B2CC000-memory.dmp
memory/1768-2896-0x000001BA7AA00000-0x000001BA7AABA000-memory.dmp
C:\ProgramData\Solara\Newtonsoft.Json.dll
| MD5 | 195ffb7167db3219b217c4fd439eedd6 |
| SHA1 | 1e76e6099570ede620b76ed47cf8d03a936d49f8 |
| SHA256 | e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d |
| SHA512 | 56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac |
memory/1768-2898-0x000001BA7AAC0000-0x000001BA7AB72000-memory.dmp
memory/3160-2900-0x00007FFE715B0000-0x00007FFE72072000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 594f1084ac5372d65966f185bfca898e |
| SHA1 | 60cec2e01c4d9ba5e3f09b339959d86316db7c5c |
| SHA256 | 2f2a1afb71ffe61731544cda1e8a5c5ec6f1b3fe874a387c78ae9c14780abd2e |
| SHA512 | 0a6d14f0695bd31103e03dbfff39640db1557bd89008bfa471db0f9d8e3ff0f1fc9cba1e99a8c981d4d013c242a856b98234a684b619b79c81be9932bb3aec8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 67384e0639f3f1ec526f904d408c6ea3 |
| SHA1 | ce6908efc080f59f07784f15be445611206fa715 |
| SHA256 | d8d1a479a39ac29f358daa1b8a0e19d0637ad7a6a1996d1a5dcf2360e20b5522 |
| SHA512 | 22276800cea25389517f781c37723914ec0da316a3a18d8ab43a610ec27332261d42c78f7715be47fb888012efab159f2523d1c229d94d704a7094c1ef87ace1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f988f5a602b3accec2d7c5cbbfdce6b3 |
| SHA1 | c23a87b04d7eaeff7490d8763058f20fdbde0d93 |
| SHA256 | cf037c0274f10a3aba5d0a5a981cc2908eaa58c33368b79913af84b400564e63 |
| SHA512 | 3b539f24d5df8128b7ffe5c2ddd82781b80f43421c2b77e5e99690d599afb35ed2a5a874a3cdf95b970f1d224dbc2f036734b1c8ea6deed64d7eac4867465233 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Bootstrapper.exe.log
| MD5 | b9aa6d2ae7fda3d4487a6b9d0b40c3da |
| SHA1 | 3d17d741be40d1b10e2c984c2fd4573c371ddc4d |
| SHA256 | dcbcdbab49c35e623c96dd82e13a2bfcb434dbfd511c1451f8c8bb5d4efb7d0a |
| SHA512 | c387d9bebe8a74f8129eacc8c53393e7c12bfd48966204c574f5c8d971b490a1f48c65643c71fed02fb8568033fe789b527c44d15be951cc274bfbf812e3d0f9 |
C:\Users\Admin\Desktop\Solar v3\DISCORD
| MD5 | b016dafca051f817c6ba098c096cb450 |
| SHA1 | 4cc74827c4b2ed534613c7764e6121ceb041b459 |
| SHA256 | b03c8c2d2429e9dbc7920113dedf6fc09095ab39421ee0cc8819ad412e5d67b9 |
| SHA512 | d69663e1e81ec33654b87f2dfaddd5383681c8ebf029a559b201d65eb12fa2989fa66c25fa98d58066eab7b897f0eef6b7a68fa1a9558482a17dfed7b6076aca |
C:\ProgramData\Solara\bin\version.txt
| MD5 | ef6a615e30e7f6504b6249883c23be31 |
| SHA1 | 6a109b237ed96f70f5849fd78feca3bc2c8e598f |
| SHA256 | 83caba8ed16cb732411b4f0fe98f35684fc05b188ddfe985776e5eef3cd7c555 |
| SHA512 | 1aeea585f5ad652af9f07f7610109ce87b57adf92f8eb481b83246b91cba9e48ff7bb1a875033d11bcf07764d21127eb1720866b3334303c5277255a3ad5b811 |
C:\ProgramData\Solara\SolaraV3.dll
| MD5 | 22839b454638d2a728e74c80d4f4627f |
| SHA1 | 0cb857dc52cd87add9c8990f7aa7201443cc3016 |
| SHA256 | 3339bc99b0925ede3dbded788e526f74a45b03b2c4e57646d1dc295257410704 |
| SHA512 | 69aebfb4ef4f2def2a01bf6afe67fd0174c791a5eed03c8fa7f86cf102168a4ae64a129dfc8ac992fc1675129b15ada60a84e8997e40a5d04efe25e2abe97f63 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\express\index.js
| MD5 | 866e37a4d9fb8799d5415d32ac413465 |
| SHA1 | 3f41478fdab31acabab8fa1d26126483a141ffb6 |
| SHA256 | 4d2f5afc192178c5b0dc418d2da5826d52a8b6998771b011aede7fdba9118140 |
| SHA512 | 766d2e202dd5e520ac227e28e3c359cca183605c52b4e4c95c69825c929356cea772723a9af491a3662d3c26f7209e89cc3a7af76f75165c104492dc6728accc |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\express\package.json
| MD5 | 3b5b76b70b0a549dce72c5a02756d2a8 |
| SHA1 | 07786baebb5c52882e28a8bd281c9a36d63dd116 |
| SHA256 | bdd67333ab62b0bfeb10ecbbb23936db57b743a3eec580a354591fdf63334859 |
| SHA512 | bb266dfa725421fb26d26fda0f45a5fa5cd832667b05f27ceaf4e7fc1e032aeea8700493cfdd2941c3c38cd166eee1000d2b9ae3ddef375714e25a2027a943a3 |
C:\ProgramData\Solara\Monaco\fileaccess\package.json
| MD5 | b9f2ca8a50d6d71642dd920c76a851e5 |
| SHA1 | 8ca43e514f808364d0eb51e7a595e309a77fdfce |
| SHA256 | f44555af79dfa01a68ae8325382293fc68cd6c61d1d4eb9b8f7a42c651c51cde |
| SHA512 | 81b6352bbabd0bffbc50bfcd0cd67dc3c2a7d63bda0bf12421410c0ec8047af549a4928b5c5c3e89ead99aa9240bddb461c618c49287c15d9d4d3a899e8f596a |
C:\ProgramData\Solara\Monaco\fileaccess\index.js
| MD5 | 0e709bfb5675ff0531c925b909b58008 |
| SHA1 | 25a8634dd21c082d74a7dead157568b6a8fc9825 |
| SHA256 | ed94fd8980c043bad99599102291e3285323b99ce0eb5d424c00e3dea1a34e67 |
| SHA512 | 35968412e6ed11ef5cd890520946167bcef2dc6166489759af8bb699f08256355708b1ab949cce034d6cc22ed79b242600c623121f2c572b396f0e96372740cd |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\express\lib\application.js
| MD5 | 15cf9c2f48c7ba6583c59d28908e3e27 |
| SHA1 | 19c7718f6a3d0f9dcd4ca692c19718ec29aae092 |
| SHA256 | 5901b32f609ba349351bf7406dbdc0c4c57b77ce6f7215ea67ccca5ac2a28e88 |
| SHA512 | c063277a59b83dffc085116769475ec5cce1c47c167b9bd2246e8bda04f0ebc2773b5f06e3b44fc5ed057e043f6d33e77741f34d15e22542134e3865574a29be |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\merge-descriptors\index.js
| MD5 | b4d3859e603602c87a45682862055af0 |
| SHA1 | e95cb1c14d70be457eba2ce61b2f4e90a13b21b1 |
| SHA256 | 88564234b9eeb2f0fe2cc5d03f617a97eb4802f126bdd21aa223c3c87c02531c |
| SHA512 | b17bb8c8b652f27d8037ed60f28b0d19a68e77bcc45d1e2be7dd304c942f6e85570e9720011f983fb8783d670eb66c0c3174d5fd90690b2aa79c2b402adcd00a |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\merge-descriptors\package.json
| MD5 | 570e06d8ce0167e07a32ba70fdd56795 |
| SHA1 | 39dc652dfa419d46d6fed0835444c603c57077f8 |
| SHA256 | 45ebe570483c48b6460767fc4a0bb69e4dee4bf4becc645b0e0627172a30a580 |
| SHA512 | 9c8ddf41b3207016935affce00108d87f176a9e473a01f03f1110456397c88ee2fbaf34f9e497e6cbff2b65c4f4c7f254a5129b4c1eaa2b85fbebffb8fe43777 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\depd\index.js
| MD5 | 002a1f3e813cc05d9e3cc011f6601628 |
| SHA1 | 1690c27457637ec234d6b7658f1b96e547a0eb99 |
| SHA256 | 4d587a5662e20a7bb9bfe6555afe5987e1b80303a819b447394f37a93297ee91 |
| SHA512 | ea1ad9bcf09a73a10dd1fd8a66daac12f87725e16ad27e7beff6d9fda937579976cd5d7ed6439c4122b16178c3ffdf410d6c7a54918f94bc98fa7950adf3bd54 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\depd\package.json
| MD5 | 7f0a9d228c79f0ee4b89fc6117f1c687 |
| SHA1 | 3c10082c1464a6f589aa10cda88285e780ebf857 |
| SHA256 | 5a3659bcc2e47b25ebf9f23f38eb9452a58920bfe4b59410bfa6fe84639a3b99 |
| SHA512 | 7bdd7259bcb8d79aa41777f03d3a3f8a29b60c2d25104072edba9febeb813e12ef78d31573637702decddbaa97d8fec263bc413bd27dd660ded17d644458cbc2 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\body-parser\index.js
| MD5 | b9e991c0e57c4d5adde68a2f4f063bc7 |
| SHA1 | 0cb6b9eb7b310c37e5950bbcaf672943657c94b5 |
| SHA256 | 9c6c900e7e85fb599c62d9b9e4dfd2ea2f61d119dce5ed69ac3a8da828819241 |
| SHA512 | 3bbd31eed55c32435b01fe7356d39749e95f8f49222115ada841e751ad36227e6f427efdc4e8bad36d8ccd37c2e92c01fa67c24c23f52023df8c1e1be1a3b4f6 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\body-parser\package.json
| MD5 | 826bd4315438573ba1a6d88ae2a2aa65 |
| SHA1 | 3e27986a947e7d10488739c9afb75f96b646c4c5 |
| SHA256 | 0fd31ad69fdcf1e2a94530f9db9c93e96709b690393a14711643123f678ee956 |
| SHA512 | 2e98ba8e57cb0950e45d20365d16e86ad94a60cfd4cf103b7d55dae02de677985d37c0f771e16ae0a628cb3b59adce8a9e1742cffc298f18cb7d935d72536e6d |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\express\lib\express.js
| MD5 | d467bc485eddf6d38278bc6b1dc16389 |
| SHA1 | e233882de62eb095b3cae0b2956e8776e6af3d6a |
| SHA256 | 2f25585c03c3050779c8f5f00597f8653f4fb8a97448ef8ef8cb21e65ba4d15d |
| SHA512 | 2add66b4f2e8ce463449ca8f2eac19363844b6ab159a41b42163028c57f07a4245ebefe759a6f90e8685b5bd239c969fe99366eff89378cb8b92b8a703dacd61 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\debug\src\node.js
| MD5 | 25807a97fbb1fcc42a013abc7d7768c4 |
| SHA1 | f24d52cbc9144b011def218234ff7b50e7ddcb19 |
| SHA256 | a3e83594a4ce88997e2e4fc66bc942b17b9d736290ad62560c7f09d6d0989ad0 |
| SHA512 | 8d316b63700126d7c8965a886e9b35a332d3f7e68d28f2264d235c0afad28066f877f25821e1983ddde5f2d5052716cc73338779b41b6f4d1b90ad33dc3e9f24 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\debug\src\index.js
| MD5 | dd13897ea2eed92695bb7e4e744a9148 |
| SHA1 | 182314d32e789e4f9c29e3150ae392f1630f171c |
| SHA256 | 9a34fedeb2d269c46ed94e6f13039eb0d16d866dd460ec66fa3acd78122fa9fe |
| SHA512 | 0b53bc984178336ac516601e72d477d2beeef6936800da17d3a79c153e0036f7428517ebd75d296729f65856c7e07749029f5aa192b2ac071efc4d3e39750a32 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\debug\package.json
| MD5 | 71a7656944ffe50cc27ebe02491ae49b |
| SHA1 | 8ebf0f80660d982fc68f00f82855696157e74b10 |
| SHA256 | 6c3d2c892db282317913ce7c340dd2edccd326bcafd18b644b8738144967d6ee |
| SHA512 | 5b0010b41304e212a22d2c89eff65ce410b000c71c4ab8c7fdba8f549ba0629fe27f37c142058b041fb889bc73e00959ad58f673866ee7d29724687da3c3f320 |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\finalhandler\index.js
| MD5 | d50e9637775204f194d629000189f69c |
| SHA1 | 50d1a1725cb273b0a8e30433dabc43d65f55169b |
| SHA256 | 96900b458b12085ea16f228151439d9a7bae6b5d45248e355ad617f4dc213540 |
| SHA512 | 563a8375e3ab7936162a9d209800f8b41c416c1500fe24de817871c3e5489e8faf5a4dcb7fb239f697a8736432356e60ecf1578d0aafc0de80d6e0ae90c34aad |
C:\ProgramData\Solara\Monaco\fileaccess\node_modules\finalhandler\package.json
| MD5 | 3d09ac571e0b6eaf8fdb9806118b6d30 |
| SHA1 | eb758bb6a7d3e4f32f0fa2f941265678539e74f1 |
| SHA256 | 243d853d4386c4132508ae9a99e5176b25be7f5cb6967bc1bab241f20e937e72 |
| SHA512 | 0207cf364e3eac974cae61ec68fe3975fd1f1eb6150f51293ce67f62dbb0f27a3d9c193101ef282dcd099fc653ca73cd3c875c18e5e266964038e3334697b5b4 |
memory/764-2950-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-2952-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-2951-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-2953-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-2955-0x0000019EE8BA0000-0x0000019EE8BB0000-memory.dmp
memory/764-2956-0x0000019EE9200000-0x0000019EE9290000-memory.dmp
memory/764-2957-0x0000019EE8ED0000-0x0000019EE8ED8000-memory.dmp
memory/764-2960-0x0000019EECD20000-0x0000019EECD2E000-memory.dmp
memory/764-2959-0x0000019EECD50000-0x0000019EECD88000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | 7962dafcb454d5bd60425960e0490828 |
| SHA1 | 9e1522937cb2125f7509b69983b136671835f6b9 |
| SHA256 | 52d431a24b48b7a454ec4c625e52571c403c4baad133e835daee7d4d047ecd9c |
| SHA512 | 772fadb0e091a40b6a976d83d984a410416b1582a4a248072e76c322b8153b475a19733feadb311c1377f9530e73c62005c5af9489189278501a270c16008314 |
memory/3500-2980-0x00007FFE94CA0000-0x00007FFE94CA1000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | 96c6a3c78f1c7978263027277334e8e1 |
| SHA1 | 738aad283ee41cadaa8f0a6fe3b9237111a86bb6 |
| SHA256 | 270971cd0f9caa6d1550dcac529387367a73ee62d5c70365f3e63ca3c1c3977b |
| SHA512 | 7f6269b06ca7585e1094b0d2afdd0ff72a0a84207f041915ae0260e62140110ebc4155cb30226a029b65d770527d1b0f2f0d0eee1810c5a831b948d64b8863ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6641cc0479b62a845ec0f0261b1fcef0 |
| SHA1 | 9a4dc85a6e79669db0f4cceabd00d661d7c4f682 |
| SHA256 | b80870505427ce57ffcc1c78edb70a1dbe21bbab38ae549d465af6d11ccffbd8 |
| SHA512 | 0b704554c70565eb6a5017cb6b5dbc878b26a9d4ddf5487c8bbe46a75f5f92f50a0223fbf73dc362b9587f6de846f67eaa8b16e86cab5d04e2ee243115d78473 |
memory/764-3075-0x0000000180000000-0x0000000181112000-memory.dmp
memory/3500-3084-0x000001516A950000-0x000001516AAEA000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
memory/764-3115-0x0000000180000000-0x0000000181112000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c9ac59ed23a9ed47a18259e810fbcff |
| SHA1 | f29cc6683ae204b9d75a8a67dfd6532cec5edfa0 |
| SHA256 | 7dbbe006fdd2ebc677bd776c56ab1e2916060a14549cc2a05dc3c240f67c8058 |
| SHA512 | 9c24c80cd98d1b7a064b70cdd89c791cba1af8db915cb8d6a6754e3f7254b1773e2aa47325325edde5a192921da582612a7bb0204e65dad4d7a4ee3eaa673442 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Local State~RFe592c36.TMP
| MD5 | 66eb41f106a2ffc5967ddfdc6834076a |
| SHA1 | f2c7f7c4b742dd929fdc3e7c5ac8bd8b9cb7dc15 |
| SHA256 | 0019cb601281db93834a7a5718544b4bee123f50c432019f2175918c70a58a54 |
| SHA512 | 30301d2d86e2ed942175765e9724e0b6e8e57d396bd5ff2b343d540c852b2ac89584261634f84225322eb78fe892dce3aa188c1dc3582be98362752232033b64 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\d5b2d3fc-99e5-44a2-952e-6a1fc1406694.tmp
| MD5 | 737b9c754310bf7e09b93499a671e1ed |
| SHA1 | 8e367db8ad4a3bd659449002f66ec96f1b08b2e9 |
| SHA256 | aeafb7d3f4212335f6d0767072209f1ec633cc886378daa49fbf65e1709ee33f |
| SHA512 | 586ffe7ba01249459eef0bffed3b5ac0d034e207f4d9043545c8d3713125ca282a2f818ea7d0623fcbeca21634f45c136153d098c6e395d74c08263efcbcef6c |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
memory/764-3140-0x0000000180000000-0x0000000181112000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 057c657d8a6e12d95eedc957141d8533 |
| SHA1 | 96d41e37786e3c00f67a4b850f2bc9a9a1d61ca9 |
| SHA256 | c1c40e909caabdc059ce1fc0caf1905c1d8342485f459a34e4f28f5f181770f1 |
| SHA512 | 32158031508b02139a80aef1de818f6c1b3b8023cd22fef8e8fa38e4bbbc475b4b34b9c2e6c2b101faa6db3d7f680ba592393f1210e2ce502a03127caa48c804 |
memory/764-3185-0x0000000180000000-0x0000000181112000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cdc38dc40d6b03afc8705c06309c5e57 |
| SHA1 | 006ff238b7d986206c1929b993e18b5fd4f40507 |
| SHA256 | 47c25a496bc7198cbd904c583c58b0726e51f8a6b852d463c5194116f8ff5178 |
| SHA512 | dab13a1539168c4e69da121d0fefc774cdfaa22e62a82ad748f49883a9b2f9c8f3aebe28a2f0944eb074138a2687b3aefc8470bd5ca74dbd8663073fbded728c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a3d9d8ed971e31aaa55a5eb0afa9ec4e |
| SHA1 | d16b1d2a458271fc871f10b1347fc4c6eebba1de |
| SHA256 | 4e73c9db4e7f71dc0ef090b7960466a98267d273270b87755904693bcad02c30 |
| SHA512 | afe16c168aebc851a8273a1f10f662e39c77da2831084461f205bd731418821192bb232749b666d7e204405825c39ac793f4e959a82198fa8a36367e321d91aa |
memory/764-3201-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-3406-0x0000000180000000-0x0000000181112000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5cced2c388eb9676d51b025a46e0130c |
| SHA1 | 88ead7bc069bdf909d80ef71db44cca050d2a538 |
| SHA256 | a46cbf8fad0b7714249e8c4001e08476e69663089b7f9a4bc301d6177908d31b |
| SHA512 | f170fe7f2a944991f486c69412f4f2818e3c9c7676924269eabdf992b0ff0092fce66829990687dfbcc34d20a6a4a14d6f07a53aad2e3d85f3a780ca72cb8733 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6018dac750c3653461f413ed82a6b30f |
| SHA1 | ae914a0286d8229b5b92c974d312ea7ddd187988 |
| SHA256 | b7b3a05b27d40f968e6a799d6a4fd797af26620de3ff452123cbfb3090c24371 |
| SHA512 | cf349a09efbd2f685ab7d1dc260cc6d4c66638205cf031f5f067f02d48a4cdc1fbf62bf7649f69c29486746b00482b6a4327aad2f62c761024e3672d4e2bd659 |
memory/764-3436-0x0000000180000000-0x0000000181112000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Preferences
| MD5 | fdd41f8b019dafdd9d6db4bb9cf9fef5 |
| SHA1 | 024efe84a7747b30b7fc1853b06d4fc8c56d3132 |
| SHA256 | c98a4ba4d81390d869a471c4648b929b62dd07b78d26d9ae058662bdc9bfee59 |
| SHA512 | 98a25547b7b5a31fa2ff6ac9664ca56d638948ee0fa45ecfaae09f418d3a0144c89dde9cd623a4c1b4cdf656723d2e31dec5435c8a2bfe5672570f133d252313 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Preferences~RFe59e390.TMP
| MD5 | 4715a975d26e244e2337400a126cbcaa |
| SHA1 | 9f5857ba575910769d1ca1dbef8dd2800f517ddb |
| SHA256 | fba962b4a32ab8462b22f7014c7328fc735e12db14a6ab8ed16453ed09251bd4 |
| SHA512 | 9cfa5a599f56136f9ceaaa16c564a2b5036c55bca548c9617090117f893127db692d88d0aa7b40e7e1fa75504dba6ff7295945e5afe53fd7a470fbbb5e047225 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d669d7feecd3cb110145dbffb53c65ab |
| SHA1 | eff4efba7b5b8eb631ed58a126ecc1505df08380 |
| SHA256 | 6c474b0a1e3373186aa62df22dc8e1701b78857987a99b3115f01a430e033723 |
| SHA512 | cb73647b8c8f5e57fdb9a133a119a5ef7b383932d5b040a5f42d84cd3abbf85fbfd47383e32f7a3d1fa117e9422b86962de11e2231ca256636a1273c38458b80 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Network Persistent State
| MD5 | ace15997e71b155ce602dcab9f4362dc |
| SHA1 | d08b666f129e448b84bf2b26d5926f8d34d1d51d |
| SHA256 | 35b3204adbc6ceeb3fe3bf4637c9316f7c3109c2836a11156ad2936896786bba |
| SHA512 | 60ab96fdccb363d93d0cf4d2400532ed0c943fb066bf0f4d182fda530ee5ea22aa4c6d6c3f46eef6a3e7211f461abe8041789ec2f41bff13279a5cf03423d258 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Network Persistent State~RFe59e63f.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | af49919b4c4bfe077bb4ea772dc1ee8f |
| SHA1 | cb53f413755ae2cfe19bedfd3fc45d10826c2a7b |
| SHA256 | 6e4e8e929d4cf5631b88280bfbdcdf5ebeeb8be0f82cdfadc8ac8e51087df2b9 |
| SHA512 | 875deea889b6dbe4bdf435f119b9e4c7bd8368b8ebc7eb35763581713609e2b33c9db1c36cc80b185c72b168391ca6c38378cfe4cca217aecebcff0ca46138f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ca4914d0f273061a0c3130617b374cae |
| SHA1 | 49d6ea6e06fe4034800cab640195820193b00aae |
| SHA256 | 46c771c656c33089a5fddb4208ed25d10b16b1d52163053339ddc5fa8c3161cc |
| SHA512 | 977159e2c5090dfd8b830727d33b8d5cd3eb5b97878a997de24b01bd86115d3159708b2a21773f8b7db13a4e7195716baa590e486b1316dc7b1c8fbcb6c6b454 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca7deeefec5dead808a9351368b0b528 |
| SHA1 | df7eb9efc63ccbe5e8f36aa5bdb2e06891259bd1 |
| SHA256 | 672713242f2d65252e7e4e823e865a7e3410e03ec20eabfffe3fe3abecf87e28 |
| SHA512 | 1fadb8f959181c83ad128b8074dbe8e3e7d71dcf59988560526b1c29c98d18fbbfe052bf31d795f90ef37e6eddb67c5938eafa2fd5b5be2af62e65f4f1ea34d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 175cf9d80f8531fd9e7a2e581e21dbe3 |
| SHA1 | 3f9d96aefda305f2e38e9a644f5966d8a5aac646 |
| SHA256 | 7d053bbfb04e2216847796950408e382b41441328638fba1c9168358595e64d4 |
| SHA512 | 32fc7d35b675f63e15b09490572b337aa8e93c8b23c4ce50610b1fffccfd006791f3397184051e29d28acb7e10d1f8a2544804a35481bd52056948c980191d95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 31a687dcdfcd2754502a94c868b72b89 |
| SHA1 | 516253840e5768e32d9ae707765cfe98a496c1d1 |
| SHA256 | 7b54c98290c48b07b6a3afb98155489fb912b277da26b25a94ace9285ee08380 |
| SHA512 | 84cd34d906f68e43d4bf3cce72f704450d10742ed29965c13e339236d948be137815c222d752a8e8c8d2a2ab333f55b5148fe3ced94a09030ed8c7b570f1826a |
memory/764-3600-0x0000000180000000-0x0000000181112000-memory.dmp
memory/764-3611-0x0000000180000000-0x0000000181112000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Local State
| MD5 | a4c516e65b19352b73d9baa4746dd6a1 |
| SHA1 | a0adb571b4719d9b6b39e16bea816bbae5621f49 |
| SHA256 | d1cb324ab9b525c995b308b3c1461ebcb9089dd99c39bd02425cf4ca49ea111f |
| SHA512 | 45467c9489fd244e99dab89b19676f5b6b83310c526666825a28fd4f1bb5fbddb5818e64846b0ffdb12b398f7f419f82773729609a9d7f45651cf7a8a7fc29a7 |
memory/764-3622-0x0000000180000000-0x0000000181112000-memory.dmp
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Default\Preferences
| MD5 | eb7c6e34b3d073c3dc33db18e152103b |
| SHA1 | f91cc91ddee0fca6c77130f5eafbb47362ff5928 |
| SHA256 | 99328b80475bdc2b15c18b76b1e69d4c8b58c631d0456d425b3ccef3f79baa7c |
| SHA512 | 3dc4bff1dedf9d53434d27b739539fd7aea0199be93268b53c12632e36840e4ead62493276ae53bbf263a8559a65c3daebb0a33535b33519faa072856486e0c1 |
C:\ProgramData\Solara\Solara.exe.WebView2\EBWebView\Local State
| MD5 | 0221e1b61c4b47e615849b4dacb053e9 |
| SHA1 | 2da8f6e7561c1c8d6400a7e847e0fbabdfbcacd2 |
| SHA256 | ef0dcb0ec792c93cdff298eb6b0c85f69e68b95b13dfa80da135cb2e73c8a7ad |
| SHA512 | 22da764438fac0361509cdf22e52babee4a1d37b649769c4349b2e559893b5c5e4a2bd1c7dd4486b53aed153eb336a4f25b57c010d472aa9b0d9c16ed2512cfc |
memory/764-3676-0x0000000180000000-0x0000000181112000-memory.dmp