Analysis

  • max time kernel
    408s
  • max time network
    412s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-en
  • resource tags

    arch:x64arch:x86image:win11-20241023-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24-12-2024 10:41

General

  • Target

    Solara Bootstrapper.exe

  • Size

    800KB

  • MD5

    02c70d9d6696950c198db93b7f6a835e

  • SHA1

    30231a467a49cc37768eea0f55f4bea1cbfb48e2

  • SHA256

    8f2e28588f2303bd8d7a9b0c3ff6a9cb16fa93f8ddc9c5e0666a8c12d6880ee3

  • SHA512

    431d9b9918553bff4f4a5bc2a5e7b7015f8ad0e2d390bb4d5264d08983372424156524ef5587b24b67d1226856fc630aaca08edc8113097e0094501b4f08efeb

  • SSDEEP

    12288:qhd8cjaLXVh84wEFkW1mocaBj6WtiRPpptHxQ0z:2ycjar84w5W4ocaBj6y2tHDz

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 9 IoCs
  • Unexpected DNS network traffic destination 2 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 7 IoCs
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 5 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Gathers network information 2 TTPs 2 IoCs

    Uses commandline utility to view network configuration.

  • Modifies data under HKEY_USERS 17 IoCs
  • Modifies registry class 37 IoCs
  • Suspicious behavior: EnumeratesProcesses 11 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 34 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Solara Bootstrapper.exe
    "C:\Users\Admin\AppData\Local\Temp\Solara Bootstrapper.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1584
    • C:\Windows\SYSTEM32\cmd.exe
      "cmd" /c ipconfig /all
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3512
      • C:\Windows\system32\ipconfig.exe
        ipconfig /all
        3⤵
        • Gathers network information
        PID:3280
    • C:\Windows\SYSTEM32\cmd.exe
      "cmd" /c wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3664
      • C:\Windows\System32\Wbem\WMIC.exe
        wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
        3⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4052
    • C:\Users\Admin\AppData\Local\Temp\BootstrapperV2.04.exe
      "C:\Users\Admin\AppData\Local\Temp\BootstrapperV2.04.exe" --oldBootstrapper "C:\Users\Admin\AppData\Local\Temp\Solara Bootstrapper.exe" --isUpdate true
      2⤵
      • Executes dropped EXE
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:5036
      • C:\ProgramData\Solara\Solara.exe
        "C:\ProgramData\Solara\Solara.exe"
        3⤵
        • Executes dropped EXE
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2136
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:2864
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Drops file in Windows directory
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:2456
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3107cc40,0x7ffa3107cc4c,0x7ffa3107cc58
        2⤵
          PID:1400
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1788 /prefetch:2
          2⤵
            PID:2240
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2104 /prefetch:3
            2⤵
              PID:4172
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2192,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2208 /prefetch:8
              2⤵
                PID:4636
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3204 /prefetch:1
                2⤵
                  PID:2804
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3224 /prefetch:1
                  2⤵
                    PID:3888
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4452 /prefetch:1
                    2⤵
                      PID:4460
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4748,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4768 /prefetch:8
                      2⤵
                        PID:2064
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4800,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4788 /prefetch:8
                        2⤵
                          PID:3640
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4788,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5024 /prefetch:8
                          2⤵
                            PID:1144
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4792,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5020 /prefetch:8
                            2⤵
                              PID:4164
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5036 /prefetch:8
                              2⤵
                                PID:2380
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4960,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5136 /prefetch:8
                                2⤵
                                  PID:1124
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5032,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5300 /prefetch:1
                                  2⤵
                                    PID:124
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5056,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5088 /prefetch:2
                                    2⤵
                                      PID:2096
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4620,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5224 /prefetch:1
                                      2⤵
                                        PID:4424
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5244,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5476 /prefetch:1
                                        2⤵
                                          PID:1800
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5360,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5352 /prefetch:1
                                          2⤵
                                            PID:1988
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5020,i,1429502832412804054,3121751886010850891,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4756 /prefetch:8
                                            2⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:4600
                                        • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                          "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                          1⤵
                                            PID:2076
                                          • C:\Windows\System32\DataExchangeHost.exe
                                            C:\Windows\System32\DataExchangeHost.exe -Embedding
                                            1⤵
                                              PID:3248
                                            • C:\Windows\system32\svchost.exe
                                              C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                              1⤵
                                                PID:4040
                                              • C:\ProgramData\Solara\Solara.exe
                                                "C:\ProgramData\Solara\Solara.exe"
                                                1⤵
                                                • Executes dropped EXE
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:1836
                                              • C:\ProgramData\Solara\Solara.exe
                                                "C:\ProgramData\Solara\Solara.exe"
                                                1⤵
                                                • Executes dropped EXE
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:2960
                                              • C:\Users\Admin\Desktop\Solara Bootstrapper.exe
                                                "C:\Users\Admin\Desktop\Solara Bootstrapper.exe"
                                                1⤵
                                                  PID:1512
                                                  • C:\Windows\SYSTEM32\cmd.exe
                                                    "cmd" /c ipconfig /all
                                                    2⤵
                                                      PID:704
                                                      • C:\Windows\system32\ipconfig.exe
                                                        ipconfig /all
                                                        3⤵
                                                        • Gathers network information
                                                        PID:568
                                                    • C:\Users\Admin\Desktop\BootstrapperV2.04.exe
                                                      "C:\Users\Admin\Desktop\BootstrapperV2.04.exe" --oldBootstrapper "C:\Users\Admin\Desktop\Solara Bootstrapper.exe" --isUpdate true
                                                      2⤵
                                                      • Executes dropped EXE
                                                      PID:2108
                                                  • C:\Users\Admin\Desktop\BootstrapperV2.04.exe
                                                    "C:\Users\Admin\Desktop\BootstrapperV2.04.exe"
                                                    1⤵
                                                    • Executes dropped EXE
                                                    PID:2684
                                                    • C:\ProgramData\Solara\Solara.exe
                                                      "C:\ProgramData\Solara\Solara.exe"
                                                      2⤵
                                                      • Executes dropped EXE
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:4204
                                                  • C:\Windows\system32\OpenWith.exe
                                                    C:\Windows\system32\OpenWith.exe -Embedding
                                                    1⤵
                                                    • Modifies registry class
                                                    • Suspicious use of SetWindowsHookEx
                                                    PID:2828
                                                  • C:\Users\Admin\Desktop\BootstrapperV2.04.exe
                                                    "C:\Users\Admin\Desktop\BootstrapperV2.04.exe"
                                                    1⤵
                                                    • Executes dropped EXE
                                                    PID:1240
                                                    • C:\ProgramData\Solara\Solara.exe
                                                      "C:\ProgramData\Solara\Solara.exe"
                                                      2⤵
                                                      • Executes dropped EXE
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:4464
                                                  • C:\Windows\system32\BackgroundTransferHost.exe
                                                    "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
                                                    1⤵
                                                    • Modifies registry class
                                                    PID:5004
                                                  • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
                                                    "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
                                                    1⤵
                                                    • Modifies registry class
                                                    • Suspicious use of SetWindowsHookEx
                                                    PID:964
                                                  • C:\Windows\system32\LogonUI.exe
                                                    "LogonUI.exe" /flags:0x4 /state0:0xa39d4055 /state1:0x41c64e6d
                                                    1⤵
                                                    • Modifies data under HKEY_USERS
                                                    • Suspicious use of SetWindowsHookEx
                                                    PID:908
                                                  • C:\Windows\system32\bootim.exe
                                                    bootim.exe /startpage:1
                                                    1⤵
                                                    • Drops file in System32 directory
                                                    • Drops file in Windows directory
                                                    PID:3376

                                                  Network

                                                  MITRE ATT&CK Enterprise v15

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\ProgramData\Solara\Monaco\combined.html

                                                    Filesize

                                                    21KB

                                                    MD5

                                                    0d87076f7e0e64f697fbef6b5aee7ea4

                                                    SHA1

                                                    3fd6bf7506c220b6b964ff1b79dbedfdac2d2190

                                                    SHA256

                                                    965243a0e17a80557b02ae2709dd8a58490ebe182d9736ebc72b99caa644e94b

                                                    SHA512

                                                    a04283b147b89348ebdee08a79f2e7d0131cacaac955cf86c65986928d533c685ff00160a045eec436cfb7663d46973956b22dc194757ddc8b77b0cfb3d82297

                                                  • C:\ProgramData\Solara\Monaco\index.html

                                                    Filesize

                                                    21KB

                                                    MD5

                                                    b0803b94f06d287de02ca02ed7d90f9d

                                                    SHA1

                                                    b15dab8e68b7c6cc69ee79c201ab659d67aac6f3

                                                    SHA256

                                                    f4f966a5b00c4c4f96d904acf45d13e4514ceceda96ede1089294bae66e91ccf

                                                    SHA512

                                                    6e7cd14fa6294b47b2d211228e5600d53df8f355eb2e474aac66db5708ae4480dbc9809b5989a5a75c7ce34772fad994927f399b395616939f0b8f0b057f9a48

                                                  • C:\ProgramData\Solara\Monaco\vs\basic-languages\lua\lua.js

                                                    Filesize

                                                    5KB

                                                    MD5

                                                    8706d861294e09a1f2f7e63d19e5fcb7

                                                    SHA1

                                                    fa5f4bdc6c2f1728f65c41fb5c539211a24b6f23

                                                    SHA256

                                                    fc2d6fb52a524a56cd8ac53bfe4bad733f246e76dc73cbec4c61be32d282ac42

                                                    SHA512

                                                    1f9297eb4392db612630f824069afdc9d49259aba6361fb0b87372123ada067bc27d10d0623dc1eb7494da55c82840c5521f6fef74c1ada3b0fd801755234f1f

                                                  • C:\ProgramData\Solara\Monaco\vs\editor\editor.main.css

                                                    Filesize

                                                    171KB

                                                    MD5

                                                    233217455a3ef3604bf4942024b94f98

                                                    SHA1

                                                    95cd3ce46f4ca65708ec25d59dddbfa3fc44e143

                                                    SHA256

                                                    2ec118616a1370e7c37342da85834ca1819400c28f83abfcbbb1ef50b51f7701

                                                    SHA512

                                                    6f4cb7b88673666b7dc1beab3ec2aec4d7d353e6da9f6f14ed2fee8848c7da34ee5060d9eb34ecbb5db71b5b98e3f8582c09ef3efe4f2d9d3135dea87d497455

                                                  • C:\ProgramData\Solara\Monaco\vs\editor\editor.main.js

                                                    Filesize

                                                    2.0MB

                                                    MD5

                                                    9399a8eaa741d04b0ae6566a5ebb8106

                                                    SHA1

                                                    5646a9d35b773d784ad914417ed861c5cba45e31

                                                    SHA256

                                                    93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18

                                                    SHA512

                                                    d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8

                                                  • C:\ProgramData\Solara\Monaco\vs\editor\editor.main.nls.js

                                                    Filesize

                                                    31KB

                                                    MD5

                                                    74dd2381ddbb5af80ce28aefed3068fc

                                                    SHA1

                                                    0996dc91842ab20387e08a46f3807a3f77958902

                                                    SHA256

                                                    fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48

                                                    SHA512

                                                    8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e

                                                  • C:\ProgramData\Solara\Monaco\vs\loader.js

                                                    Filesize

                                                    27KB

                                                    MD5

                                                    8a3086f6c6298f986bda09080dd003b1

                                                    SHA1

                                                    8c7d41c586bfa015fb5cc50a2fdc547711b57c3c

                                                    SHA256

                                                    0512d9ed3e5bb3daef94aa5c16a6c3e2ee26ffed9de00d1434ffe46a027b16b9

                                                    SHA512

                                                    9e586742f4e19938132e41145deec584a7b8c7e111b3c6e9254f8d11db632ebe4d66898458ed7bcfc0614d06e20eb33d5a6a8eb8b32d91110557255cf1dbf017

                                                  • C:\ProgramData\Solara\Newtonsoft.Json.dll

                                                    Filesize

                                                    695KB

                                                    MD5

                                                    195ffb7167db3219b217c4fd439eedd6

                                                    SHA1

                                                    1e76e6099570ede620b76ed47cf8d03a936d49f8

                                                    SHA256

                                                    e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

                                                    SHA512

                                                    56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

                                                  • C:\ProgramData\Solara\Solara.exe

                                                    Filesize

                                                    133KB

                                                    MD5

                                                    c6f770cbb24248537558c1f06f7ff855

                                                    SHA1

                                                    fdc2aaae292c32a58ea4d9974a31ece26628fdd7

                                                    SHA256

                                                    d1e4a542fa75f6a6fb636b5de6f7616e2827a79556d3d9a4afc3ecb47f0beb2b

                                                    SHA512

                                                    cac56c58bd01341ec3ff102fe04fdb66625baad1d3dd7127907cd8453d2c6e2226ad41033e16ba20413a509fc7c826e4fdc0c0d553175eb6f164c2fc0906614a

                                                  • C:\ProgramData\Solara\Wpf.Ui.dll

                                                    Filesize

                                                    5.2MB

                                                    MD5

                                                    aead90ab96e2853f59be27c4ec1e4853

                                                    SHA1

                                                    43cdedde26488d3209e17efff9a51e1f944eb35f

                                                    SHA256

                                                    46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed

                                                    SHA512

                                                    f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d

                                                  • C:\ProgramData\Solara\bin\path.txt

                                                    Filesize

                                                    23B

                                                    MD5

                                                    6c24b13a01fc117e03a529ecfdcc2c2a

                                                    SHA1

                                                    2f194cf30089ec4cb3d6aebc9683a521cf78071e

                                                    SHA256

                                                    9db50cf96cc595c442a3f7695cc9e7597e4510dfcbab78820bfa69862d277417

                                                    SHA512

                                                    461f693a9bb39ba749573bf0de432e5ee5c0df9d093b5b90ddf29dcae1a58339fe876fb39ccab350a4cf446fff20363977efac1d392aaae3ba5ad70cca197b5a

                                                  • C:\ProgramData\Solara\bin\path.txt

                                                    Filesize

                                                    34B

                                                    MD5

                                                    0e2184f1c7464b6617329fb18f107b4f

                                                    SHA1

                                                    6f22f98471e33c9db10d6f6f1728e98852e25b8f

                                                    SHA256

                                                    dbf5f44e1b84a298dbbcad3c31a617d2f6cfa08eb5d16e05a5c28726c574d4eb

                                                    SHA512

                                                    8e745c0215d52e15702551f29efb882a5eba97b5f279ccc29293b1a9b1b8661bf71b548569f9a99fa35c35a15d1b6b288d3c381c1292418c36dc89e2fa0b3a37

                                                  • C:\ProgramData\Solara\bin\version.txt

                                                    Filesize

                                                    5B

                                                    MD5

                                                    37aa1f84af14327f56844e2a6e046b8e

                                                    SHA1

                                                    4ab41557ec631ee3866c62a76f31339f95da5c40

                                                    SHA256

                                                    800febbfd5e51c2df3529c3dbd5ac3216cb3485be40ec10c9f9168382c4bfcd9

                                                    SHA512

                                                    ef7237d3f954790262bd73f129fda3db2fa7c3b4f9eb827d46d38a033c3198ed1e4921374a9d66a523de7d13bc5754e462b69dab93d7e62827453b0d813ba7de

                                                  • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                                    Filesize

                                                    64KB

                                                    MD5

                                                    b5ad5caaaee00cb8cf445427975ae66c

                                                    SHA1

                                                    dcde6527290a326e048f9c3a85280d3fa71e1e22

                                                    SHA256

                                                    b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                                                    SHA512

                                                    92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                                                  • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                                    Filesize

                                                    4B

                                                    MD5

                                                    f49655f856acb8884cc0ace29216f511

                                                    SHA1

                                                    cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                                                    SHA256

                                                    7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                                                    SHA512

                                                    599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                                                  • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                                    Filesize

                                                    1008B

                                                    MD5

                                                    d222b77a61527f2c177b0869e7babc24

                                                    SHA1

                                                    3f23acb984307a4aeba41ebbb70439c97ad1f268

                                                    SHA256

                                                    80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                                                    SHA512

                                                    d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                    Filesize

                                                    649B

                                                    MD5

                                                    b0bfcb7b1ff64a4d199469c9378ffe79

                                                    SHA1

                                                    791af5a967e10d4afbed06f6236cb3f43be286a6

                                                    SHA256

                                                    88dbac36fb8b2279f38dd28405d7d74666c4ca1e71b48daf740a211d7395bef9

                                                    SHA512

                                                    285f76b1714db1f784e39dcb4abea956bcdf5e148fc976327db6e9589ee5d3cc5f07fed3853df1acb4b6a0de416ed35561bf53f9a115a29b0e86bf9de1173f85

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

                                                    Filesize

                                                    851B

                                                    MD5

                                                    07ffbe5f24ca348723ff8c6c488abfb8

                                                    SHA1

                                                    6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                                    SHA256

                                                    6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                                    SHA512

                                                    7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

                                                    Filesize

                                                    854B

                                                    MD5

                                                    4ec1df2da46182103d2ffc3b92d20ca5

                                                    SHA1

                                                    fb9d1ba3710cf31a87165317c6edc110e98994ce

                                                    SHA256

                                                    6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                                    SHA512

                                                    939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    19cab8f9cb6e648eccedde26235d2e34

                                                    SHA1

                                                    727ed897f619e3529add552c138276bab1fb10c4

                                                    SHA256

                                                    9e7a05def517706d79eb86578bc4682dcd07a82391cd6e29abecf01220d84d85

                                                    SHA512

                                                    1f3324b26ad72efe573b809df52971a186279c3855bb69df4772c4ad05587d6cdfd4e0dfc4698f7ff48eb9eb9630f9e9f87714f1693dda54babe149e54e3ee47

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    dc611ea018fc6f5d40dd0ac920f70b87

                                                    SHA1

                                                    f77f427ac65024bb674ba83405dc42efda537287

                                                    SHA256

                                                    073617e117209ada9cc0818b08d69470212b17c22837d2c79b70dd0209093103

                                                    SHA512

                                                    8be7d9375923f957940f36ed59620ce5d1efa498d7282cf26c11e5a7ac20d40cb281c0031fb0ba86fb4b151eabe580c20431557f6df1ae703021ec1e446ae71e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    b0b9751484ed31c1c2b978fcb9c256a2

                                                    SHA1

                                                    ebdaffb0432d367f6bffa7184fdaac6dc1225308

                                                    SHA256

                                                    fd95f18be2c6319464c3d88e8993dd269797f3dafeb44a8d622fd42420f2bcde

                                                    SHA512

                                                    fd826c1b0d43a1bffdd534e6071269061d3d7dff50364bed99c4c061f93f19081fd3eac03f0769af06e131401cfe92e9c31c08dacfd151652e706bd0ba003f7a

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    780edae5b3d51150c67a2090aadca660

                                                    SHA1

                                                    61657a9f5e80cea1b6fc9727bee848102b267689

                                                    SHA256

                                                    be4b04505e4cbbbd6a91fb3a19daf7a7f3d635d1a765524da2ffcb59bd98a10e

                                                    SHA512

                                                    00e3c8e3131736d493a621db64a27fc6a0b0c06e6d2a13212eace990fd708ef59d6ff9aacb41107dcd7f3de69b6cd493c6a5a61ddbb76fc3734370e9411d6d0e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    b23aad61def5f0a3b8713d4055ecf0c8

                                                    SHA1

                                                    67f7a49dbff370d2be397f547de05611bc05f02f

                                                    SHA256

                                                    3b92300a18a7bb3f7532a218e0c9f94f0a1c0ae7838f44935d74f11d9deed925

                                                    SHA512

                                                    87807d0ba1e13511d9cc5008516983fcc08c95dab8f1ed4e757e09a658f11dd3d064cc27240ad81af549dceba101b8eb2c69bd398fe3c235c39452f345634557

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    b53b4967559c70768d65110454c5a96b

                                                    SHA1

                                                    eef4af23d189dbe733543abc5231a12bdb00a2c0

                                                    SHA256

                                                    28f27cf7bac3e25cbf6d7c11478d170b6714cbb50b4309799a77228303084884

                                                    SHA512

                                                    46893c6e45de349480b5646901d2748f0a943058843c845153f3cbc166430ff43b83e65cf1bcbdf8f831519fe881a89c0d2c31fd9758603a5615e1050af8ee65

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    22f48e2959ed7ae1476922bd5f9833f2

                                                    SHA1

                                                    6e2c748f62b7bb43dd7eee4280bf66dfc8e746e7

                                                    SHA256

                                                    4ba438dc5a159302c7342cae0da467f2776855905e517ec7c1d9e0bab769ac06

                                                    SHA512

                                                    4555e990e900e88c75a725d01349a74c70ba2ed8a1cc742d1b953dce3fad40be39252ab6fcbe246086ba2991fa283257c1b181df1469b5bb192829a5b0885d85

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    d712848d28bc7236c304adf31e8eb202

                                                    SHA1

                                                    5eb3cd842854cc1322c47d56dd2b2313810a5ef6

                                                    SHA256

                                                    ac25374c01bf3151f79877d1e87b8f5e8b85ade2e43b9a72e9c901fc14bf31f9

                                                    SHA512

                                                    427a5ed6c41984554eccaff555f75ef711ab1f398687d981a3e98c5f3cda18e7c55d20d657edcff636b10bb7b0626638e22aec2d79e68358f272b5783284e847

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    6805d439e0b709fb1fb73b459850d36a

                                                    SHA1

                                                    d6cb399a7e8671d896a00afe7af176e1b6b51e2f

                                                    SHA256

                                                    69fc5dff47b0ad53ad5be3eb1b4f7e6e66d7867353e21163257b157e9fd9ad87

                                                    SHA512

                                                    3cb5b696389757f181dbb4477e1027846a621ab8ae6f02c9a6429b1ce385e2bfa2c09f0004e13bba7b5c00a879daae41418a098c8776fc9cd9ebb2b560a5475e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    e4bf8bf7973a95deba591dd7169e0400

                                                    SHA1

                                                    af28624d01fc3b68041134e2467f8396803f9c25

                                                    SHA256

                                                    ca4c4bf00145dcff5b74df73474fc136bf82be1dc503ed55aab33d2800db5a0a

                                                    SHA512

                                                    34b11b5c659a254b70ad5b75625d18e6991187301ae1c815e374970a3c98bb6f9d13ea65a507f4700995aebcf2668d9313c5ae5d796df5acad871a7a89477beb

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    747f8f4c9c6e7695f3b7ccbe5fe51e23

                                                    SHA1

                                                    0eb9918d1832c66a5066f9000efef610a84c4a32

                                                    SHA256

                                                    b05e09bb3fefb892cede7bd548b22826d93a88332fd2a3d047678130d9544114

                                                    SHA512

                                                    b129a39fc96a46ea39488b9c554d522f44f29f2538e926fe1c77b6b8a3dd6502f0f7c39d0f6ee64914ef38de3a9fb14948035589d6809458f6cd9d7cf8ab1049

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    6631db9a3b9b5a6ebb7a8481b3f4446c

                                                    SHA1

                                                    045142975d9e20983d52e4eb00671265b7734905

                                                    SHA256

                                                    e303b3765b8215bb331d41d0906c9f1438dd23892725f10d9d3a3b24753521d5

                                                    SHA512

                                                    e93730ee5df628e53311b298b9429ea1f2cffd11b225eec4155fed53c918974a5612e9443344306895003a998b07c5bf2a2fbedf17cba413cf0467dc9cd6eed1

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    b54414dc257b2e5d72a5e40b639fa482

                                                    SHA1

                                                    5359f82c6bbcd16b1e0153a9a39abe754d5e50ba

                                                    SHA256

                                                    b7e283f0557bbb107bef85566ad3fd7b29c205c842bd2e062d2870caeafa5c3e

                                                    SHA512

                                                    60363f20af6340cad2808874277068a14d36a639ce0b65ac12ddaf3493ce2aef8d3522e99dc01e9f6b88249d77b3cbbe3ccd46440b5214ee9848fef7276272c6

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    c74c7ae36af86750caab000260ddf623

                                                    SHA1

                                                    b7a1109b0c55b1664d66d33cf7c1acfeb9bb1036

                                                    SHA256

                                                    9dac8192daa886d5905bd6ee7c6a993969fbee94f8899eaeb789d5059ac7e014

                                                    SHA512

                                                    0757748ff759f884308de89df12844927975aefacf634f0a32ce4a6906bd642639b2763765fb7e544679d8708b8c4e3ce0ef661d0a20964baa342bb53e76d7dd

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    55c1d4714897c5f68931e355f2a55c86

                                                    SHA1

                                                    7810edef81ff3be6702de46dd4376a0530a01f61

                                                    SHA256

                                                    509314109232fb24a68663fe7da7f3a3f8c1669bed4417af92a82df5b59ba259

                                                    SHA512

                                                    0b0aed41bfa943b88ae667c7d3acdf2881d24dbdfbd226c43a8848a4b40e9dc02533c88f323e65bf36926080900850dfd9710f7f188438b95f8dfbc30cf0b1d2

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    87ce9010c0d04a3216b85cdbd210bd0d

                                                    SHA1

                                                    ceb6607fbac669a33c93dcfa520ccf3c713938fa

                                                    SHA256

                                                    e7253605ed6423280ae0f03945a3dd1ab2d161b1101931a1959dcc569169c980

                                                    SHA512

                                                    b3ea2f170eb3e85e31997a5e852156d4410c5ebc21b6b164fd301fe529b2a4107c694d8dd467ae37c26cb2b8fc0e9b0865c51c6267a30d62ef68db274c8f751c

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    133b4096a3ae5ea1beface2684df2e57

                                                    SHA1

                                                    57e43820b42d39395b05e77d3bcd8c66cb9d4273

                                                    SHA256

                                                    270b004e309a9dd7b8d96c385a13e51874bc2c7baf9d64f462bc79cfc7f7db2a

                                                    SHA512

                                                    3bc2c5288d1e63068b4f486547fe7de7303caf0e4bad9b2b1bcfb293789b42f28c1396aee9f365923bfec4a95369864923ef9cec3964ef6ea121427820ae8a1c

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    043772adc96c2a21c0c27cfcc746df40

                                                    SHA1

                                                    bd938284b1b46b5d7f72d22b80362d9ca9b15c6b

                                                    SHA256

                                                    1f3b90c8f162f42e5f2d5b0d4e4c0829efe7754290ce4539c52efd74e6f06666

                                                    SHA512

                                                    afacb9779f69c0bdd73afb301c20d76c84691905f7689dbc1d6c12f67665c2b5a1df63999ebabd591cd85f80be768c64afbcbd531ded20b866643e1fb52416cd

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    97fc105ae4abb834ca0116024af9c041

                                                    SHA1

                                                    225f4d0df35bc2a1167e447c1a812e3ced0496f9

                                                    SHA256

                                                    3d18a201af62fe2eb3b1804447803d2d892c54ba92b19cd94368db415fcd8a5e

                                                    SHA512

                                                    3be236c25aa17aa8513fed62dffd580dacfa305b0fb65ce19617dc1d7cf04d1102baf1c68fb66dc96edc049cdea66a52760670baa6168ec592e9472a4522373b

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    a3d8ed8f142aea9937bef1ae21982bc6

                                                    SHA1

                                                    4ac8531b8416dc234f02a2ea8c2d79bcb273e790

                                                    SHA256

                                                    ec95cb0c5215fbe9e6c449aff7f697b94693920e4a4779ff4deefbeb993b8117

                                                    SHA512

                                                    0b849e58d30ee860c85e0e182ec869806e6516a212fd6cdcc95611617258959452182c7f4c92261ba840ddfe441d2ea68b5716b69e9ee270b86bf63a6d008e54

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    86fdb0993bc18007a4f5577e92fafbd6

                                                    SHA1

                                                    e9971311cb9f1e93272a2cb6429dfc6c5aa51c22

                                                    SHA256

                                                    5374fd94bcfa6b92b3d910c335244046a3e8851af1bbf0b84ce7c8207409ddf1

                                                    SHA512

                                                    f2762e580b318cfde2d9b76ee53c282dd5e4a56039878f5dd6b7ddc80f094c47c90b360707b67c57b51886de8625619284faf95f45342fd885b7423a317a4494

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    8ac622adfba61f5ffab6509786328a35

                                                    SHA1

                                                    c2b0b20b485d21dc5fd3e59ae2c3d46a8ae83411

                                                    SHA256

                                                    336fc3a12fc5e4b554c11de8ca535e0aa6ade28c458672cb68b12869f61d14aa

                                                    SHA512

                                                    9b5779fc087184e399d297f6767d9017a85bed2de71bf53c3637790fcf3d9191366890b54f7ca390333014f6f4eb56b256e69ec1fcc63c2c79df24237c0e8b02

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFe5c8d53.TMP

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    c7afb78fada900d8170c8eae72ecb58f

                                                    SHA1

                                                    e7b801086d2e250bb4763a417fb859cc59f48676

                                                    SHA256

                                                    7f3ea186b3b2ae4d4f3d48e62b59c9546439bd9806347f4ea0c61cf4d7d5acdc

                                                    SHA512

                                                    13a1507e4f3833a4f33605d79e1e91de18cbc1245e85da6360be1a75f80027505cc231f4c3d27c834b48aab23946b7a6ddd7bb99c4254de98880da24953e5c60

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                    Filesize

                                                    15KB

                                                    MD5

                                                    26e3a9c88d94ec72f22b5d2ff1dab75c

                                                    SHA1

                                                    79b9f8c3519f6d5d09b5ea970c21676fe85089d6

                                                    SHA256

                                                    2317ae515bd87670c35d99e906871960f76399862ddd6e34ad7ab3ed183a373f

                                                    SHA512

                                                    757db3782cc94e1edc424827da845dbe3ef8026ecdf303ffbbf64952fd0fd7571a93594162d9994c76b6829f6d546478cbdf18c650cc7a894ed7e70b098c9f94

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                    Filesize

                                                    72B

                                                    MD5

                                                    966e39fb58459f234ef98a86b2841a4b

                                                    SHA1

                                                    6d2a70cca825a8a2ca77cafd27df119cfd8bdf12

                                                    SHA256

                                                    20517d117a67d84f1823eb3668b030aee28237167394a667bb2b5062a0126b30

                                                    SHA512

                                                    7035b40e943180b05df34fc7cbe2d85992edde8df05093a21b001e64f50b504be1c9c41311ec43a34cfca96aab2554d632967c55726cf3b6a5f8bca1931ee2d5

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    233KB

                                                    MD5

                                                    19a55f9f6fa8fcd28b485f653d0399cf

                                                    SHA1

                                                    d739abfb26b711f0e14bbb713e205c618f98a838

                                                    SHA256

                                                    8be755a41436f1a9f996c1f2196fae45c867cc8270fedcfeccb08ec0846c12c7

                                                    SHA512

                                                    2bdfdf3e34409cea8f1cbbcd744864b03c7b0f2caa2ea116333430717e60e130a29a30619c7e101d7b03c86173113c0507fe33d3c580a075479ecfa1f34df80e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    233KB

                                                    MD5

                                                    5fd5ecc9ce20eca0fc90ef340b9f19e5

                                                    SHA1

                                                    859e3128ac3a5d3c54cd973059478b9956e8e124

                                                    SHA256

                                                    e17d5aa9ce9ec8c7fb3c521426d98fcca0b4d5455b1c26c17f8a52c0832a4c64

                                                    SHA512

                                                    b2bdd1d386e10515fb4e1e90ab4e80ad7390b0a8c962a409069ce204b2a9fee51582b26de2b03b75f594c485fbd92db8fb3d24df95e0ba58b04aa452460bf8d8

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    233KB

                                                    MD5

                                                    9c8e86a6eeaf930ed855c80bcf5cbae5

                                                    SHA1

                                                    68bb04d016edda1aae70a74c3b94e0a960318485

                                                    SHA256

                                                    d4ed8df8a1dc4cc411e0760382dff32a681a4492c447babf4de74fb2552ca0c3

                                                    SHA512

                                                    765e88405738c3863110106654fe7f2ee4b1aa0c33f9d5554f72fa764ba96875a90c13c4ca160ab4f5e590a147d285efba740922bc0e40bfc4dd160e37e2ebd6

                                                  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\BootstrapperV2.04.exe.log

                                                    Filesize

                                                    3KB

                                                    MD5

                                                    5733c3b9a719d2ded8760ccebeffd150

                                                    SHA1

                                                    971d77338f9745f1977f5593878cd74f70680a68

                                                    SHA256

                                                    5b18dcba1a77565d3d2fae4b2a5f5692dc12fa02844959ed93f7e5a0982824ab

                                                    SHA512

                                                    3fd0ccd54213024bdf945dd058a8cef0cb0291982a7248fb9f02acc31d4e1904ceb1eff1285a0a9f4608b578adf198e8209c201fa35f24461f05349a6b3a93a9

                                                  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Solara Bootstrapper.exe.log

                                                    Filesize

                                                    1KB

                                                    MD5

                                                    9176955f987353c5ddb05c21fb80f926

                                                    SHA1

                                                    421986a60bc208169097b09332f5f0b3a46550c8

                                                    SHA256

                                                    d6049eea46205fc0128c8672db4aec0386e0a8425679d62741a33ca79e272de9

                                                    SHA512

                                                    126c6468eeabcb2f8303ba3a5dda401de178de9e5aa00683f2ba7006dff3845890fcbc5be113bec5fee6ed2251a947271f565a4795e406c61c17392533c34d49

                                                  • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\304b3477-4f6f-4b89-9af2-a21f405a3277.down_data

                                                    Filesize

                                                    555KB

                                                    MD5

                                                    5683c0028832cae4ef93ca39c8ac5029

                                                    SHA1

                                                    248755e4e1db552e0b6f8651b04ca6d1b31a86fb

                                                    SHA256

                                                    855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

                                                    SHA512

                                                    aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

                                                  • C:\Users\Admin\AppData\Local\Temp\BootstrapperV2.04.exe

                                                    Filesize

                                                    2.8MB

                                                    MD5

                                                    be4da425d9b7593e358ffbfca29f9c70

                                                    SHA1

                                                    dc98530aad9728d779866ae957a738c52b13a565

                                                    SHA256

                                                    c5277ddb6e51181d2b8bad59acf5f2badf5613b1e73384a84b793f720aa76c0d

                                                    SHA512

                                                    35790944f5855038f8357c0f6d11ea81b260632e590c26f9342e8beb1a8dfd2e3eb9efa11f8378f8542cad45e7675af3d29cf27424accf35aaa6aeb34487155b

                                                  • C:\Users\Admin\AppData\Local\Temp\scoped_dir2456_1735163115\12ac582b-895a-4876-acb9-e293c2931882.tmp

                                                    Filesize

                                                    150KB

                                                    MD5

                                                    14937b985303ecce4196154a24fc369a

                                                    SHA1

                                                    ecfe89e11a8d08ce0c8745ff5735d5edad683730

                                                    SHA256

                                                    71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

                                                    SHA512

                                                    1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

                                                  • C:\Users\Admin\AppData\Local\Temp\scoped_dir2456_1735163115\CRX_INSTALL\_locales\en\messages.json

                                                    Filesize

                                                    711B

                                                    MD5

                                                    558659936250e03cc14b60ebf648aa09

                                                    SHA1

                                                    32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                                    SHA256

                                                    2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                                    SHA512

                                                    1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                                  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    047beda7aa94db87563dfd51d2da918e

                                                    SHA1

                                                    b06283de961fbeea56a7ba240b768c69f0250c9d

                                                    SHA256

                                                    e562363072c05604a4936639909580ff4243ef2f60f59c574544e1df0efe7752

                                                    SHA512

                                                    39bea3b7941683bcaee9d6883c3bbeeb1360d6f141668580eae93bf5f91fcee141b7c979b4d38c68736904393cf7981f19efa6e43c09e5f1195619fba874c598

                                                  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

                                                    Filesize

                                                    7KB

                                                    MD5

                                                    466348101d42c80439b9683a1dcf5790

                                                    SHA1

                                                    cc181f0e71a15e7d77fd926c053bebc331af26be

                                                    SHA256

                                                    b655a081bf191d21a82186c8995a2c066d4c47f3a1ca4774bf8b1bbdbbb91373

                                                    SHA512

                                                    3071c52e43519c027fafce804458daf51ec12bfa1907b87863216b85212d888ea2b367ff8edb6df6faccd88a6094d681c3f3a4d6d81b0c46003e25458917714f

                                                  • C:\Users\Admin\Desktop\CONFIG

                                                    Filesize

                                                    79B

                                                    MD5

                                                    0284fa0391784125ad3b12be8c92c6ae

                                                    SHA1

                                                    e4fe938288c6804d9c79947ad2e39939a595e9f3

                                                    SHA256

                                                    789075b8c810f2b63f86dd1f8b7be836178ac679a32f2cb2376e013bc78c68c0

                                                    SHA512

                                                    9dd8db4e0017ae906e7c4178a54ea16f03aaba4c17658ed96fc384d2cd51f44c6e514872ba5c7e5f43131eb4d25c063531291d70dfab4422260585742a37e235

                                                  • C:\Windows\System32\Recovery\ReAgent.xml

                                                    Filesize

                                                    1KB

                                                    MD5

                                                    43bd07521d1851731a58ea3c89cfbaad

                                                    SHA1

                                                    7613ebf463a84d8f1e82d2e8e849180647eceeb4

                                                    SHA256

                                                    aba833d73949894de31f26fdc9416ff52cd069e9e6fe049d46a947f39a732b31

                                                    SHA512

                                                    d0045ea6705d1953c83ecc5493411eb9655fd0b8264c4f546ca102d0056d85841479635e2a9241f59dd2f1f529b48378e9759fe0bb39c4ced73edacc1c3fb498

                                                  • memory/1584-18-0x00007FFA306C0000-0x00007FFA31182000-memory.dmp

                                                    Filesize

                                                    10.8MB

                                                  • memory/1584-0-0x00007FFA306C3000-0x00007FFA306C5000-memory.dmp

                                                    Filesize

                                                    8KB

                                                  • memory/1584-2-0x00007FFA306C0000-0x00007FFA31182000-memory.dmp

                                                    Filesize

                                                    10.8MB

                                                  • memory/1584-4-0x000001F69E2F0000-0x000001F69E312000-memory.dmp

                                                    Filesize

                                                    136KB

                                                  • memory/1584-1-0x000001F681B90000-0x000001F681C5E000-memory.dmp

                                                    Filesize

                                                    824KB

                                                  • memory/2136-455-0x0000020B73BB0000-0x0000020B740EC000-memory.dmp

                                                    Filesize

                                                    5.2MB

                                                  • memory/2136-458-0x0000020B73920000-0x0000020B739D2000-memory.dmp

                                                    Filesize

                                                    712KB

                                                  • memory/2136-456-0x0000020B73860000-0x0000020B7391A000-memory.dmp

                                                    Filesize

                                                    744KB

                                                  • memory/2136-453-0x0000020B70D60000-0x0000020B70D84000-memory.dmp

                                                    Filesize

                                                    144KB

                                                  • memory/5036-24-0x00000229D3940000-0x00000229D394A000-memory.dmp

                                                    Filesize

                                                    40KB

                                                  • memory/5036-21-0x00000229D3960000-0x00000229D3998000-memory.dmp

                                                    Filesize

                                                    224KB

                                                  • memory/5036-23-0x00000229D3FF0000-0x00000229D40F0000-memory.dmp

                                                    Filesize

                                                    1024KB

                                                  • memory/5036-22-0x00000229D3930000-0x00000229D393E000-memory.dmp

                                                    Filesize

                                                    56KB

                                                  • memory/5036-20-0x00000229D38E0000-0x00000229D38E8000-memory.dmp

                                                    Filesize

                                                    32KB

                                                  • memory/5036-30-0x00000229D4120000-0x00000229D4128000-memory.dmp

                                                    Filesize

                                                    32KB

                                                  • memory/5036-19-0x00000229B5480000-0x00000229B5490000-memory.dmp

                                                    Filesize

                                                    64KB

                                                  • memory/5036-37-0x00000229FFF30000-0x00000229FFF42000-memory.dmp

                                                    Filesize

                                                    72KB

                                                  • memory/5036-35-0x00000229CFEA0000-0x00000229CFEAA000-memory.dmp

                                                    Filesize

                                                    40KB

                                                  • memory/5036-25-0x00000229D39A0000-0x00000229D39C8000-memory.dmp

                                                    Filesize

                                                    160KB

                                                  • memory/5036-17-0x00000229B4D10000-0x00000229B4FEA000-memory.dmp

                                                    Filesize

                                                    2.9MB

                                                  • memory/5036-34-0x00000229A0010000-0x00000229A002E000-memory.dmp

                                                    Filesize

                                                    120KB

                                                  • memory/5036-26-0x00000229D39E0000-0x00000229D39E8000-memory.dmp

                                                    Filesize

                                                    32KB

                                                  • memory/5036-27-0x00000229D40F0000-0x00000229D4106000-memory.dmp

                                                    Filesize

                                                    88KB

                                                  • memory/5036-32-0x000002299F440000-0x000002299F4F2000-memory.dmp

                                                    Filesize

                                                    712KB

                                                  • memory/5036-28-0x00000229D39D0000-0x00000229D39DA000-memory.dmp

                                                    Filesize

                                                    40KB

                                                  • memory/5036-29-0x00000229D3950000-0x00000229D395A000-memory.dmp

                                                    Filesize

                                                    40KB