Analysis Overview
Threat Level: Likely malicious
The file http://www.nitrome.com/games/flipside/ was found to be: Likely malicious.
Malicious Activity Summary
CryptOne packer
Downloads MZ/PE file
Loads dropped DLL
Executes dropped EXE
Checks installed software on the system
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
NSIS installer
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies registry class
NTFS ADS
Suspicious use of WriteProcessMemory
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-25 19:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-25 19:09
Reported
2024-12-25 19:19
Platform
win11-20241023-en
Max time kernel
562s
Max time network
564s
Command Line
Signatures
CryptOne packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
NSIS installer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\URL Protocol | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\TacticsTechnology\\SuperNova\\versions\\0.1.23\\SuperNova Launcher.exe\",0" | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\command | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\ | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\TacticsTechnology\\SuperNova\\versions\\0.1.23\\SuperNova Launcher.exe\" %1" | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\ = "SuperNova Launcher" | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\ | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\DefaultIcon | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 936896.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://www.nitrome.com/games/flipside/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe52043cb8,0x7ffe52043cc8,0x7ffe52043cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1960 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6628 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
C:\Users\Admin\Downloads\SuperNovaSetup.exe
"C:\Users\Admin\Downloads\SuperNovaSetup.exe"
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe"
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp" /S
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Low" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\Logs" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\openssl" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com" -low
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol" -med
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.getsupernova.com/player_installed.html?rnd=856491
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2092 /prefetch:1
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004F4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1224 /prefetch:2
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe
"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.nitrome.com | udp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| US | 3.167.227.124:80 | cdn.nitrome.com | tcp |
| NL | 146.185.171.14:80 | cdn.cookie-script.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| US | 54.176.168.66:443 | www.nitrome.com | tcp |
| US | 54.176.168.66:443 | www.nitrome.com | tcp |
| US | 54.176.168.66:443 | www.nitrome.com | tcp |
| FR | 142.250.178.130:80 | www.googletagservices.com | tcp |
| FR | 163.70.128.23:80 | connect.facebook.net | tcp |
| FR | 216.58.214.174:80 | www.youtube.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 8.8.8.8:53 | 48.66.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.128.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.201.250.142.in-addr.arpa | udp |
| FR | 163.70.128.23:443 | connect.facebook.net | tcp |
| FR | 142.250.178.130:443 | www.googletagservices.com | tcp |
| GB | 151.101.188.157:80 | platform.twitter.com | tcp |
| FR | 216.58.214.174:443 | www.youtube.com | tcp |
| US | 54.176.168.66:443 | www.nitrome.com | tcp |
| GB | 151.101.188.157:443 | platform.twitter.com | tcp |
| FR | 216.58.214.174:443 | www.youtube.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.244.42.200:443 | syndication.twitter.com | tcp |
| FR | 142.250.75.246:443 | i.ytimg.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| FR | 216.58.214.65:443 | 8c201877ce7615d53c45245665d9a3cc.safeframe.googlesyndication.com | tcp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| FR | 142.250.179.98:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.179.98:443 | googleads.g.doubleclick.net | udp |
| FR | 172.217.20.198:443 | static.doubleclick.net | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| FR | 216.58.214.74:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.215.33:443 | yt3.ggpht.com | tcp |
| FR | 216.58.214.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| FR | 216.58.214.162:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | tcp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | tcp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | udp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.214.162:443 | ep1.adtrafficquality.google | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| FR | 185.93.2.246:443 | cdn.getsupernova.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| FR | 143.244.56.49:443 | cdn.getsupernova.com | tcp |
| GB | 104.91.71.79:80 | r10.o.lencr.org | tcp |
| FR | 143.244.56.49:443 | cdn.getsupernova.com | tcp |
| GB | 23.46.72.175:80 | airdownload2.adobe.com | tcp |
| FR | 143.244.56.49:443 | cdn.getsupernova.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| US | 54.176.168.66:80 | www.nitrome.com | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | udp |
| FR | 216.58.214.174:443 | www.youtube.com | udp |
| FR | 185.93.2.251:443 | www.getsupernova.com | tcp |
| GB | 23.46.72.175:80 | airdownload2.adobe.com | tcp |
| FR | 185.93.2.251:443 | www.getsupernova.com | tcp |
| US | 13.56.173.251:80 | www.nitrome.com | tcp |
| US | 13.56.173.251:80 | www.nitrome.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7bed1eca5620a49f52232fd55246d09a |
| SHA1 | e429d9d401099a1917a6fb31ab2cf65fcee22030 |
| SHA256 | 49c484f08c5e22ee6bec6d23681b26b0426ee37b54020f823a2908ab7d0d805e |
| SHA512 | afc8f0b5b95d593f863ad32186d1af4ca333710bcfba86416800e79528616e7b15f8813a20c2cfa9d13688c151bf8c85db454a9eb5c956d6e49db84b4b222ee8 |
\??\pipe\LOCAL\crashpad_796_QZIBDKDIOEYOQIUM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5431d6602455a6db6e087223dd47f600 |
| SHA1 | 27255756dfecd4e0afe4f1185e7708a3d07dea6e |
| SHA256 | 7502d9453168c86631fb40ec90567bf80404615d387afc7ec2beb7a075bcc763 |
| SHA512 | 868f6dcf32ef80459f3ea122b0d2c79191193b5885c86934a97bfec7e64250e10c23e4d00f34c6c2387a04a15f3f266af96e571bbe37077fb374d6d30f35b829 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 44b6b7b0386d43ce23521bda8480cbed |
| SHA1 | a1a4cc8345bba9e632c8d1aedd0e33555808c487 |
| SHA256 | d3074c3dc537839f0983510ace5140978ddbedd31dc763824aaf446d21cc4fd5 |
| SHA512 | bd0e7c16c0f2ab1dd2cfe643f9a2549c41f9dfc514f42bab396df4248f40f9c1afcb62815214570be2cbd75c719c0ca25a31134226bb21a0fb27aa2bc3236981 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9905c3e5d8102ba769d8491e9e45a6b3 |
| SHA1 | b57f513533c1b51bb888ea188326acb314681575 |
| SHA256 | b97fb5e898ea6b053f35f877e60032afb4e0351b0d09c5fc0350d3c45b8abe47 |
| SHA512 | deedb6a7476b9f57b1e3e7734dbc0b187711b65070eb5342f5dff92fa9a6a610804a728a98a864a98246b1784e2073746323c94f8cdac7f1c54e16d5e8c75f24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ae2a760f3e7d2027bf6bb79baa1df5be |
| SHA1 | c7fd03a746a8aa9590ec665a9ea750a369cfa583 |
| SHA256 | 51e3d292d5ad43a463d5fbb410716845f63d7001003ac6c76133795db274c8fc |
| SHA512 | 146695e3a7f056c20b04ff478a7695d69cab284f6eb8e85b5eb938904c987cfc78e2bb291ac9cd0c2b3810f5aa1159443ee393c787b80b90e81660884adc5341 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a13e930e18f98b535d13f17796f64ac4 |
| SHA1 | 5e3d9cc812f51fb463edffb533699c7bd56bba2b |
| SHA256 | 2432e0cfd7295adef4802efd625881ed18c4175c36c8b683ece4532425bc27c9 |
| SHA512 | 6a10ebcb8c6c269159fc9848045613d8de3c6e53fa6d916dd2591267ad61cba317f73332c2aad7ea97d050f695af104a68a20b7fc73a0f245e4c5ccee52da506 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cf0c01624ae1788ea9b93f1f2f697c38 |
| SHA1 | a27346945f54bca58f961d86590a5228c5a3f354 |
| SHA256 | 768f4b6de56c3589291db29530cb85faa93421854bcffe15ae54347bbf9068ae |
| SHA512 | a9fc9fcd3e62558e46c483afa746d6afd16daa6499b3d0e091ca022f236bfe9596928b76d4c080e17d47a24aea262ebcf2c2af187fdc44d31f51d1398057e471 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c266a1b2ed06bf73b0ec6deae6f77685 |
| SHA1 | 9e4e8b9db128051ed16444142cd57f736bd7814a |
| SHA256 | 029191970dbb157c0bfcea19a9ff6d77b266ad3fe2103bd5c7cdb3c889b62c8d |
| SHA512 | 78c2da767b4c193694f6cba51238c5e9375c8c1270879a1d29c527fdd0282da4858fcf2b1827ca342bd3a7dbbaaa8fbcfd26e13f6146897fd93e4319932d91f5 |
C:\Users\Admin\Downloads\Unconfirmed 936896.crdownload
| MD5 | 3f6d3ac37364c2d0dfe2169fdad4f6c1 |
| SHA1 | 900f03d3e357e7d877e5c13fa7eee236acddefac |
| SHA256 | e2b12ec20216d087d95c26a1ac3fa05491bab26483ddece7fb575286836863f2 |
| SHA512 | b5802b8406db518cc0c92290bbb47ab7868d6d20b828abbb599bb8aeb5daefce871148fd2c9941275d6319556a4af8122822fcdfc5f63f7b36dd8f0459acae4c |
C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe
| MD5 | a35d5f372f46820311c59840eba6fffb |
| SHA1 | 08617d11d0a0fc063266a64f77ff08b4fc48395d |
| SHA256 | ead1dcfd124fe9005917b375ebc950a9770c49c218236eda7b46c680c015354f |
| SHA512 | 660f662943eb6f11a4f32919c5b6cef320e0a87376ae0344bc7919f825ecb52cea4b47a73ad84b2473eb794a2e32df01ab7f911725da9316d2cfff01d453ef83 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\updater.cfg
| MD5 | ebbfe0dae6078482cd4b29d870c1be26 |
| SHA1 | bbe5e6df53c3dd06534e46cd9877854d9edb65a8 |
| SHA256 | 058b8ea5c883d189db0b3b7bb0f6f2e8b2d0046a10fe9fc2169817627c84f395 |
| SHA512 | 65ff2153e6d2a1a15f0c9dac5e43e887631bbbd1c17e6ba64dcf566127fb4dd43fa2bf61a0dff7158da13e549ea24db56d314185dddfabdab9c84a4e5b788e7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2ed1e191eb71a52852530b91ba827bc0 |
| SHA1 | cd1c370201dc9f7032a8a81a514ca5fc97954148 |
| SHA256 | dcf78856248d7fb51c4dea1596a1d68948a9893556c12637f873c84d6bb1c470 |
| SHA512 | 58f4cda1b3351688bf4cf45b85553d6577ca5bfc0df53a12accdbe89fdbe178b6b6d6780ac5f16ecce3285c4cb671b4c7d677c8dd2a11869a3d195b57a368a19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5c6b54.TMP
| MD5 | f627a2ec58e83f4fbdd663684016020e |
| SHA1 | 2c519609f61f2c141b7833968d697f9f0edc6978 |
| SHA256 | 47f09e3fd045bd11582d8731426b2f3369697682b473c9ffb1b5bccc5a90fa3f |
| SHA512 | 0506d557507f1f939e1833f6c26f6c878c5dd4cb0baad942474f040aa3f41a9794d6f22c10722fb18d6bbf46a6b8ce77954bccbe8b32132cd4aad9215c38f037 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp
| MD5 | 056e0fa934f42e91e1e35a3f5b05169a |
| SHA1 | 369531a2652d9a63aac75e4f3bfc427808eb9bfa |
| SHA256 | c693f1a8407cb117f41b97d4d9eec8faad40ff9811384809941a43801b46a86e |
| SHA512 | 415592c8aeb14c5b19d2be2eb935b732023a31fcd89d5463f9b2ffcefc77d31ed5d9ca0adc50b238c0fb82fdf50b2799c86772b8df80fff357609e43a147582f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 69d7114a284743bb1ded2d0f67379a9c |
| SHA1 | bbbd2c158389a09829e942527e1a1b341ec24338 |
| SHA256 | 54bf0adbfa038ae49d4d046bb3c9de12d199fcbd85a762b90f1f274b7eb880d9 |
| SHA512 | d347ed399fefaf916e9ffdfd559498c478fc721054397f8245d5fcdd0f0e8b40a28312963a7421856a8e494713097f540329384724c4476fe97eaf398ecccd44 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\uninstall.exe
| MD5 | cf9999578a714efab632d767150b67bf |
| SHA1 | dc27eed83f90ea4d8cb2841f6ebf7809cc5d6a48 |
| SHA256 | b2ed0fde11b5fe6489d637a39b280458f5f95595d7d835add0b41a2f82e5c62d |
| SHA512 | 9ae974c62a4d74da67b571d8b5b544cfeef1caa02cb2d098258447e27f8085ad2feeaa827a0f10fc0fdba7c2b1f2830287cc7bb27786a69c837f0b6c8e2dc872 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe
| MD5 | 7e86dbb05df26824ce7d2c2f9a486d2c |
| SHA1 | 4f8be2cf9bcd6c988174da7dfda9955327d0dfb9 |
| SHA256 | 3341873244c2ba4c1e4b71a52992669150d269d93b6e9143e7171f52ef0b0464 |
| SHA512 | 646cab94b68a86a85696490e017b84ed9efa912658981a1638ae10c659238d21c184ede5abf51dee8fd0e53515c16e2c865c49674d902d625bb3d9f041732520 |
C:\Users\Admin\AppData\Local\Temp\nsf8835.tmp\System.dll
| MD5 | fbe295e5a1acfbd0a6271898f885fe6a |
| SHA1 | d6d205922e61635472efb13c2bb92c9ac6cb96da |
| SHA256 | a1390a78533c47e55cc364e97af431117126d04a7faed49390210ea3e89dd0e1 |
| SHA512 | 2cb596971e504eaf1ce8e3f09719ebfb3f6234cea5ca7b0d33ec7500832ff4b97ec2bbe15a1fbf7e6a5b02c59db824092b9562cd8991f4d027feab6fd3177b06 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe
| MD5 | 876eef07cb24f6be1d1f2018efba14ea |
| SHA1 | b7f58fd9a42cd3ef8604ce90b4931f1f4fe4089b |
| SHA256 | 94c007d27b644662dd9abd3b63647c20176ff490db6815eb833d417e1da92683 |
| SHA512 | b2ce892aae0655be4f3cb46d0bba35cbcb97c10269e46e38ad5f6856d2c87bb92a10229b4d5c335d54d3f19be1829fc75ce4837876e0754f766d159382b5966f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f9450c51351811b6c6cb00337b7d0ab7 |
| SHA1 | e37ff4aeccc83d43ffda1b44b895d335007d9c5c |
| SHA256 | 47cc32d0f6fd9c47e2dd6226136016e5b133a75b3163a425becc464ece89585c |
| SHA512 | bda53110d5b2b3b07dfe6af40392b5d44a2bf806fc683700f709ad315f34929f20a03c92fbf699fbaabebca85606fde5d16e5dc68dac10e39dbed38ffad078b7 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe
| MD5 | 0c7c77194bfaaf9bac5d1c721486a662 |
| SHA1 | 430d8a730b43134c6fc6f69cf0120c73e3aa53c9 |
| SHA256 | 9e5245ce1feec92765e5435f6948769abe82458b13f38af55222cef943e22ff5 |
| SHA512 | 40727fb3d35c39ea0bed413679b98b6a6dfba86bc97fbdf3deb5f2fa5e35379ee6f422fcee21899d2ec09c69aea6dcb35c5c198a82ecb932d54f56903e57072c |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Adobe AIR.dll
| MD5 | 9656db174178623376cd257b9b5f0a04 |
| SHA1 | bb2e2b0ade83f80d318f322e8a9ca6515d385f76 |
| SHA256 | 3b96df478e8c2b4c0c8e4caf29212e9c1e92c4b76763ecbffa92591b95322a11 |
| SHA512 | 2410e8d48a18e3355369aca2fc0d11f5802da6dca917d0cf657ea5096abee1017c1876cefb71f27f2c6ab0c30faa6c03c51d776b731b85ad1d01b9d3015e6dde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6d90e20df9d3206113ab184c5f9345dc |
| SHA1 | 79982c7344d9b7c09cc8e9902d81df679523e956 |
| SHA256 | ab50a1960894c4c31fcb82508430ce0c7c20b02dd04c55fcf08c8273f4d24e39 |
| SHA512 | 6f0de09214a8b8b41e09554a6b7ba0486382bffdac87b0b362b3329fc75bf23981390a904c2b92d3373c263c9d14e68b5beb7977bb0f9d8a5234545712604a23 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\application.xml
| MD5 | eae9b1b281e6fbb68db883b00072e793 |
| SHA1 | dedc156acbe4fc853765bbbc4823c45d4504b011 |
| SHA256 | 1edb7155c8de02c1b513287e4d4b7071dfcdfeb19bd8ae1f9b7fc64882a294d9 |
| SHA512 | 62f0fb2a174507ba7c2301d05c331e1695a49507059a31897bc280084e97dccfee31ac225ba738f30001d60d2031c3253f0ad6bcb02cff674b34e7d16e6137b3 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\extension.xml
| MD5 | 48c0a42e17f823f3db6b7e2a119e9141 |
| SHA1 | 43b7146d9ae560029a541eb615a4af580b25c384 |
| SHA256 | e0f532975611b3c959a72cc5a3a33a097a1bf3f75a767382d5602c4a9d573a41 |
| SHA512 | 020c42bee3a23257ab69ca8075b98a65ef42713d340369d64db67f0f139a01b777eada23cc20013b02ac0661446683874a21e8bf69c9bfe66e7420df4d7640b6 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.swf
| MD5 | 0c71fd6b531150cc1548128fbe780294 |
| SHA1 | 1848ccffe578a20a555ba3d3221a5f17a539c86d |
| SHA256 | b230561dc9a071eb7e7a2675cb7ed100b27d255f1a29259ac0ea9a07703b3104 |
| SHA512 | a672fe231ba9d92ac6c8f16c8102dc962fb02678f720023bf7787a21a81d1a694a9fd1dff0bcff3a553817c60ec81bb40b56d5c5c7984ddbcb6e4df24f1c7416 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\Windows-x86\library.swf
| MD5 | fab57d7a0d0bc842b1270517bdb186a5 |
| SHA1 | c99d096698aa47b17c35abbf99fd1cac2e81a86d |
| SHA256 | bed48f838aa6ba611272621f4d30254c2a8efe0e58ddd8e705294b36146bc9d8 |
| SHA512 | 18660e13afbf192e9461034a767a19f1982474267d0ec08caf095ce64a77128a5940d5c9b0b28d3979e613d73332cd9150c71f373aab59d837b2c1c7a0f45526 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\Windows-x86\snane.dll
| MD5 | 276c60dac7f22be30be7af9d6d0fbd66 |
| SHA1 | 703e5dd059f9d4cc80e604fbaaf15292479ba320 |
| SHA256 | 417642ac799380ed60a41681ba460380d81918966db6ec518888b0c57f01b108 |
| SHA512 | bc3ac224257f1e30e4a3daae5ad294dd0ae6cc93f4362c140be6f5beb8a137221ed27dad7a917a99657c831cf641ed294e3da3d8cf8a8107b60e15043e5cb8ef |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
| MD5 | 3938a41f662899c7ded7263c7d4cdef7 |
| SHA1 | e3071e9be236303716a4958f5bb5cde095c9034e |
| SHA256 | ae786b1072adfcd25c013b2f79d28163bfea74d7d5e06f6c227ed73d7a32fe47 |
| SHA512 | 22a89698ff72cba1f35df0488f940e95c563e9fc52efb3638c0fe714484d0d3e09ffe3616ef5e12a6ea72ecc8bfd1598b1661c6ca8e0a329472b23e288ebf429 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Resources\WebKit.dll
| MD5 | 92b06d7ed7a1c3a47ae7378cd727d1ae |
| SHA1 | 372b950fe0438ae9858a2fad1ab2223f0cfe3c15 |
| SHA256 | 6277b7970e81c0b3c635d1d01668396493a96c906314e4d5206a8ff4a42ccc6f |
| SHA512 | 0eda1ea2c5f40b2f517f88ac9a8fab6a523f22accf959950ae0fa22a5292fc63fffb09548cad031a32ffc4b388bcd781a9881aaa3bccdcaee336b52e80d9a342 |
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#Security\FlashPlayerTrust\air.1.0.trust.cfg
| MD5 | 7ddf5ed9f3df13943aca2577c832266e |
| SHA1 | eb3b03a44cba9bb3f0771f81042decc96dda8392 |
| SHA256 | 6a075184a25b4260ddcb9619dc133f890acbee0b8cb7bcd7bb76d04013d163a0 |
| SHA512 | 2c67437835749e9a6f4e8b8bab7a53ea6a3020bb0429bd9f2570439e19ef75071816e80d0c11213b521bcf4936dd9199745eb48004a530ae979b44aacd3737f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb9708601e8411abe06a5de418590249 |
| SHA1 | f67ce7583150e7ba3ac19ed288c9a42ef5563485 |
| SHA256 | 39435356f99841b0d14b813a1a704ff0cc3168356abe70d30251a8da7fa802af |
| SHA512 | 0243d607619ccbc93c2d8e775cca4df344e1cc20e964f1eea67a6fda37de98ddbcb63cb83fdce101f49411608e2e3e6dee82d7cfc3886c92f10c37f7b1edf755 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6081b1b5294c1ef230776d41eed271c3 |
| SHA1 | 4607bd3a51b110e339b0383785c30449a6eaf578 |
| SHA256 | 81b1e15400441d2fc0c305b53221da4e941620d5602be3ca447c424877e58b02 |
| SHA512 | 1c70eeeaafa07f6af4db9e92e8a321f6c5c940fa4aa905a1da9c4541d4da0ff3a4e62ae538331d9e34e0c325125a98c5eb06638eb97babbddadfe7271724154c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e8cf0d3b05270410d4fb30ea7d81559e |
| SHA1 | 7845343ac7f195d9a6e200654959a7f664cc144c |
| SHA256 | 3177ac0becc35ab786384b028da49def6d1213dceb25a998e9d9a23dd354e2ea |
| SHA512 | 34355238287ef114294a90d91f17be569e5dcc5b389a99b5c1181150d30c6c87933d633cbeee7652039ac27fbef550b058f271529feb4d584ac32da69862cb12 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 1301a13a0b62ba61652cdbf2d61f80fa |
| SHA1 | 1911d1f0d097e8f5275a29e17b0bcef305df1d9e |
| SHA256 | 7e75ad955706d05f5934810aebbd3b5a7742d5e5766efd9c4fc17ee492b2f716 |
| SHA512 | 66aa4261628bb31ee416af70f4159c02e5bbfbe2f7645e87d70bb35b1f20fa915d62b25d99cd72c59580d1f64e6c6b5ad36ace6600d3bcdb67f45036d768ed8b |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 964219fcbf4c1e0008bc5e05686367a9 |
| SHA1 | 685a0b860afbfd43305bc67763e41b296a22ba8b |
| SHA256 | 4f4388ce8c3055db4827ad4b6d7d6ffc7bead99955a3fbe44ab3a5454651ae25 |
| SHA512 | 2745f64b2bd54740a5c1f754785c39eeda9b6b5112707cc8630ba188638442de7c636446f750aeb340905d9da26f96ee4e7f7c96e2b690058ce29d7b6efe8c16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e078408f40d62f404d0f91615fa128b1 |
| SHA1 | abaa0af6ce7629777e0019f7a7feafccaf643102 |
| SHA256 | 52d8378d7860acacbaace8d2bc70bbda5a3e2ce35bb1775aacbcadc779698610 |
| SHA512 | 478265605760bba1f8004c26bedefe20fcac05d47bcbf37d355fa13325776946be38e9fcc3e6d5a10211b301a597ffe038b9bd1947358ac05eb743cf762ae759 |
C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\currentversion
| MD5 | f50b3648cb98ec69ff083bd113389e87 |
| SHA1 | 64ce2b9cc1652d78d995d765a33f694d74f6a2e8 |
| SHA256 | f3ddb4109c5afddab1f3a7ad19fb9450b6629e4247ddfc8d88c8b6f70f04a27b |
| SHA512 | 45c3904c4f5a9802324a165ac597b9388fe23f514d0de4d67196c261a74fe679e75fd003d004659a1a7be094cdc2eb8bbefbe4d0a7dc92558e9c6390999591d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d8195677183663b233448f8cc7a4bd3 |
| SHA1 | f96d51325c82d6100d357b6db124285266cf87fd |
| SHA256 | eb9fd924096b6391082128f2a62f4a1f9332950f3e58c3fd77de3f56a8c70670 |
| SHA512 | 3d5ffea045aad7bf2879ff9b93144f82b566c3874deff1b14f7820da445024fc676dee3debb2234f1fce22f60d6d7a22c1ec3b0db91b7374af660a299b37f171 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 38d986e7bdced2a0a3067e9305e0962d |
| SHA1 | 3f35f169b93b0b9fdc623741c5cfb18939a1ce1d |
| SHA256 | b88ae820ea904305a14b0ff91dcfd93302b4614eb6552ab0372cb7a0b9053fbd |
| SHA512 | 45f23e3cfda75abbc12d12053215793c33622fcd60b91d9d183f6e670f36428e41d30544f3f1e4eb3ad7a1a3184595bafd18b9b904291a6eedc673df31315cc8 |