92f4be23fd098350031cbe2f661f90c7377d691eec91808636d415b9741b029a

Analysis

max time kernel
55s
max time network
57s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241211-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
14-12-2024 16:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Nitrox_1.7.1.0.zip
Size

7.8MB
MD5

f7d25be0395feec244bc865acfa07043
SHA1

b3c74c8b4f3a2ac065ee8953c6ead832b2868e5d
SHA256

92f4be23fd098350031cbe2f661f90c7377d691eec91808636d415b9741b029a
SHA512

8efd8d687847b760c789cbe03313257543cb6b557b800c1c5e509754ae49a9dc18b05a5d62d1338298ec6cddd8166e7428479f7047feb6b221bfa1853db72a29
SSDEEP

196608:Wm/qcR6luQIsgHFFz+iT9iU4l6iHWCgczkWBu+ie3JWq92INOF:d/qc0lrSFp+JmEzkWB7iewq9OF

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4920	NitroxLauncher.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:PID = "0"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 010000000200000000000000ffffffff	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Documents"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Mode = "4"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\MRUListEx = ffffffff	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\IconSize = "16"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000fa379060dd4bdb01e41af27bea4bdb01e41af27bea4bdb0114000000	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Mode = "4"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = ffffffff	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1"	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\IconSize = "16"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 = 60003100000000008b59267a10004d594e4f54457e310000480009000400efbe8b59257a8e5990822e000000274f0400000001000000000000000000000000000000f800d0004d00790020004e006f007400650062006f006f006b00000018000000	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1"	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\SniffedFolderType = "Generic"	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Downloads"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 = 6c003100000000008b59257a10004f4e454e4f547e310000540009000400efbe8b59257a8b592a7a2e000000264f04000000010000000000000000000000000000007bdfbf004f006e0065004e006f007400650020004e006f007400650062006f006f006b007300000018000000	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Mode = "4"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\MRUListEx = ffffffff	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 = 14002e8005398e082303024b98265d99428e115f0000	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByDirection = "1"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	NitroxLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg	NitroxLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257"	NitroxLauncher.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 14002e80922b16d365937a46956b92703aca08af0000	NitroxLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2934520114-3201407646-466687995-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Documents"	NitroxLauncher.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
4316	7zFM.exe
4920	NitroxLauncher.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeRestorePrivilege	4316	7zFM.exe
Token: 35	4316	7zFM.exe
Token: SeSecurityPrivilege	4316	7zFM.exe
Token: SeDebugPrivilege	4920	NitroxLauncher.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
4316	7zFM.exe
4316	7zFM.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4920	NitroxLauncher.exe
4920	NitroxLauncher.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Nitrox_1.7.1.0.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4316

C:\Users\Admin\Desktop\NitroxLauncher.exe
"C:\Users\Admin\Desktop\NitroxLauncher.exe"
1⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4920

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Desktop\LanguageFiles\ja.json

Filesize
4B

MD5
c443b04d0fc26b0a5a4573a78e0082a1

SHA1
3c957535345645dce7190b85eb10b39da96b2518

SHA256
e3566b3a06430868d71e9287dfd6c6c520a3da027aabea01951d407ee131dc2f

SHA512
7bbf6dac485c9e59d02edabc91ff5b15bc1319cef6905c0077ee16e3b1f572b61bff85f2400bc0f5b4aeab0260bd5d68787d72c7a688d79192952f7957a44de3

Download Submit
C:\Users\Admin\Desktop\NitroxLauncher.exe

Filesize
3.5MB

MD5
e801cd1a9af46b219768d79f7d2a2b98

SHA1
a2e939298aec1770b0079284b5bc275ba9cee517

SHA256
9c34793ccd4cde1297ed243858b6411305201b95e86d1e99cf493a9a51b88e5c

SHA512
48dee9078223881716bd1360881233b6a99df3c1f6063fe69784e77243ce55e988fea1365184de69b4f1724cd59ac02d6e8deaf7fbf00eae82301122c09e71ee

Download Submit
C:\Users\Admin\Desktop\NitroxLauncher.exe.config

Filesize
2KB

MD5
07a0a619101800cc15c38b1494ab87ca

SHA1
4c1dbcc4390d83503e2642afeb81292c214642e9

SHA256
749b8184de2e12e47bc7b0140840a392423a9e0b07a7f20afa54c237f61ee111

SHA512
e22a0ad49e3bf7985c40d76b5b389f75eaab7165ca6811c0a173f64359f06d1276fec9e285f2aa8bfbed0f7cf9aa02ce614138689bec66c1fe09a552343e121e

Download Submit
C:\Users\Admin\Desktop\NitroxLauncher.pdb

Filesize
28KB

MD5
504d1bd687da54c085423754aef3bb9e

SHA1
81b33cdc7bdb75815b0a28daf7fa6fa3d5264df6

SHA256
c7d3bd0f7c870234e44778bac4d0692b7a96ddd2fbac68d7f3ad6587ed88ec98

SHA512
d691b17e877157d8b23e8e5c2660e3f665c78991a8520a69c608cbacd16350203487e66653fc1f77be8cf44f0728c7cb1379bbc46eaea8416faf6f0dc1fc87b9

Download Submit
C:\Users\Admin\Desktop\lib\LitJSON.dll

Filesize
60KB

MD5
0618e6e6e60c78b3dfe4933d487102a0

SHA1
01fb560ceaeb1e1f63f3334eb9562140abb595d8

SHA256
b13efed121cc3a76c859d3241684881a9c5a6fab12a9a91e86fc5d108c8dc40b

SHA512
6796e63c0d83ff2c68ecb2a90b1ffbb1707410831353ad0c31c592cc2bdd569122e16d786e0f048e4ee3efae9a90360742fa152c754e75dd233f848491efde1d

Download Submit
C:\Users\Admin\Desktop\lib\Microsoft.WindowsAPICodePack.Shell.dll

Filesize
529KB

MD5
54fe9a2748c4a0f282d4ec91e3cadc16

SHA1
970b783a697d893ecd4916dd86b5ff7574896c9e

SHA256
e6fa9d9e34ff3bf63ce782654b14e4b54a3abd1022c87bc099032c2948157672

SHA512
c7d567e3c039f98f3a99249b2d9bc2186c34efd73eec421331732d2307a8af940911381e27b015f58d0f65871bb4b038cc0f27d3fa495acd08994226bb033b7f

Download Submit
C:\Users\Admin\Desktop\lib\Microsoft.WindowsAPICodePack.dll

Filesize
102KB

MD5
9531b41519156855a45c46f0b379a784

SHA1
00b857f09dcf0c71dab40c1a8c4c54d411fdb197

SHA256
418b5e7a96f9a6105cc6fe45896a9164e79c8849f40be23a411b5563a8e3a0d0

SHA512
10034288101d235cb7af984fd6a0db11c7f56dbed648a71596b8b0c93f68d5ac5cf00be033153a91e71a311374b220507f07aa5b6e1849a80930d37a5c2577f0

Download Submit
C:\Users\Admin\Desktop\lib\NitroxModel.dll

Filesize
224KB

MD5
a9f052f7b1f8ca4e5ed949c881b38ec8

SHA1
2c751c2214409fe911db9330d646b8e1965e2ff7

SHA256
6bf03b400e80d210108f51884adc8bfa038cf4d2f17dee64e4746642684f771c

SHA512
9e1371358ef8232441876bda815deb8c35276d92c9962308448a366dbf860576f4f6c84328007217448261c597593cc9185141a927fdad4b4f4e705207b9daa7

Download Submit
C:\Users\Admin\Desktop\lib\Serilog.Sinks.Async.dll

Filesize
9KB

MD5
44feed047bde92dbd84b3c63d8296b0a

SHA1
98492e2eac15898b49b37e0bc35aca6e1706298d

SHA256
4b81bbdaedc06cf231f810b6eb494401c86a30eee8679db3bea2f86485b20ced

SHA512
932a62c2ed84ade0de8b443f8d247d79dd2aa7c8a3652d95c680a06f789e95e019a300e5a261b143f673985c2ebed59a9815798725ff92d11107ceec0e9e426d

Download Submit
C:\Users\Admin\Desktop\lib\Serilog.Sinks.File.dll

Filesize
32KB

MD5
c25357a7950dcfc7f85ee9d593cb1a24

SHA1
6a533712852465ab3c11b5c76004312d6482f07f

SHA256
5b70dc2eeceb1963f9c3690c1cc8ffa793b280e903fa9a31780e6a7bb0bdfcf9

SHA512
30ca628b17b2a51bd9974fe1380caf728e7826c2bb552e4bc5ac15be8f819e908fc1744932db23734fec64e0f2c758372d8c49d019407efdfb076133c6df70c6

Download Submit
C:\Users\Admin\Desktop\lib\Serilog.dll

Filesize
123KB

MD5
0aa45a8a1cd24cd2b589e4aad925f35d

SHA1
0dc29954c4c2ffea4c33af0e56ce84158849b81e

SHA256
7a26a473af5eb7a00196e275c86d773f36e1d4caef566f97f1df7e07e20b1670

SHA512
7a865b16633c09bdecda34fdf15c62db4f04f2fb8db0abf57563aea51de67daf9eca0c08f053f551937a0c3c7987a53de2454ecb13139a193291633df7262981

Download Submit
C:\Users\Admin\Desktop\lib\ToastNotifications.Messages.dll

Filesize
88KB

MD5
e64aa8aa12f16c7397d95683206cb70a

SHA1
8172b8bc3b027f36ba1182abf26609d7e401e4f8

SHA256
556dc81ceda593f828ec08ecf408b92686cf0cf14df4f04da3c9c83f80cce474

SHA512
1f3bc239f9cef7ea4baf6fb6524ca6aa71a6dcc3127b7da8b2dcfa46181e2e2a9a1f58ec026b3a49fb1d50157748795ba6b8dd83f81353f481fb50bb3693f743

Download Submit
C:\Users\Admin\Desktop\lib\ToastNotifications.dll

Filesize
107KB

MD5
ce4c69d4ba73105bf8eff333ff8d265b

SHA1
28549362058bce91dcad5a13993f4f4b26f17530

SHA256
ed1297117c8dba2b3880246721af5b74c6ae16d745bea176adbeefc1ee75f2fb

SHA512
adc3c6f4d6a70814eb665039f2ee8387522475ed90017d72a37a0a381bdd3d5dbfd2a5cf26afa01f53d0bc312ca568ebdb7d245cdb21f0808d021a92b450b624

Download Submit
memory/4920-216-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download
memory/4920-224-0x000002B261FA0000-0x000002B261FD8000-memory.dmp

Filesize
224KB

Download
memory/4920-213-0x000002B243DD0000-0x000002B243DDE000-memory.dmp

Filesize
56KB

Download
memory/4920-209-0x000002B25DFB0000-0x000002B25DFD6000-memory.dmp

Filesize
152KB

Download
memory/4920-217-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download
memory/4920-211-0x000002B243DC0000-0x000002B243DC8000-memory.dmp

Filesize
32KB

Download
memory/4920-219-0x000002B25FB50000-0x000002B25FB6C000-memory.dmp

Filesize
112KB

Download
memory/4920-221-0x000002B25DF80000-0x000002B25DF96000-memory.dmp

Filesize
88KB

Download
memory/4920-207-0x000002B25F850000-0x000002B25F88E000-memory.dmp

Filesize
248KB

Download
memory/4920-222-0x000002B262C40000-0x000002B262CFA000-memory.dmp

Filesize
744KB

Download
memory/4920-223-0x000002B2628F0000-0x000002B2628F8000-memory.dmp

Filesize
32KB

Download
memory/4920-215-0x000002B25F8E0000-0x000002B25F902000-memory.dmp

Filesize
136KB

Download
memory/4920-225-0x000002B261F70000-0x000002B261F7E000-memory.dmp

Filesize
56KB

Download
memory/4920-205-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download
memory/4920-230-0x000002B262960000-0x000002B262980000-memory.dmp

Filesize
128KB

Download
memory/4920-204-0x000002B243630000-0x000002B2439AA000-memory.dmp

Filesize
3.5MB

Download
memory/4920-228-0x000002B263880000-0x000002B26390A000-memory.dmp

Filesize
552KB

Download
memory/4920-231-0x00007FFA0F0B3000-0x00007FFA0F0B5000-memory.dmp

Filesize
8KB

Download
memory/4920-232-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download
memory/4920-233-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download
memory/4920-203-0x00007FFA0F0B3000-0x00007FFA0F0B5000-memory.dmp

Filesize
8KB

Download
memory/4920-237-0x00007FFA0F0B0000-0x00007FFA0FB72000-memory.dmp

Filesize
10.8MB

Download