Analysis Overview
SHA256
3a6fb161d92cda9d5cc9399073070393ac23afd27684a08d2ce6f84586c72f20
Threat Level: Shows suspicious behavior
The file Flux Setup 1.0.83.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks computer location settings
Loads dropped DLL
Executes dropped EXE
Checks installed software on the system
Reads CPU attributes
Drops file in Program Files directory
Checks CPU configuration
Unsigned PE
Reads runtime system information
System Location Discovery: System Language Discovery
Command and Scripting Interpreter: JavaScript
Program crash
Enumerates physical storage devices
Enumerates kernel/hardware configuration
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Checks processor information in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-20 23:35
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral19
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20241023-en
Max time kernel
119s
Max time network
130s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\index.js
Network
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
118s
Max time network
135s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js
Network
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
122s
Max time network
131s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js
Network
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
159s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
157s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files\Flux\Flux.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files\Flux\Flux.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\binaries\FortniteLauncher.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
Loads dropped DLL
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Flux\locales\en-GB.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\fr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ur.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\locales | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ar.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\build-in-docker.sh | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\v8_context_snapshot.bin | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\es-419.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\icudtl.dat | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\wheels | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\pt-PT.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ca.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\zh-CN.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\binaries\FortniteLauncher.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\snapshot_blob.bin | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\hu.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ta.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\Flux.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\en-US.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\he.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\nb.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\vi.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\chrome_200_percent.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\index.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\am.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\it.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\LICENSE | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\hr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\LICENSES.chromium.html | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\ffmpeg.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\lt.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sk.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\bump-version.sh | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\th.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\gu.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\kn.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ko.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\uk.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\et.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\de.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ms.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\binaries | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app-update.yml | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\vulkan-1.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\bg.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\el.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sl.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File opened for modification | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\af.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\nl.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Flux\Flux.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Flux\Flux.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Program Files\Flux\Flux.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Program Files\Flux\Flux.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Program Files\Flux\Flux.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Program Files\Flux\Flux.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Flux\Flux.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\URL Protocol | C:\Program Files\Flux\Flux.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\ = "URL:fluxapp" | C:\Program Files\Flux\Flux.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\shell\open\command | C:\Program Files\Flux\Flux.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\shell | C:\Program Files\Flux\Flux.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\shell\open | C:\Program Files\Flux\Flux.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp\shell\open\command\ = "\"C:\\Program Files\\Flux\\Flux.exe\" \"%1\"" | C:\Program Files\Flux\Flux.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\fluxapp | C:\Program Files\Flux\Flux.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Flux\Flux.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe
"C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe"
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe"
C:\Program Files\Flux\binaries\FortniteLauncher.exe
"C:\Program Files\Flux\binaries\FortniteLauncher.exe"
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Flux" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1600 --field-trial-handle=1812,i,5819978629388647115,13048959589385957985,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Flux" --mojo-platform-channel-handle=1888 --field-trial-handle=1812,i,5819978629388647115,13048959589385957985,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Flux" --app-user-model-id=Flux --app-path="C:\Program Files\Flux\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2524 --field-trial-handle=1812,i,5819978629388647115,13048959589385957985,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "reg query "HKLM\SOFTWARE\Microsoft\VisualStudio\14.0\VC\Runtimes\x64" /v "Installed""
C:\Windows\system32\reg.exe
reg query "HKLM\SOFTWARE\Microsoft\VisualStudio\14.0\VC\Runtimes\x64" /v "Installed"
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Flux" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1400 --field-trial-handle=1812,i,5819978629388647115,13048959589385957985,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sentry.erafn.org | udp |
| US | 72.52.178.23:443 | sentry.erafn.org | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.178.52.72.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-v1-launcher-service.prod.fluxapp.dev | udp |
| US | 8.8.8.8:53 | api-v1-launcher-service.prod.fluxapp.dev | udp |
| US | 104.21.27.158:443 | api-v1-launcher-service.prod.fluxapp.dev | tcp |
| US | 8.8.8.8:53 | 158.27.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\SpiderBanner.dll
| MD5 | 17309e33b596ba3a5693b4d3e85cf8d7 |
| SHA1 | 7d361836cf53df42021c7f2b148aec9458818c01 |
| SHA256 | 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93 |
| SHA512 | 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\nsProcess.dll
| MD5 | f0438a894f3a7e01a4aae8d1b5dd0289 |
| SHA1 | b058e3fcfb7b550041da16bf10d8837024c38bf6 |
| SHA256 | 30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11 |
| SHA512 | f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Program Files\Flux\chrome_100_percent.pak
| MD5 | 8626e1d68e87f86c5b4dabdf66591913 |
| SHA1 | 4cd7b0ac0d3f72587708064a7b0a3beca3f7b81c |
| SHA256 | 2caa1da9b6a6e87bdb673977fee5dd771591a1b6ed5d3c5f14b024130a5d1a59 |
| SHA512 | 03bcd8562482009060f249d6a0dd7382fc94d669a2094dec08e8d119be51bef2c3b7b484bb5b7f805ae98e372dab9383a2c11a63ab0f5644146556b1bb9a4c99 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\chrome_200_percent.pak
| MD5 | 48515d600258d60019c6b9c6421f79f6 |
| SHA1 | 0ef0b44641d38327a360aa6954b3b6e5aab2af16 |
| SHA256 | 07bee34e189fe9a8789aed78ea59ad41414b6e611e7d74da62f8e6ca36af01ce |
| SHA512 | b7266bc8abc55bd389f594dac0c0641ecf07703f35d769b87e731b5fdf4353316d44f3782a4329b3f0e260dead6b114426ddb1b0fb8cd4a51e0b90635f1191d9 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\d3dcompiler_47.dll
| MD5 | cb9807f6cf55ad799e920b7e0f97df99 |
| SHA1 | bb76012ded5acd103adad49436612d073d159b29 |
| SHA256 | 5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a |
| SHA512 | f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\ffmpeg.dll
| MD5 | d49e7a8f096ad4722bd0f6963e0efc08 |
| SHA1 | 6835f12391023c0c7e3c8cc37b0496e3a93a5985 |
| SHA256 | f11576bf7ffbc3669d1a5364378f35a1ed0811b7831528b6c4c55b0cdc7dc014 |
| SHA512 | ca50c28d6aac75f749ed62eec8acbb53317f6bdcef8794759af3fad861446de5b7fa31622ce67a347949abb1098eccb32689b4f1c54458a125bc46574ad51575 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\icudtl.dat
| MD5 | adfd2a259608207f256aeadb48635645 |
| SHA1 | 300bb0ae3d6b6514fb144788643d260b602ac6a4 |
| SHA256 | 7c8c7b05d70145120b45ccb64bf75bee3c63ff213e3e64d092d500a96afb8050 |
| SHA512 | 8397e74c7a85b0a2987cae9f2c66ce446923aa4140686d91a1e92b701e16b73a6ce459540e718858607ecb12659bedac0aa95c2713c811a2bc2d402691ff29dc |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\libEGL.dll
| MD5 | 09134e6b407083baaedf9a8c0bce68f2 |
| SHA1 | 8847344cceeab35c1cdf8637af9bd59671b4e97d |
| SHA256 | d2107ba0f4e28e35b22837c3982e53784d15348795b399ad6292d0f727986577 |
| SHA512 | 6ff3adcb8be48d0b505a3c44e6550d30a8feaf4aa108982a7992ed1820c06f49e0ad48d9bd92685fb82783dfd643629bd1fe4073300b61346b63320cbdb051ba |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\libGLESv2.dll
| MD5 | a5f1921e6dcde9eaf42e2ccc82b3d353 |
| SHA1 | 1f6f4df99ae475acec4a7d3910badb26c15919d1 |
| SHA256 | 50c4dc73d69b6c0189eab56d27470ee15f99bbbc12bfd87ebe9963a7f9ba404e |
| SHA512 | 0c24ae7d75404adf8682868d0ebf05f02bbf603f7ddd177cf2af5726802d0a5afcf539dc5d68e10dab3fcfba58903871c9c81054560cf08799af1cc88f33c702 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\LICENSE.electron.txt
| MD5 | 4d42118d35941e0f664dddbd83f633c5 |
| SHA1 | 2b21ec5f20fe961d15f2b58efb1368e66d202e5c |
| SHA256 | 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d |
| SHA512 | 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\snapshot_blob.bin
| MD5 | 8fef5a96dbcc46887c3ff392cbdb1b48 |
| SHA1 | ed592d75222b7828b7b7aab97b83516f60772351 |
| SHA256 | 4de0f720c416776423add7ada621da95d0d188d574f08e36e822ad10d85c3ece |
| SHA512 | e52c7820c69863ecc1e3b552b7f20da2ad5492b52cac97502152ebff45e7a45b00e6925679fd7477cdc79c68b081d6572eeed7aed773416d42c9200accc7230e |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\v8_context_snapshot.bin
| MD5 | a373d83d4c43ba957693ad57172a251b |
| SHA1 | 8e0fdb714df2f4cb058beb46c06aa78f77e5ff86 |
| SHA256 | 43b58ca4057cf75063d3b4a8e67aa9780d9a81d3a21f13c64b498be8b3ba6e0c |
| SHA512 | 07fbd84dc3e0ec1536ccb54d5799d5ed61b962251ece0d48e18b20b0fc9dd92de06e93957f3efc7d9bed88db7794fe4f2bec1e9b081825e41c6ac3b4f41eab18 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\binaries\FortniteLauncher.exe
| MD5 | aeaa6f47b71614437c0d47828da005ca |
| SHA1 | f9d016d3817ebbc28556967b8b8c05d120acbc58 |
| SHA256 | 31eb3c804c7a248fe505d948ad9b3891b6b6f9210bd84aaf0eb716478c490b66 |
| SHA512 | 6785eb5ae5d6d78a9c2f004ba5c91dd6603fd8efb39cb50f4bc3ac16d7377fb1317ba12658b63d575c17de04696b88c09c8a812340c4c40394196dab99d41a60 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\vulkan-1.dll
| MD5 | 0e4e0f481b261ea59f196e5076025f77 |
| SHA1 | c73c1f33b5b42e9d67d819226db69e60d2262d7b |
| SHA256 | f681844896c084d2140ac210a974d8db099138fe75edb4df80e233d4b287196a |
| SHA512 | e6127d778ec73acbeb182d42e5cf36c8da76448fbdab49971de88ec4eb13ce63140a2a83fc3a1b116e41f87508ff546c0d7c042b8f4cdd9e07963801f3156ba2 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\vk_swiftshader_icd.json
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| SHA512 | f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\vk_swiftshader.dll
| MD5 | a0845e0774702da9550222ab1b4fded7 |
| SHA1 | 65d5bd6c64090f0774fd0a4c9b215a868b48e19b |
| SHA256 | 6150a413ebe00f92f38737bdccf493d19921ef6329fcd48e53de9dbde4780810 |
| SHA512 | 4be0cb1e3c942a1695bae7b45d21c5f70e407132ecc65efb5b085a50cdab3c33c26e90bd7c86198ec40fb2b18d026474b6c649776a3ca2ca5bff6f922de2319b |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources.pak
| MD5 | 7971a016aed2fb453c87eb1b8e3f5eb2 |
| SHA1 | 92b91e352be8209fadcf081134334dea147e23b8 |
| SHA256 | 9cfd5d29cde3de2f042e5e1da629743a7c95c1211e1b0b001e4eebc0f0741e06 |
| SHA512 | 42082ac0c033655f2edae876425a320d96cdaee6423b85449032c63fc0f7d30914aa3531e65428451c07912265b85f5fee2ed0bbdb362994d3a1fa7b14186013 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\LICENSES.chromium.html
| MD5 | 180f8acc70405077badc751453d13625 |
| SHA1 | 35dc54acad60a98aeec47c7ade3e6a8c81f06883 |
| SHA256 | 0bfa9a636e722107b6192ff35c365d963a54e1de8a09c8157680e8d0fbbfba1c |
| SHA512 | 40d3358b35eb0445127c70deb0cb87ec1313eca285307cda168605a4fd3d558b4be9eb24a59568eca9ee1f761e578c39b2def63ad48e40d31958db82f128e0ec |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\am.pak
| MD5 | 2c933f084d960f8094e24bee73fa826c |
| SHA1 | 91dfddc2cff764275872149d454a8397a1a20ab1 |
| SHA256 | fa1e44215bd5acc7342c431a3b1fddb6e8b6b02220b4599167f7d77a29f54450 |
| SHA512 | 3c9ecfb0407de2aa6585f4865ad54eeb2ec6519c9d346e2d33ed0e30be6cc3ebfed676a08637d42c2ca8fa6cfefb4091feb0c922ff71f09a2b89cdd488789774 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\bg.pak
| MD5 | 38bcabb6a0072b3a5f8b86b693eb545d |
| SHA1 | d36c8549fe0f69d05ffdaffa427d3ddf68dd6d89 |
| SHA256 | 898621731ac3471a41f8b3a7bf52e7f776e8928652b37154bc7c1299f1fd92e1 |
| SHA512 | 002adbdc17b6013becc4909daf2febb74ce88733c78e968938b792a52c9c5a62834617f606e4cb3774ae2dad9758d2b8678d7764bb6dcfe468881f1107db13ef |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ar.pak
| MD5 | fdbad4c84ac66ee78a5c8dd16d259c43 |
| SHA1 | 3ce3cd751bb947b19d004bd6916b67e8db5017ac |
| SHA256 | a62b848a002474a8ea37891e148cbaf4af09bdba7dafebdc0770c9a9651f7e3b |
| SHA512 | 376519c5c2e42d21acedb1ef47184691a2f286332451d5b8d6aac45713861f07c852fb93bd9470ff5ee017d6004aba097020580f1ba253a5295ac1851f281e13 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\af.pak
| MD5 | 464e5eeaba5eff8bc93995ba2cb2d73f |
| SHA1 | 3b216e0c5246c874ad0ad7d3e1636384dad2255d |
| SHA256 | 0ad547bb1dc57907adeb02e1be3017cce78f6e60b8b39395fe0e8b62285797a1 |
| SHA512 | 726d6c41a9dbf1f5f2eff5b503ab68d879b088b801832c13fba7eb853302b16118cacda4748a4144af0f396074449245a42b2fe240429b1afcb7197fa0cb6d41 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ca.pak
| MD5 | 4cd6b3a91669ddcfcc9eef9b679ab65c |
| SHA1 | 43c41cb00067de68d24f72e0f5c77d3b50b71f83 |
| SHA256 | 56efff228ee3e112357d6121b2256a2c3acd718769c89413de82c9d4305459c6 |
| SHA512 | 699be9962d8aae241abd1d1f35cd8468ffbd6157bcd6bdf2c599d902768351b247baad6145b9826d87271fd4a19744eb11bf7065db7fefb01d66d2f1f39015a9 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\da.pak
| MD5 | e7ba94c827c2b04e925a76cb5bdd262c |
| SHA1 | abba6c7fcec8b6c396a6374331993c8502c80f91 |
| SHA256 | d8da7ab28992c8299484bc116641e19b448c20adf6a8b187383e2dba5cd29a0b |
| SHA512 | 1f44fce789cf41fd62f4d387b7b8c9d80f1e391edd2c8c901714dd0a6e3af32266e9d3c915c15ad47c95ece4c7d627aa7339f33eea838d1af9901e48edb0187e |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\fa.pak
| MD5 | 2e37fd4e23a1707a1eccea3264508dff |
| SHA1 | e00e58ed06584b19b18e9d28b1d52dbfc36d70f3 |
| SHA256 | b9ee861e1bdecffe6a197067905279ea77c180844a793f882c42f2b70541e25e |
| SHA512 | 7c467f434eb0ce8e4a851761ae9bd7a9e292aab48e8e653e996f8ca598d0eb5e07ec34e2b23e544f3b38439dc3b8e3f7a0dfd6a8e28169aa95ceff42bf534366 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\fr.pak
| MD5 | 3ee48a860ecf45bafa63c9284dfd63e2 |
| SHA1 | 1cb51d14964f4dced8dea883bf9c4b84a78f8eb6 |
| SHA256 | 1923e0edf1ef6935a4a718e3e2fc9a0a541ea0b4f3b27553802308f9fd4fc807 |
| SHA512 | eb6105faca13c191fef0c51c651a406b1da66326bb5705615770135d834e58dee9bed82aa36f2dfb0fe020e695c192c224ec76bb5c21a1c716e5f26dfe02f763 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\hr.pak
| MD5 | 255f808210dbf995446d10ff436e0946 |
| SHA1 | 1785d3293595f0b13648fb28aec6936c48ea3111 |
| SHA256 | 4df972b7f6d81aa7bdc39e2441310a37f746ae5015146b4e434a878d1244375b |
| SHA512 | 8b1a4d487b0782055717b718d58cd21e815b874e2686cdfd2087876b70ae75f9182f783c70bf747cf4ca17a3afc68517a9db4c99449fa09bef658b5e68087f2a |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\lv.pak
| MD5 | a8cbd741a764f40b16afea275f240e7e |
| SHA1 | 317d30bbad8fd0c30de383998ea5be4eec0bb246 |
| SHA256 | a1a9d84fd3af571a57be8b1a9189d40b836808998e00ec9bd15557b83d0e3086 |
| SHA512 | 3da91c0ca20165445a2d283db7dc749fcf73e049bfff346b1d79b03391aefc7f1310d3ac2c42109044cfb50afcf178dcf3a34b4823626228e591f328dd7afe95 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\pt-PT.pak
| MD5 | b4954b064e3f6a9ba546dda5fa625927 |
| SHA1 | 584686c6026518932991f7de611e2266d8523f9d |
| SHA256 | ee1e014550b85e3d18fb5128984a713d9f6de2258001b50ddd18391e7307b4a1 |
| SHA512 | cb3b465b311f83b972eca1c66862b2c5d6ea6ac15282e0094aea455123ddf32e85df24a94a0aedbe1b925ff3ed005ba1e00d5ee820676d7a5a366153ade90ef7 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\pt-BR.pak
| MD5 | 8e931ffbded8933891fb27d2cca7f37d |
| SHA1 | ab0a49b86079d3e0eb9b684ca36eb98d1d1fd473 |
| SHA256 | 6632bd12f04a5385012b5cdebe8c0dad4a06750dc91c974264d8fe60e8b6951d |
| SHA512 | cf0f6485a65c13cf5ddd6457d34cdea222708b0bb5ca57034ed2c4900fd22765385547af2e2391e78f02dcf00b7a2b3ac42a3509dd4237581cfb87b8f389e48d |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\pl.pak
| MD5 | f1d48a7dcd4880a27e39b7561b6eb0ab |
| SHA1 | 353c3ba213cd2e1f7423c6ba857a8d8be40d8302 |
| SHA256 | 2593c8b59849fbc690cbd513f06685ea3292cd0187fcf6b9069cbf3c9b0e8a85 |
| SHA512 | 132da2d3c1a4dad5ccb399b107d7b6d9203a4b264ef8a65add11c5e8c75859115443e1c65ece2e690c046a82687829f54ec855f99d4843f859ab1dd7c71f35a5 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\nl.pak
| MD5 | 0f04bac280035fab018f634bcb5f53ae |
| SHA1 | 4cad76eaecd924b12013e98c3a0e99b192be8936 |
| SHA256 | be254bcda4dbe167cb2e57402a4a0a814d591807c675302d2ce286013b40799b |
| SHA512 | 1256a6acac5a42621cb59eb3da42ddeeacfe290f6ae4a92d00ebd4450a8b7ccb6f0cd5c21cf0f18fe4d43d0d7aee87b6991fef154908792930295a3871fa53df |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\nb.pak
| MD5 | 55d5ad4eacb12824cfcd89470664c856 |
| SHA1 | f893c00d8d4fdb2f3e7a74a8be823e5e8f0cd673 |
| SHA256 | 4f44789a2c38edc396a31aba5cc09d20fb84cd1e06f70c49f0664289c33cd261 |
| SHA512 | 555d87be8c97f466c6b3e7b23ec0210335846398c33dba71e926ff7e26901a3908dbb0f639c93db2d090c9d8bda48eddf196b1a09794d0e396b2c02b4720f37e |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ms.pak
| MD5 | aee105366a1870b9d10f0f897e9295db |
| SHA1 | eee9d789a8eeafe593ce77a7c554f92a26a2296f |
| SHA256 | c6471aee5f34f31477d57f593b09cb1de87f5fd0f9b5e63d8bab4986cf10d939 |
| SHA512 | 240688a0054bfebe36ea2b056194ee07e87bbbeb7e385131c73a64aa7967984610fcb80638dd883837014f9bc920037069d0655e3e92a5922f76813aedb185fa |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\mr.pak
| MD5 | 2cf9f07ddf7a3a70a48e8b524a5aed43 |
| SHA1 | 974c1a01f651092f78d2d20553c3462267ddf4e9 |
| SHA256 | 23058c0f71d9e40f927775d980524d866f70322e0ef215aa5748c239707451e7 |
| SHA512 | 0b21570deefa41defc3c25c57b3171635bcb5593761d48a8116888ce8be34c1499ff79c7a3ebbe13b5a565c90027d294c6835e92e6254d582a86750640fe90f2 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ml.pak
| MD5 | 1c81104ac2cbf7f7739af62eb77d20d5 |
| SHA1 | 0f0d564f1860302f171356ea35b3a6306c051c10 |
| SHA256 | 66005bc01175a4f6560d1e9768dbc72b46a4198f8e435250c8ebc232d2dac108 |
| SHA512 | 969294eae8c95a1126803a35b8d3f1fc3c9d22350aa9cc76b2323b77ad7e84395d6d83b89deb64565783405d6f7eae40def7bdaf0d08da67845ae9c7dbb26926 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\lt.pak
| MD5 | 64b08ffc40a605fe74ecc24c3024ee3b |
| SHA1 | 516296e8a3114ddbf77601a11faf4326a47975ab |
| SHA256 | 8a5d6e29833374e0f74fd7070c1b20856cb6b42ed30d18a5f17e6c2e4a8d783e |
| SHA512 | 05d207413186ac2b87a59681efe4fdf9dc600d0f3e8327e7b9802a42306d80d0ddd9ee07d103b17caf0518e42ab25b7ca9da4713941abc7bced65961671164ac |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ko.pak
| MD5 | d6194fc52e962534b360558061de2a25 |
| SHA1 | 98ed833f8c4beac685e55317c452249579610ff8 |
| SHA256 | 1a5884bd6665b2f404b7328de013522ee7c41130e57a53038fc991ec38290d21 |
| SHA512 | 5207a07426c6ceb78f0504613b6d2b8dadf9f31378e67a61091f16d72287adbc7768d1b7f2a923369197e732426d15a872c091cf88680686581d48a7f94988ab |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\kn.pak
| MD5 | caab4deb1c40507848f9610d849834cf |
| SHA1 | 1bc87ff70817ba1e1fdd1b5cb961213418680cbe |
| SHA256 | 7a34483e6272f9b8881f0f5a725b477540166561c75b9e7ab627815d4be1a8a4 |
| SHA512 | dc4b63e5a037479bb831b0771aec0fe6eb016723bcd920b41ab87ef11505626632877073ce4e5e0755510fe19ba134a7b5899332ecef854008b15639f915860c |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ja.pak
| MD5 | 38cd3ef9b7dff9efbbe086fa39541333 |
| SHA1 | 321ef69a298d2f9830c14140b0b3b0b50bd95cb0 |
| SHA256 | d8fab5714dafecb89b3e5fce4c4d75d2b72893e685e148e9b60f7c096e5b3337 |
| SHA512 | 40785871032b222a758f29e0c6ec696fbe0f6f5f3274cc80085961621bec68d7e0fb47c764649c4dd0c27c6ee02460407775fae9d3a2a8a59362d25a39266ce0 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\it.pak
| MD5 | 745f16ca860ee751f70517c299c4ab0e |
| SHA1 | 54d933ad839c961dd63a47c92a5b935eef208119 |
| SHA256 | 10e65f42ce01ba19ebf4b074e8b2456213234482eadf443dfad6105faf6cde4c |
| SHA512 | 238343d6c80b82ae900f5abf4347e542c9ea016d75fb787b93e41e3c9c471ab33f6b4584387e5ee76950424e25486dd74b9901e7f72876960c0916c8b9cee9a6 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\id.pak
| MD5 | b6fcd5160a3a1ae1f65b0540347a13f2 |
| SHA1 | 4cf37346318efb67908bba7380dbad30229c4d3d |
| SHA256 | 7fd715914e3b0cf2048d4429f3236e0660d5bd5e61623c8fef9b8e474c2ac313 |
| SHA512 | a8b4a96e8f9a528b2df3bd1251b72ab14feccf491dd254a7c6ecba831dfaba328adb0fd0b4acddb89584f58f94b123e97caa420f9d7b34131cc51bdbdbf3ed73 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\hu.pak
| MD5 | 2aa0a175df21583a68176742400c6508 |
| SHA1 | 3c25ba31c2b698e0c88e7d01b2cc241f0916e79a |
| SHA256 | b59f932df822ab1a87e8aab4bbb7c549db15899f259f4c50ae28f8d8c7ce1e72 |
| SHA512 | 03a16feb0601407e96bcb43af9bdb21e5218c2700c9f3cfd5f9690d0b4528f9dc17e4cc690d8c9132d4e0b26d7faafd90aa3f5e57237e06fb81aab7ab77f6c03 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\hi.pak
| MD5 | b5dfce8e3ba0aec2721cc1692b0ad698 |
| SHA1 | c5d6fa21a9ba3d526f3e998e3f627afb8d1eecf3 |
| SHA256 | b1c7fb6909c8a416b513d6de21eea0b5a6b13c7f0a94cabd0d9154b5834a5e8b |
| SHA512 | facf0a9b81af6bb35d0fc5e69809d5c986a2c91a166e507784bdad115644b96697fe504b8d70d9bbb06f0c558f746c085d37e385eef41f0a1c29729d3d97980f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\he.pak
| MD5 | fc84ea7dc7b9408d1eea11beeb72b296 |
| SHA1 | de9118194952c2d9f614f8e0868fb273ddfac255 |
| SHA256 | 15951767dafa7bdbedac803d842686820de9c6df478416f34c476209b19d2d8c |
| SHA512 | 49d13976dddb6a58c6fdcd9588e243d705d99dc1325c1d9e411a1d68d8ee47314dfcb661d36e2c4963c249a1542f95715f658427810afcabdf9253aa27eb3b24 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\gu.pak
| MD5 | 308619d65b677d99f48b74ccfe060567 |
| SHA1 | 9f834df93fd48f4fb4ca30c4058e23288cf7d35e |
| SHA256 | e40ee4f24839f9e20b48d057bf3216bc58542c2e27cb40b9d2f3f8a1ea5bfbb4 |
| SHA512 | 3ca84ad71f00b9f7cc61f3906c51b263f18453fce11ec6c7f9edfe2c7d215e3550c336e892bd240a68a6815af599cc20d60203294f14adb133145ca01fe4608f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\fil.pak
| MD5 | d7df2ea381f37d6c92e4f18290c6ffe0 |
| SHA1 | 7cacf08455aa7d68259fcba647ee3d9ae4c7c5e4 |
| SHA256 | db4a63fa0d5b2baba71d4ba0923caed540099db6b1d024a0d48c3be10c9eed5a |
| SHA512 | 96fc028455f1cea067b3a3dd99d88a19a271144d73dff352a3e08b57338e513500925787f33495cd744fe4122dff2d2ee56e60932fc02e04feed2ec1e0c3533f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\fi.pak
| MD5 | 21e534869b90411b4f9ea9120ffb71c8 |
| SHA1 | cc91ffbd19157189e44172392b2752c5f73984c5 |
| SHA256 | 2d337924139ffe77804d2742eda8e58d4e548e65349f827840368e43d567810b |
| SHA512 | 3ca3c0adaf743f92277452b7bd82db4cf3f347de5568a20379d8c9364ff122713befd547fbd3096505ec293ae6771ada4cd3dadac93cc686129b9e5aacf363bd |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\et.pak
| MD5 | ccc71f88984a7788c8d01add2252d019 |
| SHA1 | 6a87752eac3044792a93599428f31d25debea369 |
| SHA256 | d69489a723b304e305cb1767e6c8da5d5d1d237e50f6ddc76e941dcb01684944 |
| SHA512 | d35ccd639f2c199862e178a9fab768d7db10d5a654bc3bc1fab45d00ceb35a01119a5b4d199e2db3c3576f512b108f4a1df7faf6624d961c0fc4bca5af5f0e07 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\es.pak
| MD5 | 04a9ba7316dc81766098e238a667de87 |
| SHA1 | 24d7eb4388ecdfecada59c6a791c754181d114de |
| SHA256 | 7fa148369c64bc59c2832d617357879b095357fe970bab9e0042175c9ba7cb03 |
| SHA512 | 650856b6187df41a50f9bed29681c19b4502de6af8177b47bad0bf12e86a25e92aa728311310c28041a18e4d9f48ef66d5ad5d977b6662c44b49bfd1da84522b |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\es-419.pak
| MD5 | 7da3e8aa47ba35d014e1d2a32982a5bb |
| SHA1 | 8e35320b16305ad9f16cb0f4c881a89818cd75bb |
| SHA256 | 7f85673cf80d1e80acfc94fb7568a8c63de79a13a1bb6b9d825b7e9f338ef17c |
| SHA512 | 1fca90888eb067972bccf74dd5d09bb3fce2ceb153589495088d5056ed4bdede15d54318af013c2460f0e8b5b1a5c6484adf0ed84f4b0b3c93130b086da5c3bf |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\en-US.pak
| MD5 | 19d18f8181a4201d542c7195b1e9ff81 |
| SHA1 | 7debd3cf27bbe200c6a90b34adacb7394cb5929c |
| SHA256 | 1d20e626444759c2b72aa6e998f14a032408d2b32f957c12ec3abd52831338fb |
| SHA512 | af07e1b08bbf2dd032a5a51a88ee2923650955873753629a086cad3b1600ce66ca7f9ed31b8ca901c126c10216877b24e123144bb0048f2a1e7757719aae73f2 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\en-GB.pak
| MD5 | 825ed4c70c942939ffb94e77a4593903 |
| SHA1 | 7a3faee9bf4c915b0f116cb90cec961dda770468 |
| SHA256 | e11e8db78ae12f8d735632ba9fd078ec66c83529cb1fd86a31ab401f6f833c16 |
| SHA512 | 41325bec22af2e5ef8e9b26c48f2dfc95763a249ccb00e608b7096ec6236ab9a955de7e2340fd9379d09ac2234aee69aed2a24fe49382ffd48742d72a929c56a |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\el.pak
| MD5 | e66a75680f21ce281995f37099045714 |
| SHA1 | d553e80658ee1eea5b0912db1ecc4e27b0ed4790 |
| SHA256 | 21d1d273124648a435674c7877a98110d997cf6992469c431fe502bbcc02641f |
| SHA512 | d3757529dd85ef7989d9d4cecf3f7d87c9eb4beda965d8e2c87ee23b8baaec3fdff41fd53ba839215a37404b17b8fe2586b123557f09d201b13c7736c736b096 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\cs.pak
| MD5 | eeee212072ea6589660c9eb216855318 |
| SHA1 | d50f9e6ca528725ced8ac186072174b99b48ea05 |
| SHA256 | de92f14480770401e39e22dcf3dd36de5ad3ed22e44584c31c37cd99e71c4a43 |
| SHA512 | ea068186a2e611fb98b9580f2c5ba6fd1f31b532e021ef9669e068150c27deee3d60fd9ff7567b9eb5d0f98926b24defabc9b64675b49e02a6f10e71bb714ac8 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\bn.pak
| MD5 | 9340520696e7cb3c2495a78893e50add |
| SHA1 | eed5aeef46131e4c70cd578177c527b656d08586 |
| SHA256 | 1ea245646a4b4386606f03c8a3916a3607e2adbbc88f000976be36db410a1e39 |
| SHA512 | 62507685d5542cfcd394080917b3a92ca197112feea9c2ddc1dfc77382a174c7ddf758d85af66cd322692215cb0402865b2a2b212694a36da6b592028caafcdf |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\de.pak
| MD5 | cf22ec11a33be744a61f7de1a1e4514f |
| SHA1 | 73e84848c6d9f1a2abe62020eb8c6797e4c49b36 |
| SHA256 | 7cc213e2c9a2d2e2e463083dd030b86da6bba545d5cee4c04df8f80f9a01a641 |
| SHA512 | c10c8446e3041d7c0195da184a53cfbd58288c06eaf8885546d2d188b59667c270d647fa7259f5ce140ec6400031a7fc060d0f2348ab627485e2207569154495 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ru.pak
| MD5 | 2885bde990ee3b30f2c54a4067421b68 |
| SHA1 | ae16c4d534b120fdd68d33c091a0ec89fd58793f |
| SHA256 | 9fcda0d1fab7fff7e2f27980de8d94ff31e14287f58bd5d35929de5dd9cbcdca |
| SHA512 | f7781f5c07fbf128399b88245f35055964ff0cde1cc6b35563abc64f520971ce9916827097ca18855b46ec6397639f5416a6e8386a9390afba4332d47d21693f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\sk.pak
| MD5 | b7e97cc98b104053e5f1d6a671c703b7 |
| SHA1 | 0f7293f1744ae2cd858eb3431ee016641478ae7d |
| SHA256 | b0d38869275d9d295e42b0b90d0177e0ca56a393874e4bb454439b8ce25d686f |
| SHA512 | ef3247c6f0f4065a4b68db6bf7e28c8101a9c6c791b3f771ed67b5b70f2c9689cec67a1c864f423382c076e4cbb6019c1c0cb9ad0204454e28f749a69b6b0de0 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app-update.yml
| MD5 | ca99f8abdc5c3c432c55f1b48803aa6d |
| SHA1 | c7836cfa253f8837b13df8197025df1f45e36a70 |
| SHA256 | d37115cceefe6870f32368c92b90e789e577b9cba35ab90799043689dedbbb7e |
| SHA512 | 4b12886e57814d80cb4c94de61e2149d6878e00defbe05a66b6ef8270e18c516536111a8c394b1960fc4577ef6e298647f854680ef22d3b3c6c850409314184b |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\elevate.exe
| MD5 | 792b92c8ad13c46f27c7ced0810694df |
| SHA1 | d8d449b92de20a57df722df46435ba4553ecc802 |
| SHA256 | 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37 |
| SHA512 | 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\zh-TW.pak
| MD5 | 2456bf42275f15e016689da166df9008 |
| SHA1 | 70f7de47e585dfea3f5597b5bba1f436510decd7 |
| SHA256 | adf8df051b55507e5a79fa47ae88c7f38707d02dfac0cc4a3a7e8e17b58c6479 |
| SHA512 | 7e622afa15c70785aaf7c19604d281efe0984f621d6599058c97c19d3c0379b2ee2e03b3a7ec597040a4eee250a782d7ec55c335274dd7db7c7ca97ddcfd378a |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\package.json
| MD5 | 49f7deab5d526f6f79d8fd80be29c97e |
| SHA1 | e6ef40032a68a979454d30e9a483a1043367a90e |
| SHA256 | 3fe1b2bd4e7ed12e73c5717dc162f9086a4b349528042c4313610573530c6992 |
| SHA512 | 053d4996c3376aa0fbee16be84d0a7f86b043ee1928dfe81e5b8db1686ac5e42db26b13ecd168a86f7315e8c208549b68f1ee3b64df3c12426eeda73c4efcdbe |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\build-in-docker.sh
| MD5 | 94b0fc212af523b8bfcd6c2aa5a5ab2a |
| SHA1 | cc0cb35f7ce729f7affe6b2c463e57966515e476 |
| SHA256 | abaa92d196f6752f184b83b19aedd9b1e28d328e6817de213f61fbd108351e16 |
| SHA512 | af0a2174e0304fdaa56ddae249049c142450ad4a0a9c8975548f61aa2bc356837b1d7ed441108156af32c979da5647bd0233a49db700ff0bbf528f9fa2c862e6 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\wheels
| MD5 | 6fec563925ecab8b6a98c3f38655236d |
| SHA1 | 9ad08eb80167574de6373d871cfff5511d2554cf |
| SHA256 | 6fa0613c1edb0c6b26baac0b759bf756f389a11e0ec0e64904cffb26ef8dc016 |
| SHA512 | 850a5285519965fe26ab0da2ae62d380648acb723d879e2ab770124e4146ce0a6d03f089e28af20604dd3e00913169f82ac568a1741014e0bc5ee7b2c583888d |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\test-vercel-nft.js
| MD5 | c63a1659a645a5095524923081813d51 |
| SHA1 | 1d97d7ccb0804b7a15f0593c87990ab0da4b6887 |
| SHA256 | 644476fd66a507adc49582e7371c87e4cacc3c7840c23fe920da2a09f05db08a |
| SHA512 | ae452613a1dc728428ed2e596d7fbb041e00a8aa300aaada289fd454f71267569fa548fa7c7217134572decab12e56f4aadd4853c96ef705ccba2dcb377018cb |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\install.js
| MD5 | 1ffedd383c8097dd628411836505787e |
| SHA1 | 969306e8127b354f35f4c870f2da7b4034d4197b |
| SHA256 | df3b6ca3fff442454ffee98e8e4db5e3fe0d82ff19a49216cd238fa9282cb30a |
| SHA512 | 1392958e5a9c2e0c6df617c48547f5fdae32960bfb55953528ee345e06e1ae191ca4001a618233adeab27e16de5ecd203c405e8b4fa7f3a739cd3d2c4a1e9ed2 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\bump-version.sh
| MD5 | 2ff8e17ece2c70eff9efdb2b1a524555 |
| SHA1 | d61c93df38f70f2244817c688a140224c9a99af9 |
| SHA256 | f07b481f34e732e74abe6402023f8b84f61281626ad6e25062a20fa8fd80ece4 |
| SHA512 | 0f847fd2b05bd4627a56b452f065e878005b6307bc101663297afb5f45c24d965ddc48ea4818c34ab35bde06f5a7711cf29fb9182c8ed9cf34e17d6434c487ee |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js
| MD5 | d060ac623857ad5ca08e3a944768925a |
| SHA1 | 26fe78c92f55f9529ffa2b71da403873da29313f |
| SHA256 | 8d4bd4c779e177724aa7bf98e768e50ce8b2950ef5bf39fa08033057b400888b |
| SHA512 | ae1b42d7e5c5d60f935bcd08417d4d9055d71bfb80653281e990a687353592731a7c4423655fbb988728152846aa56a5f180335d254885338bf6c96ef2a8357a |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js
| MD5 | f42c24cde0162b93624df51f4e2abfab |
| SHA1 | f819638944878ac4cb49438d8599d3fbd9081949 |
| SHA256 | 3f2316e7fb20e82df9a8b08d6169a622a89808742806adee2e4d89885962357d |
| SHA512 | 67258cbaf9f46f1609cec9b87b7a577f855cde9c8efafa3d835a0d18fb3903fcc4733489bf81447cdf2c0a55701d569a75f11a81865dab8f624b722e76b7c674 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js
| MD5 | e8282413c1895eaff49de6dd9b71ab13 |
| SHA1 | 4e058f522a46e20bbd26f15a6922390ec2c1da36 |
| SHA256 | d6a28994173c1c36476121f8b0e3633e01ecd0589289901fba34fe218293443d |
| SHA512 | 301d2a6ae958e1ba936cae6f555a587ad87567055f4709d4676a3ef5b1a3112cb338b8a9e744c24cbfa784f00f13a1118ad48fd4f6bb060c5608e4ddc8779389 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\index.js
| MD5 | 50c3a734036b84685a15d56217207d67 |
| SHA1 | 1893de2684072a3a2961337fa9a9b45a52c52c0a |
| SHA256 | 171990f108cd5582f83432c1569f2c3e1aebfbfb159599f4ff2ab693c20a8f78 |
| SHA512 | 3aa037d12cee7cbf51826fb3e2aa87b4543dd62f5ff5f2f8915128061c07472304601766bddf949647c5ca92e8ee768a77139bbe91bdfaaae99dea4405168ea9 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\helper.js
| MD5 | c29ad60a23d5406728a51afa4352b4c7 |
| SHA1 | 2be817215890f5868717765570ce9f7422735c4e |
| SHA256 | faa867204c92db252271c9d850962ae1ff5c9448444ca907af483a6c874a6eb0 |
| SHA512 | e1784b8bf7119bf3380b192f1597cb3179425ff7ab347b144011fd17b62794760e6e092a0a1dae99302eb6c333f1638440df4e4e0eaf64f26d4f3cc46a74d04a |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\bin\sentry-cli
| MD5 | b7c89ec5dfb8b15555f32a3bef6c3103 |
| SHA1 | a92048052f5fc0af532cd97ebf82c1a9fbf12342 |
| SHA256 | 7c5c97aaee075241bdc4fbc610b356445747e962ac3d986c5016acefd66a6ea0 |
| SHA512 | c47baa0e0896684403760a13cfa6dd5826152ec7ae83f783040d186eaca8af70bc97530bbb22b720d7482a4ad18c3959ab1af8ccfe3689b19a51955e777884e8 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\sentry-cli.exe
| MD5 | 4c1bbccaec3f88e00c176e49b3ea9742 |
| SHA1 | eea00e776e5979ae8e650ee9ddf3d4d4e93ff2ef |
| SHA256 | 299e9f3632bd8278384e60f7384279ccb394ca532515448f44e089a3fb119f1c |
| SHA512 | 3c82f9f06be9bdbdb6fc94709d6c582641b2bd1ba1987c0b42a8d5c653fc32c006873c8f236b45c62970b3abe6a8b5f9faa1a57c0c85d52fdc94ecf1bd21abd6 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js
| MD5 | 1d26f69361e75ca5cd2eac5f99249c72 |
| SHA1 | 787d51c708ce15b2c533a180a2bf639648bc40eb |
| SHA256 | d7d63601d3347efc93425f4f93049cfb9ed2b9ead1dce662c9c1bed3cba302e0 |
| SHA512 | 7350774074462d33ac9f2e130829306af08a6693fd597f40c39bfb194684f66d965cd23c10de5fc4389e4a2ffe84db727aad23dd683a805ae4825f10026cb040 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\LICENSE
| MD5 | c2710cd00242ca7d7bef0fc98dbbc7f8 |
| SHA1 | ba49c34590b171487fd5e383ca28632f551865e5 |
| SHA256 | 9503def7b54ceb6e3cd182fd59bc05d3a30d7eae481e65aaba4b495133c83c14 |
| SHA512 | 1b8fed37b379cfaac4e67e4ae0d0ae1c7e8fdd5178f1e9a289b646c5adb016c68cdcd743266fca87bd37bffc0951e0b9ecba8a57f0600a7dcd5cb52cd783637f |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\checksums.txt
| MD5 | 1dcfcfdd8cce3e3b0fa697af106e4075 |
| SHA1 | f9261519f777790f7cd50c91e389d0e6589bd92a |
| SHA256 | 1357dc0a2f6ae355ab59b409c94cf635b7ed849a3bcb60e95b7132cbfd297324 |
| SHA512 | 751ac3545299650e783daf0a45823660ce0b3f6dd7d722d303b9a801b02db61f7bb3a5129f4481294f2201fb5ad4e7bb1b2ab9a2d993ebde8a0d985f08ce34a2 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\zh-CN.pak
| MD5 | 82326e465e3015c64ca1db77dc6a56bc |
| SHA1 | e8abe12a8dd2cc741b9637fa8f0e646043bbfe3d |
| SHA256 | 6655fd9dcdfaf2abf814ffb6c524d67495aed4d923a69924c65abeab30bc74fb |
| SHA512 | 4989789c0b2439666dda4c4f959dffc0ddcb77595b1f817c13a95ed97619c270151597160320b3f2327a7daffc8b521b68878f9e5e5fb3870eb0c43619060407 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\vi.pak
| MD5 | db0eb3183007de5aae10f934fffacc59 |
| SHA1 | e9ea7aeffe2b3f5cf75ab78630da342c6f8b7fd9 |
| SHA256 | ddabb225b671b989789e9c2ccd1b5a8f22141a7d9364d4e6ee9b8648305e7897 |
| SHA512 | 703efd12fcace8172c873006161712de1919572c58d98b11de7834c5628444229f5143d231c41da5b9cf729e32de58dee3603cb3d18c6cdd94aa9aa36fbf5de0 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ur.pak
| MD5 | 1ca4fa13bd0089d65da7cd2376feb4c6 |
| SHA1 | b1ba777e635d78d1e98e43e82d0f7a3dd7e97f9c |
| SHA256 | 3941364d0278e2c4d686faa4a135d16a457b4bc98c5a08e62aa12f3adc09aa7f |
| SHA512 | d0d9eb1aa029bd4c34953ee5f4b60c09cf1d4f0b21c061db4ede1b5ec65d7a07fc2f780ade5ce51f2f781d272ac32257b95eedf471f7295ba70b5ba51db6c51d |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\uk.pak
| MD5 | 361a0e1f665b9082a457d36209b92a25 |
| SHA1 | 3c89e1b70b51820bb6baa64365c64da6a9898e2f |
| SHA256 | bd02966f6c6258b66eae7ff014710925e53fe26e8254d7db4e9147266025cc3a |
| SHA512 | d4d25fc58053f8cce4c073846706dc1ecbc0dc19308ba35501e19676f3e7ed855d7b57ae22a5637f81cefc1aa032bf8770d0737df1924f3504813349387c08cf |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\tr.pak
| MD5 | 5ff2e5c95067a339e3d6b8985156ec1f |
| SHA1 | 7525b25c7b07f54b63b6459a0d8c8c720bd8a398 |
| SHA256 | 14a131ba318274cf10de533a19776db288f08a294cf7e564b7769fd41c7f2582 |
| SHA512 | 2414386df8d7ab75dcbd6ca2b9ae62ba8e953ddb8cd8661a9f984eb5e573637740c7a79050b2b303af3d5b1d4d1bb21dc658283638718fdd04fc6e5891949d1b |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\th.pak
| MD5 | a32ba63feeed9b91f6d6800b51e5aeae |
| SHA1 | 2fbf6783996e8315a4fb94b7d859564350ee5918 |
| SHA256 | e32e37ca0ab30f1816fe6df37e3168e1022f1d3737c94f5472ab6600d97a45f6 |
| SHA512 | adebde0f929820d8368096a9c30961ba7b33815b0f124ca56ca05767ba6d081adf964088cb2b9fcaa07f756b946fffa701f0b64b07d457c99fd2b498cbd1e8a5 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\te.pak
| MD5 | a17f16d7a038b0fa3a87d7b1b8095766 |
| SHA1 | b2f845e52b32c513e6565248f91901ab6874e117 |
| SHA256 | d39716633228a5872630522306f89af8585f8092779892087c3f1230d21a489e |
| SHA512 | 371fb44b20b8aba00c4d6f17701fa4303181ad628f60c7b4218e33be7026f118f619d66d679bffcb0213c48700fafd36b2e704499a362f715f63ea9a75d719e7 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ta.pak
| MD5 | 18ec8ff3c0701a6a8c48f341d368bab5 |
| SHA1 | 8bff8aee26b990cf739a29f83efdf883817e59d8 |
| SHA256 | 052bcdb64a80e504bb6552b97881526795b64e0ab7ee5fc031f3edf87160dee9 |
| SHA512 | a0e997fc9d316277de3f4773388835c287ab1a35770c01e376fb7428ff87683a425f6a6a605d38dd7904ca39c50998cd85f855cb33ae6abad47ac85a1584fe4e |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\sw.pak
| MD5 | 67a443a5c2eaad32625edb5f8deb7852 |
| SHA1 | a6137841e8e7736c5ede1d0dc0ce3a44dc41013f |
| SHA256 | 41dfb772ae4c6f9e879bf7b4fa776b2877a2f8740fa747031b3d6f57f34d81dd |
| SHA512 | e0fdff1c3c834d8af8634f43c2f16ba5b883a8d88dfd322593a13830047568faf9f41d0bf73cd59e2e33c38fa58998d4702d2b0c21666717a86945d18b3f29e5 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\sv.pak
| MD5 | 272f8a8b517c7283eab83ba6993eea63 |
| SHA1 | ad4175331b948bd4f1f323a4938863472d9b700c |
| SHA256 | d15b46bc9b5e31449b11251df19cd2ba4920c759bd6d4fa8ca93fd3361fdd968 |
| SHA512 | 3a0930b7f228a779f727ebfb6ae8820ab5cc2c9e04c986bce7b0f49f9bf124f349248ecdf108edf8870f96b06d58dea93a3e0e2f2da90537632f2109e1aa65f0 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\sr.pak
| MD5 | c68c235d8e696c098cf66191e648196b |
| SHA1 | 5c967fbbd90403a755d6c4b2411e359884dc8317 |
| SHA256 | ab96a18177af90495e2e3c96292638a775aa75c1d210ca6a6c18fbc284cd815b |
| SHA512 | 34d14d8cb851df1ea8cd3cc7e9690eaf965d8941cfcac1c946606115ad889630156c5ff47011b27c1288f8df70e8a7dc41909a9fa98d75b691742ec1d1a5e653 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\ro.pak
| MD5 | d2758f6adbaeea7cd5d95f4ad6dde954 |
| SHA1 | d7476db23d8b0e11bbabf6a59fde7609586bdc8a |
| SHA256 | 2b7906f33bfbe8e9968bcd65366e2e996cdf2f3e1a1fc56ad54baf261c66954c |
| SHA512 | 8378032d6febea8b5047ada667cb19e6a41f890cb36305acc2500662b4377caef3dc50987c925e05f21c12e32c3920188a58ee59d687266d70b8bfb1b0169a6e |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\7z-out\locales\sl.pak
| MD5 | ca763e801de642e4d68510900ff6fabb |
| SHA1 | c32a871831ce486514f621b3ab09387548ee1cff |
| SHA256 | 340e0babe5fddbfda601c747127251cf111dd7d79d0d6a5ec4e8443b835027de |
| SHA512 | e2847ce75de57deb05528dd9557047edcd15d86bf40a911eb97e988a8fdbda1cd0e0a81320eadf510c91c826499a897c770c007de936927df7a1cc82fa262039 |
C:\Users\Admin\AppData\Local\Temp\nsrBD46.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Users\Admin\AppData\Local\Temp\77b02e66-1c27-4d96-8f2a-5dd8ac65b6a4.tmp.node
| MD5 | 07423989cdcb444f519f22f78526498d |
| SHA1 | e0cc86c48b430f574dfd1a7a91ef9d35b572b14c |
| SHA256 | 3b407af04ef8ffa39b1b7d34c1ad6a15be766ebbb6ff27ddeb40c5380f981fdd |
| SHA512 | 56cd17c5ff8fbc35915b1738c42a80299f5e47906acc4c8910b810cf8ed95832a1a69068df89a76fd325c02c6b06d57fe7fde693ead1007b75090088ab8646c5 |
C:\Users\Admin\AppData\Local\Temp\36b3afcd-44cf-4c96-a96d-a874c97c610e.tmp.node
| MD5 | c534e350395bd5e0e39417a71513648e |
| SHA1 | 4439aa0f96e707c6324c1cd8080253692c16af6e |
| SHA256 | 3790b9fabedfe3c3b2161f13ca1a209516779649c4374c3941ae9a8720cbbc36 |
| SHA512 | a183dc39b82dbb27574f0251133a4c7ba3f7b2c695c7eeabb62df92e1dbab582b8326470bf1443510664a6dac128b230239a418a24b8e3d4923038ed60de2757 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
memory/5012-976-0x00007FF9693A0000-0x00007FF9693A1000-memory.dmp
memory/5012-975-0x00007FF969150000-0x00007FF969151000-memory.dmp
memory/4908-997-0x0000000000400000-0x0000000000412000-memory.dmp
C:\Users\Admin\AppData\Roaming\Flux\Network\Network Persistent State~RFe590f67.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Roaming\Flux\Network\Network Persistent State
| MD5 | ae6803d676859b47e2a4cd21c5c37ea5 |
| SHA1 | 1dd5b8ce0924e71e0eb3907d3be527cd81653a2f |
| SHA256 | 053639d88574eb8f2f2e514b5ad44a143ceab81c8eafe12721e66686b2208e8b |
| SHA512 | 20882d8fcb1f1e114065ad163a22faab2dbd35d8e9b6a0cc2ed4c299e2bae72cf081724990543771894bea051420d5f6bddae1b29987097d5001f9cb459615bc |
memory/4896-1037-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1036-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1035-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1034-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1033-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1032-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1031-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1027-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1026-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
memory/4896-1025-0x0000022DCEE50000-0x0000022DCEE51000-memory.dmp
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
152s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4000 wrote to memory of 4712 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4000 wrote to memory of 4712 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4000 wrote to memory of 4712 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.143.182.52.in-addr.arpa | udp |
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
121s
Max time network
125s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1996 -s 220
Network
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
ubuntu1804-amd64-20240729-en
Max time kernel
0s
Max time network
133s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/cgroup/memory/memory.limit_in_bytes | /usr/bin/node | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/meminfo | /usr/bin/node | N/A |
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/sentry-cli]
Network
| Country | Destination | Domain | Proto |
| US | 151.101.65.91:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.65.91:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 84.17.50.9:443 | tcp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240729-en
Max time kernel
121s
Max time network
127s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2368 -s 220
Network
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
121s
Max time network
133s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js
Network
Files
Analysis: behavioral29
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
ubuntu1804-amd64-20240729-en
Max time kernel
0s
Max time network
130s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh]
Network
| Country | Destination | Domain | Proto |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.193.91:443 | tcp | |
| US | 151.101.193.91:443 | tcp | |
| GB | 89.187.167.39:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:40
Platform
debian9-armhf-20240418-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh]
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
121s
Max time network
134s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 1680 wrote to memory of 1996 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\SpiderBanner.dll,#1
Network
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:42
Platform
debian9-mipsel-20240226-en
Max time kernel
1s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
Network
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:41
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh]
Network
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
145s
Max time network
153s
Command Line
Signatures
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app-64.7z"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
140s
Max time network
159s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20241023-en
Max time kernel
117s
Max time network
131s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
147s
Max time network
152s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3044 wrote to memory of 3632 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3044 wrote to memory of 3632 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3044 wrote to memory of 3632 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3632 -ip 3632
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3632 -s 628
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:40
Platform
debian9-armhf-20240418-en
Max time kernel
2s
Command Line
Signatures
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /usr/bin/node | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/online | /usr/bin/node | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/cgroup/memory/memory.limit_in_bytes | /usr/bin/node | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/meminfo | /usr/bin/node | N/A |
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/sentry-cli]
Network
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
140s
Max time network
167s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
147s
Max time network
162s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:42
Platform
debian9-mipsel-20240611-en
Max time kernel
24s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/scripts/build-in-docker.sh]
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
120s
Max time network
125s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Program Files\Flux\Flux.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Flux\locales\ja.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\binaries\FortniteLauncher.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ar.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\he.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\hi.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\LICENSES.chromium.html | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\el.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\hu.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sv.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\th.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\snapshot_blob.bin | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\bn.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\cs.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\install.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\es.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\fil.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\build-in-docker.sh | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\zh-TW.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\binaries\vulcan.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\bg.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\fi.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sl.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ta.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\it.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\ffmpeg.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\libEGL.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\libGLESv2.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\am.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\id.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\lt.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\sk.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app-update.yml | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\af.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\da.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\en-GB.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\en-US.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\et.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\package.json | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\bump-version.sh | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\chrome_200_percent.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\es-419.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\hr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ru.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\elevate.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\pt-BR.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\pt-PT.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\ro.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\LICENSE.electron.txt | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\de.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\fr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\lv.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\nl.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\bin\sentry-cli | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\Uninstall Flux.exe | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\vk_swiftshader.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\vulkan-1.dll | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| File created | C:\Program Files\Flux\locales\kn.pak | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe
"C:\Users\Admin\AppData\Local\Temp\Flux Setup 1.0.83.exe"
C:\Program Files\Flux\Flux.exe
"C:\Program Files\Flux\Flux.exe"
Network
Files
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\SpiderBanner.dll
| MD5 | 17309e33b596ba3a5693b4d3e85cf8d7 |
| SHA1 | 7d361836cf53df42021c7f2b148aec9458818c01 |
| SHA256 | 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93 |
| SHA512 | 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298 |
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\nsProcess.dll
| MD5 | f0438a894f3a7e01a4aae8d1b5dd0289 |
| SHA1 | b058e3fcfb7b550041da16bf10d8837024c38bf6 |
| SHA256 | 30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11 |
| SHA512 | f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7 |
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\chrome_100_percent.pak
| MD5 | 8626e1d68e87f86c5b4dabdf66591913 |
| SHA1 | 4cd7b0ac0d3f72587708064a7b0a3beca3f7b81c |
| SHA256 | 2caa1da9b6a6e87bdb673977fee5dd771591a1b6ed5d3c5f14b024130a5d1a59 |
| SHA512 | 03bcd8562482009060f249d6a0dd7382fc94d669a2094dec08e8d119be51bef2c3b7b484bb5b7f805ae98e372dab9383a2c11a63ab0f5644146556b1bb9a4c99 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\chrome_200_percent.pak
| MD5 | 48515d600258d60019c6b9c6421f79f6 |
| SHA1 | 0ef0b44641d38327a360aa6954b3b6e5aab2af16 |
| SHA256 | 07bee34e189fe9a8789aed78ea59ad41414b6e611e7d74da62f8e6ca36af01ce |
| SHA512 | b7266bc8abc55bd389f594dac0c0641ecf07703f35d769b87e731b5fdf4353316d44f3782a4329b3f0e260dead6b114426ddb1b0fb8cd4a51e0b90635f1191d9 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\ffmpeg.dll
| MD5 | d49e7a8f096ad4722bd0f6963e0efc08 |
| SHA1 | 6835f12391023c0c7e3c8cc37b0496e3a93a5985 |
| SHA256 | f11576bf7ffbc3669d1a5364378f35a1ed0811b7831528b6c4c55b0cdc7dc014 |
| SHA512 | ca50c28d6aac75f749ed62eec8acbb53317f6bdcef8794759af3fad861446de5b7fa31622ce67a347949abb1098eccb32689b4f1c54458a125bc46574ad51575 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\d3dcompiler_47.dll
| MD5 | cb9807f6cf55ad799e920b7e0f97df99 |
| SHA1 | bb76012ded5acd103adad49436612d073d159b29 |
| SHA256 | 5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a |
| SHA512 | f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\icudtl.dat
| MD5 | adfd2a259608207f256aeadb48635645 |
| SHA1 | 300bb0ae3d6b6514fb144788643d260b602ac6a4 |
| SHA256 | 7c8c7b05d70145120b45ccb64bf75bee3c63ff213e3e64d092d500a96afb8050 |
| SHA512 | 8397e74c7a85b0a2987cae9f2c66ce446923aa4140686d91a1e92b701e16b73a6ce459540e718858607ecb12659bedac0aa95c2713c811a2bc2d402691ff29dc |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\libGLESv2.dll
| MD5 | a5f1921e6dcde9eaf42e2ccc82b3d353 |
| SHA1 | 1f6f4df99ae475acec4a7d3910badb26c15919d1 |
| SHA256 | 50c4dc73d69b6c0189eab56d27470ee15f99bbbc12bfd87ebe9963a7f9ba404e |
| SHA512 | 0c24ae7d75404adf8682868d0ebf05f02bbf603f7ddd177cf2af5726802d0a5afcf539dc5d68e10dab3fcfba58903871c9c81054560cf08799af1cc88f33c702 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\libEGL.dll
| MD5 | 09134e6b407083baaedf9a8c0bce68f2 |
| SHA1 | 8847344cceeab35c1cdf8637af9bd59671b4e97d |
| SHA256 | d2107ba0f4e28e35b22837c3982e53784d15348795b399ad6292d0f727986577 |
| SHA512 | 6ff3adcb8be48d0b505a3c44e6550d30a8feaf4aa108982a7992ed1820c06f49e0ad48d9bd92685fb82783dfd643629bd1fe4073300b61346b63320cbdb051ba |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\LICENSE.electron.txt
| MD5 | 4d42118d35941e0f664dddbd83f633c5 |
| SHA1 | 2b21ec5f20fe961d15f2b58efb1368e66d202e5c |
| SHA256 | 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d |
| SHA512 | 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\v8_context_snapshot.bin
| MD5 | a373d83d4c43ba957693ad57172a251b |
| SHA1 | 8e0fdb714df2f4cb058beb46c06aa78f77e5ff86 |
| SHA256 | 43b58ca4057cf75063d3b4a8e67aa9780d9a81d3a21f13c64b498be8b3ba6e0c |
| SHA512 | 07fbd84dc3e0ec1536ccb54d5799d5ed61b962251ece0d48e18b20b0fc9dd92de06e93957f3efc7d9bed88db7794fe4f2bec1e9b081825e41c6ac3b4f41eab18 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\snapshot_blob.bin
| MD5 | 8fef5a96dbcc46887c3ff392cbdb1b48 |
| SHA1 | ed592d75222b7828b7b7aab97b83516f60772351 |
| SHA256 | 4de0f720c416776423add7ada621da95d0d188d574f08e36e822ad10d85c3ece |
| SHA512 | e52c7820c69863ecc1e3b552b7f20da2ad5492b52cac97502152ebff45e7a45b00e6925679fd7477cdc79c68b081d6572eeed7aed773416d42c9200accc7230e |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources.pak
| MD5 | 7971a016aed2fb453c87eb1b8e3f5eb2 |
| SHA1 | 92b91e352be8209fadcf081134334dea147e23b8 |
| SHA256 | 9cfd5d29cde3de2f042e5e1da629743a7c95c1211e1b0b001e4eebc0f0741e06 |
| SHA512 | 42082ac0c033655f2edae876425a320d96cdaee6423b85449032c63fc0f7d30914aa3531e65428451c07912265b85f5fee2ed0bbdb362994d3a1fa7b14186013 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\LICENSES.chromium.html
| MD5 | 180f8acc70405077badc751453d13625 |
| SHA1 | 35dc54acad60a98aeec47c7ade3e6a8c81f06883 |
| SHA256 | 0bfa9a636e722107b6192ff35c365d963a54e1de8a09c8157680e8d0fbbfba1c |
| SHA512 | 40d3358b35eb0445127c70deb0cb87ec1313eca285307cda168605a4fd3d558b4be9eb24a59568eca9ee1f761e578c39b2def63ad48e40d31958db82f128e0ec |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\vk_swiftshader.dll
| MD5 | a0845e0774702da9550222ab1b4fded7 |
| SHA1 | 65d5bd6c64090f0774fd0a4c9b215a868b48e19b |
| SHA256 | 6150a413ebe00f92f38737bdccf493d19921ef6329fcd48e53de9dbde4780810 |
| SHA512 | 4be0cb1e3c942a1695bae7b45d21c5f70e407132ecc65efb5b085a50cdab3c33c26e90bd7c86198ec40fb2b18d026474b6c649776a3ca2ca5bff6f922de2319b |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\vk_swiftshader_icd.json
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| SHA512 | f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\vulkan-1.dll
| MD5 | 0e4e0f481b261ea59f196e5076025f77 |
| SHA1 | c73c1f33b5b42e9d67d819226db69e60d2262d7b |
| SHA256 | f681844896c084d2140ac210a974d8db099138fe75edb4df80e233d4b287196a |
| SHA512 | e6127d778ec73acbeb182d42e5cf36c8da76448fbdab49971de88ec4eb13ce63140a2a83fc3a1b116e41f87508ff546c0d7c042b8f4cdd9e07963801f3156ba2 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\binaries\FortniteLauncher.exe
| MD5 | aeaa6f47b71614437c0d47828da005ca |
| SHA1 | f9d016d3817ebbc28556967b8b8c05d120acbc58 |
| SHA256 | 31eb3c804c7a248fe505d948ad9b3891b6b6f9210bd84aaf0eb716478c490b66 |
| SHA512 | 6785eb5ae5d6d78a9c2f004ba5c91dd6603fd8efb39cb50f4bc3ac16d7377fb1317ba12658b63d575c17de04696b88c09c8a812340c4c40394196dab99d41a60 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\af.pak
| MD5 | 464e5eeaba5eff8bc93995ba2cb2d73f |
| SHA1 | 3b216e0c5246c874ad0ad7d3e1636384dad2255d |
| SHA256 | 0ad547bb1dc57907adeb02e1be3017cce78f6e60b8b39395fe0e8b62285797a1 |
| SHA512 | 726d6c41a9dbf1f5f2eff5b503ab68d879b088b801832c13fba7eb853302b16118cacda4748a4144af0f396074449245a42b2fe240429b1afcb7197fa0cb6d41 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\am.pak
| MD5 | 2c933f084d960f8094e24bee73fa826c |
| SHA1 | 91dfddc2cff764275872149d454a8397a1a20ab1 |
| SHA256 | fa1e44215bd5acc7342c431a3b1fddb6e8b6b02220b4599167f7d77a29f54450 |
| SHA512 | 3c9ecfb0407de2aa6585f4865ad54eeb2ec6519c9d346e2d33ed0e30be6cc3ebfed676a08637d42c2ca8fa6cfefb4091feb0c922ff71f09a2b89cdd488789774 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ar.pak
| MD5 | fdbad4c84ac66ee78a5c8dd16d259c43 |
| SHA1 | 3ce3cd751bb947b19d004bd6916b67e8db5017ac |
| SHA256 | a62b848a002474a8ea37891e148cbaf4af09bdba7dafebdc0770c9a9651f7e3b |
| SHA512 | 376519c5c2e42d21acedb1ef47184691a2f286332451d5b8d6aac45713861f07c852fb93bd9470ff5ee017d6004aba097020580f1ba253a5295ac1851f281e13 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\bn.pak
| MD5 | 9340520696e7cb3c2495a78893e50add |
| SHA1 | eed5aeef46131e4c70cd578177c527b656d08586 |
| SHA256 | 1ea245646a4b4386606f03c8a3916a3607e2adbbc88f000976be36db410a1e39 |
| SHA512 | 62507685d5542cfcd394080917b3a92ca197112feea9c2ddc1dfc77382a174c7ddf758d85af66cd322692215cb0402865b2a2b212694a36da6b592028caafcdf |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\bg.pak
| MD5 | 38bcabb6a0072b3a5f8b86b693eb545d |
| SHA1 | d36c8549fe0f69d05ffdaffa427d3ddf68dd6d89 |
| SHA256 | 898621731ac3471a41f8b3a7bf52e7f776e8928652b37154bc7c1299f1fd92e1 |
| SHA512 | 002adbdc17b6013becc4909daf2febb74ce88733c78e968938b792a52c9c5a62834617f606e4cb3774ae2dad9758d2b8678d7764bb6dcfe468881f1107db13ef |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ca.pak
| MD5 | 4cd6b3a91669ddcfcc9eef9b679ab65c |
| SHA1 | 43c41cb00067de68d24f72e0f5c77d3b50b71f83 |
| SHA256 | 56efff228ee3e112357d6121b2256a2c3acd718769c89413de82c9d4305459c6 |
| SHA512 | 699be9962d8aae241abd1d1f35cd8468ffbd6157bcd6bdf2c599d902768351b247baad6145b9826d87271fd4a19744eb11bf7065db7fefb01d66d2f1f39015a9 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\cs.pak
| MD5 | eeee212072ea6589660c9eb216855318 |
| SHA1 | d50f9e6ca528725ced8ac186072174b99b48ea05 |
| SHA256 | de92f14480770401e39e22dcf3dd36de5ad3ed22e44584c31c37cd99e71c4a43 |
| SHA512 | ea068186a2e611fb98b9580f2c5ba6fd1f31b532e021ef9669e068150c27deee3d60fd9ff7567b9eb5d0f98926b24defabc9b64675b49e02a6f10e71bb714ac8 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\da.pak
| MD5 | e7ba94c827c2b04e925a76cb5bdd262c |
| SHA1 | abba6c7fcec8b6c396a6374331993c8502c80f91 |
| SHA256 | d8da7ab28992c8299484bc116641e19b448c20adf6a8b187383e2dba5cd29a0b |
| SHA512 | 1f44fce789cf41fd62f4d387b7b8c9d80f1e391edd2c8c901714dd0a6e3af32266e9d3c915c15ad47c95ece4c7d627aa7339f33eea838d1af9901e48edb0187e |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\de.pak
| MD5 | cf22ec11a33be744a61f7de1a1e4514f |
| SHA1 | 73e84848c6d9f1a2abe62020eb8c6797e4c49b36 |
| SHA256 | 7cc213e2c9a2d2e2e463083dd030b86da6bba545d5cee4c04df8f80f9a01a641 |
| SHA512 | c10c8446e3041d7c0195da184a53cfbd58288c06eaf8885546d2d188b59667c270d647fa7259f5ce140ec6400031a7fc060d0f2348ab627485e2207569154495 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\el.pak
| MD5 | e66a75680f21ce281995f37099045714 |
| SHA1 | d553e80658ee1eea5b0912db1ecc4e27b0ed4790 |
| SHA256 | 21d1d273124648a435674c7877a98110d997cf6992469c431fe502bbcc02641f |
| SHA512 | d3757529dd85ef7989d9d4cecf3f7d87c9eb4beda965d8e2c87ee23b8baaec3fdff41fd53ba839215a37404b17b8fe2586b123557f09d201b13c7736c736b096 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\en-GB.pak
| MD5 | 825ed4c70c942939ffb94e77a4593903 |
| SHA1 | 7a3faee9bf4c915b0f116cb90cec961dda770468 |
| SHA256 | e11e8db78ae12f8d735632ba9fd078ec66c83529cb1fd86a31ab401f6f833c16 |
| SHA512 | 41325bec22af2e5ef8e9b26c48f2dfc95763a249ccb00e608b7096ec6236ab9a955de7e2340fd9379d09ac2234aee69aed2a24fe49382ffd48742d72a929c56a |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\en-US.pak
| MD5 | 19d18f8181a4201d542c7195b1e9ff81 |
| SHA1 | 7debd3cf27bbe200c6a90b34adacb7394cb5929c |
| SHA256 | 1d20e626444759c2b72aa6e998f14a032408d2b32f957c12ec3abd52831338fb |
| SHA512 | af07e1b08bbf2dd032a5a51a88ee2923650955873753629a086cad3b1600ce66ca7f9ed31b8ca901c126c10216877b24e123144bb0048f2a1e7757719aae73f2 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\es.pak
| MD5 | 04a9ba7316dc81766098e238a667de87 |
| SHA1 | 24d7eb4388ecdfecada59c6a791c754181d114de |
| SHA256 | 7fa148369c64bc59c2832d617357879b095357fe970bab9e0042175c9ba7cb03 |
| SHA512 | 650856b6187df41a50f9bed29681c19b4502de6af8177b47bad0bf12e86a25e92aa728311310c28041a18e4d9f48ef66d5ad5d977b6662c44b49bfd1da84522b |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\es-419.pak
| MD5 | 7da3e8aa47ba35d014e1d2a32982a5bb |
| SHA1 | 8e35320b16305ad9f16cb0f4c881a89818cd75bb |
| SHA256 | 7f85673cf80d1e80acfc94fb7568a8c63de79a13a1bb6b9d825b7e9f338ef17c |
| SHA512 | 1fca90888eb067972bccf74dd5d09bb3fce2ceb153589495088d5056ed4bdede15d54318af013c2460f0e8b5b1a5c6484adf0ed84f4b0b3c93130b086da5c3bf |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\et.pak
| MD5 | ccc71f88984a7788c8d01add2252d019 |
| SHA1 | 6a87752eac3044792a93599428f31d25debea369 |
| SHA256 | d69489a723b304e305cb1767e6c8da5d5d1d237e50f6ddc76e941dcb01684944 |
| SHA512 | d35ccd639f2c199862e178a9fab768d7db10d5a654bc3bc1fab45d00ceb35a01119a5b4d199e2db3c3576f512b108f4a1df7faf6624d961c0fc4bca5af5f0e07 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\fi.pak
| MD5 | 21e534869b90411b4f9ea9120ffb71c8 |
| SHA1 | cc91ffbd19157189e44172392b2752c5f73984c5 |
| SHA256 | 2d337924139ffe77804d2742eda8e58d4e548e65349f827840368e43d567810b |
| SHA512 | 3ca3c0adaf743f92277452b7bd82db4cf3f347de5568a20379d8c9364ff122713befd547fbd3096505ec293ae6771ada4cd3dadac93cc686129b9e5aacf363bd |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\fa.pak
| MD5 | 2e37fd4e23a1707a1eccea3264508dff |
| SHA1 | e00e58ed06584b19b18e9d28b1d52dbfc36d70f3 |
| SHA256 | b9ee861e1bdecffe6a197067905279ea77c180844a793f882c42f2b70541e25e |
| SHA512 | 7c467f434eb0ce8e4a851761ae9bd7a9e292aab48e8e653e996f8ca598d0eb5e07ec34e2b23e544f3b38439dc3b8e3f7a0dfd6a8e28169aa95ceff42bf534366 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\hi.pak
| MD5 | b5dfce8e3ba0aec2721cc1692b0ad698 |
| SHA1 | c5d6fa21a9ba3d526f3e998e3f627afb8d1eecf3 |
| SHA256 | b1c7fb6909c8a416b513d6de21eea0b5a6b13c7f0a94cabd0d9154b5834a5e8b |
| SHA512 | facf0a9b81af6bb35d0fc5e69809d5c986a2c91a166e507784bdad115644b96697fe504b8d70d9bbb06f0c558f746c085d37e385eef41f0a1c29729d3d97980f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\he.pak
| MD5 | fc84ea7dc7b9408d1eea11beeb72b296 |
| SHA1 | de9118194952c2d9f614f8e0868fb273ddfac255 |
| SHA256 | 15951767dafa7bdbedac803d842686820de9c6df478416f34c476209b19d2d8c |
| SHA512 | 49d13976dddb6a58c6fdcd9588e243d705d99dc1325c1d9e411a1d68d8ee47314dfcb661d36e2c4963c249a1542f95715f658427810afcabdf9253aa27eb3b24 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\gu.pak
| MD5 | 308619d65b677d99f48b74ccfe060567 |
| SHA1 | 9f834df93fd48f4fb4ca30c4058e23288cf7d35e |
| SHA256 | e40ee4f24839f9e20b48d057bf3216bc58542c2e27cb40b9d2f3f8a1ea5bfbb4 |
| SHA512 | 3ca84ad71f00b9f7cc61f3906c51b263f18453fce11ec6c7f9edfe2c7d215e3550c336e892bd240a68a6815af599cc20d60203294f14adb133145ca01fe4608f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\fr.pak
| MD5 | 3ee48a860ecf45bafa63c9284dfd63e2 |
| SHA1 | 1cb51d14964f4dced8dea883bf9c4b84a78f8eb6 |
| SHA256 | 1923e0edf1ef6935a4a718e3e2fc9a0a541ea0b4f3b27553802308f9fd4fc807 |
| SHA512 | eb6105faca13c191fef0c51c651a406b1da66326bb5705615770135d834e58dee9bed82aa36f2dfb0fe020e695c192c224ec76bb5c21a1c716e5f26dfe02f763 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\fil.pak
| MD5 | d7df2ea381f37d6c92e4f18290c6ffe0 |
| SHA1 | 7cacf08455aa7d68259fcba647ee3d9ae4c7c5e4 |
| SHA256 | db4a63fa0d5b2baba71d4ba0923caed540099db6b1d024a0d48c3be10c9eed5a |
| SHA512 | 96fc028455f1cea067b3a3dd99d88a19a271144d73dff352a3e08b57338e513500925787f33495cd744fe4122dff2d2ee56e60932fc02e04feed2ec1e0c3533f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\hr.pak
| MD5 | 255f808210dbf995446d10ff436e0946 |
| SHA1 | 1785d3293595f0b13648fb28aec6936c48ea3111 |
| SHA256 | 4df972b7f6d81aa7bdc39e2441310a37f746ae5015146b4e434a878d1244375b |
| SHA512 | 8b1a4d487b0782055717b718d58cd21e815b874e2686cdfd2087876b70ae75f9182f783c70bf747cf4ca17a3afc68517a9db4c99449fa09bef658b5e68087f2a |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\id.pak
| MD5 | b6fcd5160a3a1ae1f65b0540347a13f2 |
| SHA1 | 4cf37346318efb67908bba7380dbad30229c4d3d |
| SHA256 | 7fd715914e3b0cf2048d4429f3236e0660d5bd5e61623c8fef9b8e474c2ac313 |
| SHA512 | a8b4a96e8f9a528b2df3bd1251b72ab14feccf491dd254a7c6ecba831dfaba328adb0fd0b4acddb89584f58f94b123e97caa420f9d7b34131cc51bdbdbf3ed73 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ja.pak
| MD5 | 38cd3ef9b7dff9efbbe086fa39541333 |
| SHA1 | 321ef69a298d2f9830c14140b0b3b0b50bd95cb0 |
| SHA256 | d8fab5714dafecb89b3e5fce4c4d75d2b72893e685e148e9b60f7c096e5b3337 |
| SHA512 | 40785871032b222a758f29e0c6ec696fbe0f6f5f3274cc80085961621bec68d7e0fb47c764649c4dd0c27c6ee02460407775fae9d3a2a8a59362d25a39266ce0 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\kn.pak
| MD5 | caab4deb1c40507848f9610d849834cf |
| SHA1 | 1bc87ff70817ba1e1fdd1b5cb961213418680cbe |
| SHA256 | 7a34483e6272f9b8881f0f5a725b477540166561c75b9e7ab627815d4be1a8a4 |
| SHA512 | dc4b63e5a037479bb831b0771aec0fe6eb016723bcd920b41ab87ef11505626632877073ce4e5e0755510fe19ba134a7b5899332ecef854008b15639f915860c |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ko.pak
| MD5 | d6194fc52e962534b360558061de2a25 |
| SHA1 | 98ed833f8c4beac685e55317c452249579610ff8 |
| SHA256 | 1a5884bd6665b2f404b7328de013522ee7c41130e57a53038fc991ec38290d21 |
| SHA512 | 5207a07426c6ceb78f0504613b6d2b8dadf9f31378e67a61091f16d72287adbc7768d1b7f2a923369197e732426d15a872c091cf88680686581d48a7f94988ab |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\lv.pak
| MD5 | a8cbd741a764f40b16afea275f240e7e |
| SHA1 | 317d30bbad8fd0c30de383998ea5be4eec0bb246 |
| SHA256 | a1a9d84fd3af571a57be8b1a9189d40b836808998e00ec9bd15557b83d0e3086 |
| SHA512 | 3da91c0ca20165445a2d283db7dc749fcf73e049bfff346b1d79b03391aefc7f1310d3ac2c42109044cfb50afcf178dcf3a34b4823626228e591f328dd7afe95 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ml.pak
| MD5 | 1c81104ac2cbf7f7739af62eb77d20d5 |
| SHA1 | 0f0d564f1860302f171356ea35b3a6306c051c10 |
| SHA256 | 66005bc01175a4f6560d1e9768dbc72b46a4198f8e435250c8ebc232d2dac108 |
| SHA512 | 969294eae8c95a1126803a35b8d3f1fc3c9d22350aa9cc76b2323b77ad7e84395d6d83b89deb64565783405d6f7eae40def7bdaf0d08da67845ae9c7dbb26926 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\mr.pak
| MD5 | 2cf9f07ddf7a3a70a48e8b524a5aed43 |
| SHA1 | 974c1a01f651092f78d2d20553c3462267ddf4e9 |
| SHA256 | 23058c0f71d9e40f927775d980524d866f70322e0ef215aa5748c239707451e7 |
| SHA512 | 0b21570deefa41defc3c25c57b3171635bcb5593761d48a8116888ce8be34c1499ff79c7a3ebbe13b5a565c90027d294c6835e92e6254d582a86750640fe90f2 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\nl.pak
| MD5 | 0f04bac280035fab018f634bcb5f53ae |
| SHA1 | 4cad76eaecd924b12013e98c3a0e99b192be8936 |
| SHA256 | be254bcda4dbe167cb2e57402a4a0a814d591807c675302d2ce286013b40799b |
| SHA512 | 1256a6acac5a42621cb59eb3da42ddeeacfe290f6ae4a92d00ebd4450a8b7ccb6f0cd5c21cf0f18fe4d43d0d7aee87b6991fef154908792930295a3871fa53df |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\pt-PT.pak
| MD5 | b4954b064e3f6a9ba546dda5fa625927 |
| SHA1 | 584686c6026518932991f7de611e2266d8523f9d |
| SHA256 | ee1e014550b85e3d18fb5128984a713d9f6de2258001b50ddd18391e7307b4a1 |
| SHA512 | cb3b465b311f83b972eca1c66862b2c5d6ea6ac15282e0094aea455123ddf32e85df24a94a0aedbe1b925ff3ed005ba1e00d5ee820676d7a5a366153ade90ef7 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\sk.pak
| MD5 | b7e97cc98b104053e5f1d6a671c703b7 |
| SHA1 | 0f7293f1744ae2cd858eb3431ee016641478ae7d |
| SHA256 | b0d38869275d9d295e42b0b90d0177e0ca56a393874e4bb454439b8ce25d686f |
| SHA512 | ef3247c6f0f4065a4b68db6bf7e28c8101a9c6c791b3f771ed67b5b70f2c9689cec67a1c864f423382c076e4cbb6019c1c0cb9ad0204454e28f749a69b6b0de0 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ta.pak
| MD5 | 18ec8ff3c0701a6a8c48f341d368bab5 |
| SHA1 | 8bff8aee26b990cf739a29f83efdf883817e59d8 |
| SHA256 | 052bcdb64a80e504bb6552b97881526795b64e0ab7ee5fc031f3edf87160dee9 |
| SHA512 | a0e997fc9d316277de3f4773388835c287ab1a35770c01e376fb7428ff87683a425f6a6a605d38dd7904ca39c50998cd85f855cb33ae6abad47ac85a1584fe4e |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\sw.pak
| MD5 | 67a443a5c2eaad32625edb5f8deb7852 |
| SHA1 | a6137841e8e7736c5ede1d0dc0ce3a44dc41013f |
| SHA256 | 41dfb772ae4c6f9e879bf7b4fa776b2877a2f8740fa747031b3d6f57f34d81dd |
| SHA512 | e0fdff1c3c834d8af8634f43c2f16ba5b883a8d88dfd322593a13830047568faf9f41d0bf73cd59e2e33c38fa58998d4702d2b0c21666717a86945d18b3f29e5 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\sv.pak
| MD5 | 272f8a8b517c7283eab83ba6993eea63 |
| SHA1 | ad4175331b948bd4f1f323a4938863472d9b700c |
| SHA256 | d15b46bc9b5e31449b11251df19cd2ba4920c759bd6d4fa8ca93fd3361fdd968 |
| SHA512 | 3a0930b7f228a779f727ebfb6ae8820ab5cc2c9e04c986bce7b0f49f9bf124f349248ecdf108edf8870f96b06d58dea93a3e0e2f2da90537632f2109e1aa65f0 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\tr.pak
| MD5 | 5ff2e5c95067a339e3d6b8985156ec1f |
| SHA1 | 7525b25c7b07f54b63b6459a0d8c8c720bd8a398 |
| SHA256 | 14a131ba318274cf10de533a19776db288f08a294cf7e564b7769fd41c7f2582 |
| SHA512 | 2414386df8d7ab75dcbd6ca2b9ae62ba8e953ddb8cd8661a9f984eb5e573637740c7a79050b2b303af3d5b1d4d1bb21dc658283638718fdd04fc6e5891949d1b |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app-update.yml
| MD5 | ca99f8abdc5c3c432c55f1b48803aa6d |
| SHA1 | c7836cfa253f8837b13df8197025df1f45e36a70 |
| SHA256 | d37115cceefe6870f32368c92b90e789e577b9cba35ab90799043689dedbbb7e |
| SHA512 | 4b12886e57814d80cb4c94de61e2149d6878e00defbe05a66b6ef8270e18c516536111a8c394b1960fc4577ef6e298647f854680ef22d3b3c6c850409314184b |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\elevate.exe
| MD5 | 792b92c8ad13c46f27c7ced0810694df |
| SHA1 | d8d449b92de20a57df722df46435ba4553ecc802 |
| SHA256 | 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37 |
| SHA512 | 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\zh-TW.pak
| MD5 | 2456bf42275f15e016689da166df9008 |
| SHA1 | 70f7de47e585dfea3f5597b5bba1f436510decd7 |
| SHA256 | adf8df051b55507e5a79fa47ae88c7f38707d02dfac0cc4a3a7e8e17b58c6479 |
| SHA512 | 7e622afa15c70785aaf7c19604d281efe0984f621d6599058c97c19d3c0379b2ee2e03b3a7ec597040a4eee250a782d7ec55c335274dd7db7c7ca97ddcfd378a |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\zh-CN.pak
| MD5 | 82326e465e3015c64ca1db77dc6a56bc |
| SHA1 | e8abe12a8dd2cc741b9637fa8f0e646043bbfe3d |
| SHA256 | 6655fd9dcdfaf2abf814ffb6c524d67495aed4d923a69924c65abeab30bc74fb |
| SHA512 | 4989789c0b2439666dda4c4f959dffc0ddcb77595b1f817c13a95ed97619c270151597160320b3f2327a7daffc8b521b68878f9e5e5fb3870eb0c43619060407 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\vi.pak
| MD5 | db0eb3183007de5aae10f934fffacc59 |
| SHA1 | e9ea7aeffe2b3f5cf75ab78630da342c6f8b7fd9 |
| SHA256 | ddabb225b671b989789e9c2ccd1b5a8f22141a7d9364d4e6ee9b8648305e7897 |
| SHA512 | 703efd12fcace8172c873006161712de1919572c58d98b11de7834c5628444229f5143d231c41da5b9cf729e32de58dee3603cb3d18c6cdd94aa9aa36fbf5de0 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ur.pak
| MD5 | 1ca4fa13bd0089d65da7cd2376feb4c6 |
| SHA1 | b1ba777e635d78d1e98e43e82d0f7a3dd7e97f9c |
| SHA256 | 3941364d0278e2c4d686faa4a135d16a457b4bc98c5a08e62aa12f3adc09aa7f |
| SHA512 | d0d9eb1aa029bd4c34953ee5f4b60c09cf1d4f0b21c061db4ede1b5ec65d7a07fc2f780ade5ce51f2f781d272ac32257b95eedf471f7295ba70b5ba51db6c51d |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\uk.pak
| MD5 | 361a0e1f665b9082a457d36209b92a25 |
| SHA1 | 3c89e1b70b51820bb6baa64365c64da6a9898e2f |
| SHA256 | bd02966f6c6258b66eae7ff014710925e53fe26e8254d7db4e9147266025cc3a |
| SHA512 | d4d25fc58053f8cce4c073846706dc1ecbc0dc19308ba35501e19676f3e7ed855d7b57ae22a5637f81cefc1aa032bf8770d0737df1924f3504813349387c08cf |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\th.pak
| MD5 | a32ba63feeed9b91f6d6800b51e5aeae |
| SHA1 | 2fbf6783996e8315a4fb94b7d859564350ee5918 |
| SHA256 | e32e37ca0ab30f1816fe6df37e3168e1022f1d3737c94f5472ab6600d97a45f6 |
| SHA512 | adebde0f929820d8368096a9c30961ba7b33815b0f124ca56ca05767ba6d081adf964088cb2b9fcaa07f756b946fffa701f0b64b07d457c99fd2b498cbd1e8a5 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\te.pak
| MD5 | a17f16d7a038b0fa3a87d7b1b8095766 |
| SHA1 | b2f845e52b32c513e6565248f91901ab6874e117 |
| SHA256 | d39716633228a5872630522306f89af8585f8092779892087c3f1230d21a489e |
| SHA512 | 371fb44b20b8aba00c4d6f17701fa4303181ad628f60c7b4218e33be7026f118f619d66d679bffcb0213c48700fafd36b2e704499a362f715f63ea9a75d719e7 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\sr.pak
| MD5 | c68c235d8e696c098cf66191e648196b |
| SHA1 | 5c967fbbd90403a755d6c4b2411e359884dc8317 |
| SHA256 | ab96a18177af90495e2e3c96292638a775aa75c1d210ca6a6c18fbc284cd815b |
| SHA512 | 34d14d8cb851df1ea8cd3cc7e9690eaf965d8941cfcac1c946606115ad889630156c5ff47011b27c1288f8df70e8a7dc41909a9fa98d75b691742ec1d1a5e653 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\sl.pak
| MD5 | ca763e801de642e4d68510900ff6fabb |
| SHA1 | c32a871831ce486514f621b3ab09387548ee1cff |
| SHA256 | 340e0babe5fddbfda601c747127251cf111dd7d79d0d6a5ec4e8443b835027de |
| SHA512 | e2847ce75de57deb05528dd9557047edcd15d86bf40a911eb97e988a8fdbda1cd0e0a81320eadf510c91c826499a897c770c007de936927df7a1cc82fa262039 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ru.pak
| MD5 | 2885bde990ee3b30f2c54a4067421b68 |
| SHA1 | ae16c4d534b120fdd68d33c091a0ec89fd58793f |
| SHA256 | 9fcda0d1fab7fff7e2f27980de8d94ff31e14287f58bd5d35929de5dd9cbcdca |
| SHA512 | f7781f5c07fbf128399b88245f35055964ff0cde1cc6b35563abc64f520971ce9916827097ca18855b46ec6397639f5416a6e8386a9390afba4332d47d21693f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ro.pak
| MD5 | d2758f6adbaeea7cd5d95f4ad6dde954 |
| SHA1 | d7476db23d8b0e11bbabf6a59fde7609586bdc8a |
| SHA256 | 2b7906f33bfbe8e9968bcd65366e2e996cdf2f3e1a1fc56ad54baf261c66954c |
| SHA512 | 8378032d6febea8b5047ada667cb19e6a41f890cb36305acc2500662b4377caef3dc50987c925e05f21c12e32c3920188a58ee59d687266d70b8bfb1b0169a6e |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\pt-BR.pak
| MD5 | 8e931ffbded8933891fb27d2cca7f37d |
| SHA1 | ab0a49b86079d3e0eb9b684ca36eb98d1d1fd473 |
| SHA256 | 6632bd12f04a5385012b5cdebe8c0dad4a06750dc91c974264d8fe60e8b6951d |
| SHA512 | cf0f6485a65c13cf5ddd6457d34cdea222708b0bb5ca57034ed2c4900fd22765385547af2e2391e78f02dcf00b7a2b3ac42a3509dd4237581cfb87b8f389e48d |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\pl.pak
| MD5 | f1d48a7dcd4880a27e39b7561b6eb0ab |
| SHA1 | 353c3ba213cd2e1f7423c6ba857a8d8be40d8302 |
| SHA256 | 2593c8b59849fbc690cbd513f06685ea3292cd0187fcf6b9069cbf3c9b0e8a85 |
| SHA512 | 132da2d3c1a4dad5ccb399b107d7b6d9203a4b264ef8a65add11c5e8c75859115443e1c65ece2e690c046a82687829f54ec855f99d4843f859ab1dd7c71f35a5 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\nb.pak
| MD5 | 55d5ad4eacb12824cfcd89470664c856 |
| SHA1 | f893c00d8d4fdb2f3e7a74a8be823e5e8f0cd673 |
| SHA256 | 4f44789a2c38edc396a31aba5cc09d20fb84cd1e06f70c49f0664289c33cd261 |
| SHA512 | 555d87be8c97f466c6b3e7b23ec0210335846398c33dba71e926ff7e26901a3908dbb0f639c93db2d090c9d8bda48eddf196b1a09794d0e396b2c02b4720f37e |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\ms.pak
| MD5 | aee105366a1870b9d10f0f897e9295db |
| SHA1 | eee9d789a8eeafe593ce77a7c554f92a26a2296f |
| SHA256 | c6471aee5f34f31477d57f593b09cb1de87f5fd0f9b5e63d8bab4986cf10d939 |
| SHA512 | 240688a0054bfebe36ea2b056194ee07e87bbbeb7e385131c73a64aa7967984610fcb80638dd883837014f9bc920037069d0655e3e92a5922f76813aedb185fa |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\lt.pak
| MD5 | 64b08ffc40a605fe74ecc24c3024ee3b |
| SHA1 | 516296e8a3114ddbf77601a11faf4326a47975ab |
| SHA256 | 8a5d6e29833374e0f74fd7070c1b20856cb6b42ed30d18a5f17e6c2e4a8d783e |
| SHA512 | 05d207413186ac2b87a59681efe4fdf9dc600d0f3e8327e7b9802a42306d80d0ddd9ee07d103b17caf0518e42ab25b7ca9da4713941abc7bced65961671164ac |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\it.pak
| MD5 | 745f16ca860ee751f70517c299c4ab0e |
| SHA1 | 54d933ad839c961dd63a47c92a5b935eef208119 |
| SHA256 | 10e65f42ce01ba19ebf4b074e8b2456213234482eadf443dfad6105faf6cde4c |
| SHA512 | 238343d6c80b82ae900f5abf4347e542c9ea016d75fb787b93e41e3c9c471ab33f6b4584387e5ee76950424e25486dd74b9901e7f72876960c0916c8b9cee9a6 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\locales\hu.pak
| MD5 | 2aa0a175df21583a68176742400c6508 |
| SHA1 | 3c25ba31c2b698e0c88e7d01b2cc241f0916e79a |
| SHA256 | b59f932df822ab1a87e8aab4bbb7c549db15899f259f4c50ae28f8d8c7ce1e72 |
| SHA512 | 03a16feb0601407e96bcb43af9bdb21e5218c2700c9f3cfd5f9690d0b4528f9dc17e4cc690d8c9132d4e0b26d7faafd90aa3f5e57237e06fb81aab7ab77f6c03 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\checksums.txt
| MD5 | 1dcfcfdd8cce3e3b0fa697af106e4075 |
| SHA1 | f9261519f777790f7cd50c91e389d0e6589bd92a |
| SHA256 | 1357dc0a2f6ae355ab59b409c94cf635b7ed849a3bcb60e95b7132cbfd297324 |
| SHA512 | 751ac3545299650e783daf0a45823660ce0b3f6dd7d722d303b9a801b02db61f7bb3a5129f4481294f2201fb5ad4e7bb1b2ab9a2d993ebde8a0d985f08ce34a2 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\package.json
| MD5 | 49f7deab5d526f6f79d8fd80be29c97e |
| SHA1 | e6ef40032a68a979454d30e9a483a1043367a90e |
| SHA256 | 3fe1b2bd4e7ed12e73c5717dc162f9086a4b349528042c4313610573530c6992 |
| SHA512 | 053d4996c3376aa0fbee16be84d0a7f86b043ee1928dfe81e5b8db1686ac5e42db26b13ecd168a86f7315e8c208549b68f1ee3b64df3c12426eeda73c4efcdbe |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\LICENSE
| MD5 | c2710cd00242ca7d7bef0fc98dbbc7f8 |
| SHA1 | ba49c34590b171487fd5e383ca28632f551865e5 |
| SHA256 | 9503def7b54ceb6e3cd182fd59bc05d3a30d7eae481e65aaba4b495133c83c14 |
| SHA512 | 1b8fed37b379cfaac4e67e4ae0d0ae1c7e8fdd5178f1e9a289b646c5adb016c68cdcd743266fca87bd37bffc0951e0b9ecba8a57f0600a7dcd5cb52cd783637f |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\sentry-cli.exe
| MD5 | 4c1bbccaec3f88e00c176e49b3ea9742 |
| SHA1 | eea00e776e5979ae8e650ee9ddf3d4d4e93ff2ef |
| SHA256 | 299e9f3632bd8278384e60f7384279ccb394ca532515448f44e089a3fb119f1c |
| SHA512 | 3c82f9f06be9bdbdb6fc94709d6c582641b2bd1ba1987c0b42a8d5c653fc32c006873c8f236b45c62970b3abe6a8b5f9faa1a57c0c85d52fdc94ecf1bd21abd6 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\bin\sentry-cli
| MD5 | b7c89ec5dfb8b15555f32a3bef6c3103 |
| SHA1 | a92048052f5fc0af532cd97ebf82c1a9fbf12342 |
| SHA256 | 7c5c97aaee075241bdc4fbc610b356445747e962ac3d986c5016acefd66a6ea0 |
| SHA512 | c47baa0e0896684403760a13cfa6dd5826152ec7ae83f783040d186eaca8af70bc97530bbb22b720d7482a4ad18c3959ab1af8ccfe3689b19a51955e777884e8 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\helper.js
| MD5 | c29ad60a23d5406728a51afa4352b4c7 |
| SHA1 | 2be817215890f5868717765570ce9f7422735c4e |
| SHA256 | faa867204c92db252271c9d850962ae1ff5c9448444ca907af483a6c874a6eb0 |
| SHA512 | e1784b8bf7119bf3380b192f1597cb3179425ff7ab347b144011fd17b62794760e6e092a0a1dae99302eb6c333f1638440df4e4e0eaf64f26d4f3cc46a74d04a |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\index.js
| MD5 | 50c3a734036b84685a15d56217207d67 |
| SHA1 | 1893de2684072a3a2961337fa9a9b45a52c52c0a |
| SHA256 | 171990f108cd5582f83432c1569f2c3e1aebfbfb159599f4ff2ab693c20a8f78 |
| SHA512 | 3aa037d12cee7cbf51826fb3e2aa87b4543dd62f5ff5f2f8915128061c07472304601766bddf949647c5ca92e8ee768a77139bbe91bdfaaae99dea4405168ea9 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\logger.js
| MD5 | 1d26f69361e75ca5cd2eac5f99249c72 |
| SHA1 | 787d51c708ce15b2c533a180a2bf639648bc40eb |
| SHA256 | d7d63601d3347efc93425f4f93049cfb9ed2b9ead1dce662c9c1bed3cba302e0 |
| SHA512 | 7350774074462d33ac9f2e130829306af08a6693fd597f40c39bfb194684f66d965cd23c10de5fc4389e4a2ffe84db727aad23dd683a805ae4825f10026cb040 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\index.js
| MD5 | e8282413c1895eaff49de6dd9b71ab13 |
| SHA1 | 4e058f522a46e20bbd26f15a6922390ec2c1da36 |
| SHA256 | d6a28994173c1c36476121f8b0e3633e01ecd0589289901fba34fe218293443d |
| SHA512 | 301d2a6ae958e1ba936cae6f555a587ad87567055f4709d4676a3ef5b1a3112cb338b8a9e744c24cbfa784f00f13a1118ad48fd4f6bb060c5608e4ddc8779389 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\uploadSourcemaps.js
| MD5 | d060ac623857ad5ca08e3a944768925a |
| SHA1 | 26fe78c92f55f9529ffa2b71da403873da29313f |
| SHA256 | 8d4bd4c779e177724aa7bf98e768e50ce8b2950ef5bf39fa08033057b400888b |
| SHA512 | ae1b42d7e5c5d60f935bcd08417d4d9055d71bfb80653281e990a687353592731a7c4423655fbb988728152846aa56a5f180335d254885338bf6c96ef2a8357a |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js
| MD5 | f42c24cde0162b93624df51f4e2abfab |
| SHA1 | f819638944878ac4cb49438d8599d3fbd9081949 |
| SHA256 | 3f2316e7fb20e82df9a8b08d6169a622a89808742806adee2e4d89885962357d |
| SHA512 | 67258cbaf9f46f1609cec9b87b7a577f855cde9c8efafa3d835a0d18fb3903fcc4733489bf81447cdf2c0a55701d569a75f11a81865dab8f624b722e76b7c674 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\install.js
| MD5 | 1ffedd383c8097dd628411836505787e |
| SHA1 | 969306e8127b354f35f4c870f2da7b4034d4197b |
| SHA256 | df3b6ca3fff442454ffee98e8e4db5e3fe0d82ff19a49216cd238fa9282cb30a |
| SHA512 | 1392958e5a9c2e0c6df617c48547f5fdae32960bfb55953528ee345e06e1ae191ca4001a618233adeab27e16de5ecd203c405e8b4fa7f3a739cd3d2c4a1e9ed2 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\bump-version.sh
| MD5 | 2ff8e17ece2c70eff9efdb2b1a524555 |
| SHA1 | d61c93df38f70f2244817c688a140224c9a99af9 |
| SHA256 | f07b481f34e732e74abe6402023f8b84f61281626ad6e25062a20fa8fd80ece4 |
| SHA512 | 0f847fd2b05bd4627a56b452f065e878005b6307bc101663297afb5f45c24d965ddc48ea4818c34ab35bde06f5a7711cf29fb9182c8ed9cf34e17d6434c487ee |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\build-in-docker.sh
| MD5 | 94b0fc212af523b8bfcd6c2aa5a5ab2a |
| SHA1 | cc0cb35f7ce729f7affe6b2c463e57966515e476 |
| SHA256 | abaa92d196f6752f184b83b19aedd9b1e28d328e6817de213f61fbd108351e16 |
| SHA512 | af0a2174e0304fdaa56ddae249049c142450ad4a0a9c8975548f61aa2bc356837b1d7ed441108156af32c979da5647bd0233a49db700ff0bbf528f9fa2c862e6 |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\test-vercel-nft.js
| MD5 | c63a1659a645a5095524923081813d51 |
| SHA1 | 1d97d7ccb0804b7a15f0593c87990ab0da4b6887 |
| SHA256 | 644476fd66a507adc49582e7371c87e4cacc3c7840c23fe920da2a09f05db08a |
| SHA512 | ae452613a1dc728428ed2e596d7fbb041e00a8aa300aaada289fd454f71267569fa548fa7c7217134572decab12e56f4aadd4853c96ef705ccba2dcb377018cb |
C:\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\7z-out\resources\app.asar.unpacked\node_modules\@sentry\cli\scripts\wheels
| MD5 | 6fec563925ecab8b6a98c3f38655236d |
| SHA1 | 9ad08eb80167574de6373d871cfff5511d2554cf |
| SHA256 | 6fa0613c1edb0c6b26baac0b759bf756f389a11e0ec0e64904cffb26ef8dc016 |
| SHA512 | 850a5285519965fe26ab0da2ae62d380648acb723d879e2ab770124e4146ce0a6d03f089e28af20604dd3e00913169f82ac568a1741014e0bc5ee7b2c583888d |
\Users\Admin\AppData\Local\Temp\nsjFB70.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
memory/2084-701-0x0000000003140000-0x0000000003142000-memory.dmp
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
93s
Max time network
152s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3928 wrote to memory of 2144 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3928 wrote to memory of 2144 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 3928 wrote to memory of 2144 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 2144 -ip 2144
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2144 -s 612
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.136.73.23.in-addr.arpa | udp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
93s
Max time network
145s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4300 wrote to memory of 1428 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4300 wrote to memory of 1428 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4300 wrote to memory of 1428 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\WinShell.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1428 -ip 1428
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1428 -s 612
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20241010-en
Max time kernel
12s
Max time network
19s
Command Line
Signatures
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app-64.7z"
Network
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20240903-en
Max time kernel
119s
Max time network
127s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\helper.js
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
144s
Max time network
157s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\helper.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win10v2004-20241007-en
Max time kernel
145s
Max time network
158s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\@sentry\cli\js\releases\options\deploys.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:39
Platform
win7-20241010-en
Max time kernel
120s
Max time network
127s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\StdUtils.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2848 -s 220
Network
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-11-20 23:33
Reported
2024-11-20 23:41
Platform
debian9-mipsbe-20240611-en
Max time kernel
18s
Command Line
Signatures
Processes
/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli
[/tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/local/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/usr/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/sbin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]
/bin/node
[node /tmp/resources/app.asar.unpacked/node_modules/@sentry/cli/bin/sentry-cli]