Malware Analysis Report

2025-01-23 13:48

Sample ID 241225-xt58dstkgv
Target http://www.nitrome.com/games/flipside/
Tags
cryptone defense_evasion discovery packer
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

Threat Level: Likely malicious

The file http://www.nitrome.com/games/flipside/ was found to be: Likely malicious.

Malicious Activity Summary

cryptone defense_evasion discovery packer

CryptOne packer

Downloads MZ/PE file

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Subvert Trust Controls: Mark-of-the-Web Bypass

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

NSIS installer

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Modifies registry class

NTFS ADS

Suspicious use of WriteProcessMemory

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-25 19:09

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-25 19:09

Reported

2024-12-25 19:19

Platform

win11-20241023-en

Max time kernel

562s

Max time network

564s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://www.nitrome.com/games/flipside/

Signatures

CryptOne packer

cryptone packer
Description Indicator Process Target
N/A N/A N/A N/A

Downloads MZ/PE file

Checks installed software on the system

discovery

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\SuperNovaSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe N/A

NSIS installer

installer
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\URL Protocol C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\TacticsTechnology\\SuperNova\\versions\\0.1.23\\SuperNova Launcher.exe\",0" C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\command C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\ C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\TacticsTechnology\\SuperNova\\versions\\0.1.23\\SuperNova Launcher.exe\" %1" C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\ = "SuperNova Launcher" C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell\open\ C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\DefaultIcon C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\supernova\shell C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-4248760313-3670024077-2384670640-1000_Classes\Local Settings\MuiCache C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 936896.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 796 wrote to memory of 920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 1868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 1868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 796 wrote to memory of 5016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://www.nitrome.com/games/flipside/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe52043cb8,0x7ffe52043cc8,0x7ffe52043cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6628 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7148 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8

C:\Users\Admin\Downloads\SuperNovaSetup.exe

"C:\Users\Admin\Downloads\SuperNovaSetup.exe"

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe"

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp" /S

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Low" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\Logs" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\openssl" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com" -low

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe" "C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol" -med

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.getsupernova.com/player_installed.html?rnd=856491

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2092 /prefetch:1

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004F4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1224 /prefetch:2

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1944,15542576340366253781,8230439824052175944,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe

"C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe" supernova://play/?swfurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2Fflipside.swf&flashvars=g%3Dflipside%26ar%3D1%26ac%3D1%26pu%3D0%26dark_colour%3D000000%26mid_colour%3D666666%26light_colour%3Dcccccc%26game_name%3DFlipside%26game_reference_id%3Dflipside&pageurl=http%3A%2F%2Fwww.nitrome.com%2Fgames%2Fflipside%2F

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.nitrome.com udp
US 54.176.168.66:80 www.nitrome.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 3.167.227.124:80 cdn.nitrome.com tcp
US 3.167.227.124:80 cdn.nitrome.com tcp
US 3.167.227.124:80 cdn.nitrome.com tcp
US 3.167.227.124:80 cdn.nitrome.com tcp
US 3.167.227.124:80 cdn.nitrome.com tcp
US 3.167.227.124:80 cdn.nitrome.com tcp
NL 146.185.171.14:80 cdn.cookie-script.com tcp
FR 216.58.214.170:443 jnn-pa.googleapis.com tcp
FR 216.58.214.170:443 jnn-pa.googleapis.com tcp
US 54.176.168.66:443 www.nitrome.com tcp
US 54.176.168.66:443 www.nitrome.com tcp
US 54.176.168.66:443 www.nitrome.com tcp
FR 142.250.178.130:80 www.googletagservices.com tcp
FR 163.70.128.23:80 connect.facebook.net tcp
FR 216.58.214.174:80 www.youtube.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
US 8.8.8.8:53 48.66.9.65.in-addr.arpa udp
US 8.8.8.8:53 23.128.70.163.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 168.201.250.142.in-addr.arpa udp
FR 163.70.128.23:443 connect.facebook.net tcp
FR 142.250.178.130:443 www.googletagservices.com tcp
GB 151.101.188.157:80 platform.twitter.com tcp
FR 216.58.214.174:443 www.youtube.com tcp
US 54.176.168.66:443 www.nitrome.com tcp
GB 151.101.188.157:443 platform.twitter.com tcp
FR 216.58.214.174:443 www.youtube.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
FR 216.58.213.66:443 securepubads.g.doubleclick.net tcp
US 104.244.42.200:443 syndication.twitter.com tcp
FR 142.250.75.246:443 i.ytimg.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
FR 216.58.214.65:443 8c201877ce7615d53c45245665d9a3cc.safeframe.googlesyndication.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
FR 142.250.179.98:443 googleads.g.doubleclick.net tcp
FR 142.250.179.98:443 googleads.g.doubleclick.net udp
FR 172.217.20.198:443 static.doubleclick.net tcp
FR 172.217.20.164:443 www.google.com tcp
FR 216.58.214.74:443 jnn-pa.googleapis.com tcp
FR 216.58.215.33:443 yt3.ggpht.com tcp
FR 216.58.214.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 164.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 33.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.20.217.172.in-addr.arpa udp
US 162.247.243.39:443 js-agent.newrelic.com tcp
FR 216.58.214.162:443 ep1.adtrafficquality.google tcp
FR 142.250.179.97:443 cdn.ampproject.org tcp
FR 142.250.179.97:443 cdn.ampproject.org tcp
FR 142.250.179.97:443 cdn.ampproject.org tcp
FR 142.250.179.97:443 cdn.ampproject.org tcp
FR 142.250.179.97:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 tpc.googlesyndication.com tcp
FR 216.58.214.161:443 tpc.googlesyndication.com tcp
FR 216.58.214.161:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 ep2.adtrafficquality.google tcp
US 162.247.243.29:443 bam.nr-data.net tcp
US 162.247.243.29:443 bam.nr-data.net tcp
FR 142.250.178.129:443 ep2.adtrafficquality.google udp
FR 216.58.214.161:443 tpc.googlesyndication.com udp
FR 216.58.214.161:443 tpc.googlesyndication.com udp
FR 216.58.214.162:443 ep1.adtrafficquality.google udp
N/A 224.0.0.251:5353 udp
US 216.239.34.36:443 region1.google-analytics.com udp
FR 185.93.2.246:443 cdn.getsupernova.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
FR 143.244.56.49:443 cdn.getsupernova.com tcp
GB 104.91.71.79:80 r10.o.lencr.org tcp
FR 143.244.56.49:443 cdn.getsupernova.com tcp
GB 23.46.72.175:80 airdownload2.adobe.com tcp
FR 143.244.56.49:443 cdn.getsupernova.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
US 54.176.168.66:80 www.nitrome.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net udp
FR 216.58.214.174:443 www.youtube.com udp
FR 185.93.2.251:443 www.getsupernova.com tcp
GB 23.46.72.175:80 airdownload2.adobe.com tcp
FR 185.93.2.251:443 www.getsupernova.com tcp
US 13.56.173.251:80 www.nitrome.com tcp
US 13.56.173.251:80 www.nitrome.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7bed1eca5620a49f52232fd55246d09a
SHA1 e429d9d401099a1917a6fb31ab2cf65fcee22030
SHA256 49c484f08c5e22ee6bec6d23681b26b0426ee37b54020f823a2908ab7d0d805e
SHA512 afc8f0b5b95d593f863ad32186d1af4ca333710bcfba86416800e79528616e7b15f8813a20c2cfa9d13688c151bf8c85db454a9eb5c956d6e49db84b4b222ee8

\??\pipe\LOCAL\crashpad_796_QZIBDKDIOEYOQIUM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5431d6602455a6db6e087223dd47f600
SHA1 27255756dfecd4e0afe4f1185e7708a3d07dea6e
SHA256 7502d9453168c86631fb40ec90567bf80404615d387afc7ec2beb7a075bcc763
SHA512 868f6dcf32ef80459f3ea122b0d2c79191193b5885c86934a97bfec7e64250e10c23e4d00f34c6c2387a04a15f3f266af96e571bbe37077fb374d6d30f35b829

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 44b6b7b0386d43ce23521bda8480cbed
SHA1 a1a4cc8345bba9e632c8d1aedd0e33555808c487
SHA256 d3074c3dc537839f0983510ace5140978ddbedd31dc763824aaf446d21cc4fd5
SHA512 bd0e7c16c0f2ab1dd2cfe643f9a2549c41f9dfc514f42bab396df4248f40f9c1afcb62815214570be2cbd75c719c0ca25a31134226bb21a0fb27aa2bc3236981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9905c3e5d8102ba769d8491e9e45a6b3
SHA1 b57f513533c1b51bb888ea188326acb314681575
SHA256 b97fb5e898ea6b053f35f877e60032afb4e0351b0d09c5fc0350d3c45b8abe47
SHA512 deedb6a7476b9f57b1e3e7734dbc0b187711b65070eb5342f5dff92fa9a6a610804a728a98a864a98246b1784e2073746323c94f8cdac7f1c54e16d5e8c75f24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae2a760f3e7d2027bf6bb79baa1df5be
SHA1 c7fd03a746a8aa9590ec665a9ea750a369cfa583
SHA256 51e3d292d5ad43a463d5fbb410716845f63d7001003ac6c76133795db274c8fc
SHA512 146695e3a7f056c20b04ff478a7695d69cab284f6eb8e85b5eb938904c987cfc78e2bb291ac9cd0c2b3810f5aa1159443ee393c787b80b90e81660884adc5341

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a13e930e18f98b535d13f17796f64ac4
SHA1 5e3d9cc812f51fb463edffb533699c7bd56bba2b
SHA256 2432e0cfd7295adef4802efd625881ed18c4175c36c8b683ece4532425bc27c9
SHA512 6a10ebcb8c6c269159fc9848045613d8de3c6e53fa6d916dd2591267ad61cba317f73332c2aad7ea97d050f695af104a68a20b7fc73a0f245e4c5ccee52da506

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf0c01624ae1788ea9b93f1f2f697c38
SHA1 a27346945f54bca58f961d86590a5228c5a3f354
SHA256 768f4b6de56c3589291db29530cb85faa93421854bcffe15ae54347bbf9068ae
SHA512 a9fc9fcd3e62558e46c483afa746d6afd16daa6499b3d0e091ca022f236bfe9596928b76d4c080e17d47a24aea262ebcf2c2af187fdc44d31f51d1398057e471

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c266a1b2ed06bf73b0ec6deae6f77685
SHA1 9e4e8b9db128051ed16444142cd57f736bd7814a
SHA256 029191970dbb157c0bfcea19a9ff6d77b266ad3fe2103bd5c7cdb3c889b62c8d
SHA512 78c2da767b4c193694f6cba51238c5e9375c8c1270879a1d29c527fdd0282da4858fcf2b1827ca342bd3a7dbbaaa8fbcfd26e13f6146897fd93e4319932d91f5

C:\Users\Admin\Downloads\Unconfirmed 936896.crdownload

MD5 3f6d3ac37364c2d0dfe2169fdad4f6c1
SHA1 900f03d3e357e7d877e5c13fa7eee236acddefac
SHA256 e2b12ec20216d087d95c26a1ac3fa05491bab26483ddece7fb575286836863f2
SHA512 b5802b8406db518cc0c92290bbb47ab7868d6d20b828abbb599bb8aeb5daefce871148fd2c9941275d6319556a4af8122822fcdfc5f63f7b36dd8f0459acae4c

C:\Users\Admin\Downloads\SuperNovaSetup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\SuperNova Launcher.exe

MD5 a35d5f372f46820311c59840eba6fffb
SHA1 08617d11d0a0fc063266a64f77ff08b4fc48395d
SHA256 ead1dcfd124fe9005917b375ebc950a9770c49c218236eda7b46c680c015354f
SHA512 660f662943eb6f11a4f32919c5b6cef320e0a87376ae0344bc7919f825ecb52cea4b47a73ad84b2473eb794a2e32df01ab7f911725da9316d2cfff01d453ef83

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\updater.cfg

MD5 ebbfe0dae6078482cd4b29d870c1be26
SHA1 bbe5e6df53c3dd06534e46cd9877854d9edb65a8
SHA256 058b8ea5c883d189db0b3b7bb0f6f2e8b2d0046a10fe9fc2169817627c84f395
SHA512 65ff2153e6d2a1a15f0c9dac5e43e887631bbbd1c17e6ba64dcf566127fb4dd43fa2bf61a0dff7158da13e549ea24db56d314185dddfabdab9c84a4e5b788e7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2ed1e191eb71a52852530b91ba827bc0
SHA1 cd1c370201dc9f7032a8a81a514ca5fc97954148
SHA256 dcf78856248d7fb51c4dea1596a1d68948a9893556c12637f873c84d6bb1c470
SHA512 58f4cda1b3351688bf4cf45b85553d6577ca5bfc0df53a12accdbe89fdbe178b6b6d6780ac5f16ecce3285c4cb671b4c7d677c8dd2a11869a3d195b57a368a19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5c6b54.TMP

MD5 f627a2ec58e83f4fbdd663684016020e
SHA1 2c519609f61f2c141b7833968d697f9f0edc6978
SHA256 47f09e3fd045bd11582d8731426b2f3369697682b473c9ffb1b5bccc5a90fa3f
SHA512 0506d557507f1f939e1833f6c26f6c878c5dd4cb0baad942474f040aa3f41a9794d6f22c10722fb18d6bbf46a6b8ce77954bccbe8b32132cd4aad9215c38f037

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.0.0\patchfile.tmp

MD5 056e0fa934f42e91e1e35a3f5b05169a
SHA1 369531a2652d9a63aac75e4f3bfc427808eb9bfa
SHA256 c693f1a8407cb117f41b97d4d9eec8faad40ff9811384809941a43801b46a86e
SHA512 415592c8aeb14c5b19d2be2eb935b732023a31fcd89d5463f9b2ffcefc77d31ed5d9ca0adc50b238c0fb82fdf50b2799c86772b8df80fff357609e43a147582f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 69d7114a284743bb1ded2d0f67379a9c
SHA1 bbbd2c158389a09829e942527e1a1b341ec24338
SHA256 54bf0adbfa038ae49d4d046bb3c9de12d199fcbd85a762b90f1f274b7eb880d9
SHA512 d347ed399fefaf916e9ffdfd559498c478fc721054397f8245d5fcdd0f0e8b40a28312963a7421856a8e494713097f540329384724c4476fe97eaf398ecccd44

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\uninstall.exe

MD5 cf9999578a714efab632d767150b67bf
SHA1 dc27eed83f90ea4d8cb2841f6ebf7809cc5d6a48
SHA256 b2ed0fde11b5fe6489d637a39b280458f5f95595d7d835add0b41a2f82e5c62d
SHA512 9ae974c62a4d74da67b571d8b5b544cfeef1caa02cb2d098258447e27f8085ad2feeaa827a0f10fc0fdba7c2b1f2830287cc7bb27786a69c837f0b6c8e2dc872

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\chginteg.exe

MD5 7e86dbb05df26824ce7d2c2f9a486d2c
SHA1 4f8be2cf9bcd6c988174da7dfda9955327d0dfb9
SHA256 3341873244c2ba4c1e4b71a52992669150d269d93b6e9143e7171f52ef0b0464
SHA512 646cab94b68a86a85696490e017b84ed9efa912658981a1638ae10c659238d21c184ede5abf51dee8fd0e53515c16e2c865c49674d902d625bb3d9f041732520

C:\Users\Admin\AppData\Local\Temp\nsf8835.tmp\System.dll

MD5 fbe295e5a1acfbd0a6271898f885fe6a
SHA1 d6d205922e61635472efb13c2bb92c9ac6cb96da
SHA256 a1390a78533c47e55cc364e97af431117126d04a7faed49390210ea3e89dd0e1
SHA512 2cb596971e504eaf1ce8e3f09719ebfb3f6234cea5ca7b0d33ec7500832ff4b97ec2bbe15a1fbf7e6a5b02c59db824092b9562cd8991f4d027feab6fd3177b06

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\SuperNova Launcher.exe

MD5 876eef07cb24f6be1d1f2018efba14ea
SHA1 b7f58fd9a42cd3ef8604ce90b4931f1f4fe4089b
SHA256 94c007d27b644662dd9abd3b63647c20176ff490db6815eb833d417e1da92683
SHA512 b2ce892aae0655be4f3cb46d0bba35cbcb97c10269e46e38ad5f6856d2c87bb92a10229b4d5c335d54d3f19be1829fc75ce4837876e0754f766d159382b5966f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f9450c51351811b6c6cb00337b7d0ab7
SHA1 e37ff4aeccc83d43ffda1b44b895d335007d9c5c
SHA256 47cc32d0f6fd9c47e2dd6226136016e5b133a75b3163a425becc464ece89585c
SHA512 bda53110d5b2b3b07dfe6af40392b5d44a2bf806fc683700f709ad315f34929f20a03c92fbf699fbaabebca85606fde5d16e5dc68dac10e39dbed38ffad078b7

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.exe

MD5 0c7c77194bfaaf9bac5d1c721486a662
SHA1 430d8a730b43134c6fc6f69cf0120c73e3aa53c9
SHA256 9e5245ce1feec92765e5435f6948769abe82458b13f38af55222cef943e22ff5
SHA512 40727fb3d35c39ea0bed413679b98b6a6dfba86bc97fbdf3deb5f2fa5e35379ee6f422fcee21899d2ec09c69aea6dcb35c5c198a82ecb932d54f56903e57072c

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Adobe AIR.dll

MD5 9656db174178623376cd257b9b5f0a04
SHA1 bb2e2b0ade83f80d318f322e8a9ca6515d385f76
SHA256 3b96df478e8c2b4c0c8e4caf29212e9c1e92c4b76763ecbffa92591b95322a11
SHA512 2410e8d48a18e3355369aca2fc0d11f5802da6dca917d0cf657ea5096abee1017c1876cefb71f27f2c6ab0c30faa6c03c51d776b731b85ad1d01b9d3015e6dde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6d90e20df9d3206113ab184c5f9345dc
SHA1 79982c7344d9b7c09cc8e9902d81df679523e956
SHA256 ab50a1960894c4c31fcb82508430ce0c7c20b02dd04c55fcf08c8273f4d24e39
SHA512 6f0de09214a8b8b41e09554a6b7ba0486382bffdac87b0b362b3329fc75bf23981390a904c2b92d3373c263c9d14e68b5beb7977bb0f9d8a5234545712604a23

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\application.xml

MD5 eae9b1b281e6fbb68db883b00072e793
SHA1 dedc156acbe4fc853765bbbc4823c45d4504b011
SHA256 1edb7155c8de02c1b513287e4d4b7071dfcdfeb19bd8ae1f9b7fc64882a294d9
SHA512 62f0fb2a174507ba7c2301d05c331e1695a49507059a31897bc280084e97dccfee31ac225ba738f30001d60d2031c3253f0ad6bcb02cff674b34e7d16e6137b3

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\extension.xml

MD5 48c0a42e17f823f3db6b7e2a119e9141
SHA1 43b7146d9ae560029a541eb615a4af580b25c384
SHA256 e0f532975611b3c959a72cc5a3a33a097a1bf3f75a767382d5602c4a9d573a41
SHA512 020c42bee3a23257ab69ca8075b98a65ef42713d340369d64db67f0f139a01b777eada23cc20013b02ac0661446683874a21e8bf69c9bfe66e7420df4d7640b6

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\snlauncher.swf

MD5 0c71fd6b531150cc1548128fbe780294
SHA1 1848ccffe578a20a555ba3d3221a5f17a539c86d
SHA256 b230561dc9a071eb7e7a2675cb7ed100b27d255f1a29259ac0ea9a07703b3104
SHA512 a672fe231ba9d92ac6c8f16c8102dc962fb02678f720023bf7787a21a81d1a694a9fd1dff0bcff3a553817c60ec81bb40b56d5c5c7984ddbcb6e4df24f1c7416

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\Windows-x86\library.swf

MD5 fab57d7a0d0bc842b1270517bdb186a5
SHA1 c99d096698aa47b17c35abbf99fd1cac2e81a86d
SHA256 bed48f838aa6ba611272621f4d30254c2a8efe0e58ddd8e705294b36146bc9d8
SHA512 18660e13afbf192e9461034a767a19f1982474267d0ec08caf095ce64a77128a5940d5c9b0b28d3979e613d73332cd9150c71f373aab59d837b2c1c7a0f45526

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\META-INF\AIR\extensions\com.cpmstar.SuperNovaANE\META-INF\ANE\Windows-x86\snane.dll

MD5 276c60dac7f22be30be7af9d6d0fbd66
SHA1 703e5dd059f9d4cc80e604fbaaf15292479ba320
SHA256 417642ac799380ed60a41681ba460380d81918966db6ec518888b0c57f01b108
SHA512 bc3ac224257f1e30e4a3daae5ad294dd0ae6cc93f4362c140be6f5beb8a137221ed27dad7a917a99657c831cf641ed294e3da3d8cf8a8107b60e15043e5cb8ef

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll

MD5 3938a41f662899c7ded7263c7d4cdef7
SHA1 e3071e9be236303716a4958f5bb5cde095c9034e
SHA256 ae786b1072adfcd25c013b2f79d28163bfea74d7d5e06f6c227ed73d7a32fe47
SHA512 22a89698ff72cba1f35df0488f940e95c563e9fc52efb3638c0fe714484d0d3e09ffe3616ef5e12a6ea72ecc8bfd1598b1661c6ca8e0a329472b23e288ebf429

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\launcher\Adobe AIR\Versions\1.0\Resources\WebKit.dll

MD5 92b06d7ed7a1c3a47ae7378cd727d1ae
SHA1 372b950fe0438ae9858a2fad1ab2223f0cfe3c15
SHA256 6277b7970e81c0b3c635d1d01668396493a96c906314e4d5206a8ff4a42ccc6f
SHA512 0eda1ea2c5f40b2f517f88ac9a8fab6a523f22accf959950ae0fa22a5292fc63fffb09548cad031a32ffc4b388bcd781a9881aaa3bccdcaee336b52e80d9a342

C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#Security\FlashPlayerTrust\air.1.0.trust.cfg

MD5 7ddf5ed9f3df13943aca2577c832266e
SHA1 eb3b03a44cba9bb3f0771f81042decc96dda8392
SHA256 6a075184a25b4260ddcb9619dc133f890acbee0b8cb7bcd7bb76d04013d163a0
SHA512 2c67437835749e9a6f4e8b8bab7a53ea6a3020bb0429bd9f2570439e19ef75071816e80d0c11213b521bcf4936dd9199745eb48004a530ae979b44aacd3737f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb9708601e8411abe06a5de418590249
SHA1 f67ce7583150e7ba3ac19ed288c9a42ef5563485
SHA256 39435356f99841b0d14b813a1a704ff0cc3168356abe70d30251a8da7fa802af
SHA512 0243d607619ccbc93c2d8e775cca4df344e1cc20e964f1eea67a6fda37de98ddbcb63cb83fdce101f49411608e2e3e6dee82d7cfc3886c92f10c37f7b1edf755

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6081b1b5294c1ef230776d41eed271c3
SHA1 4607bd3a51b110e339b0383785c30449a6eaf578
SHA256 81b1e15400441d2fc0c305b53221da4e941620d5602be3ca447c424877e58b02
SHA512 1c70eeeaafa07f6af4db9e92e8a321f6c5c940fa4aa905a1da9c4541d4da0ff3a4e62ae538331d9e34e0c325125a98c5eb06638eb97babbddadfe7271724154c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e8cf0d3b05270410d4fb30ea7d81559e
SHA1 7845343ac7f195d9a6e200654959a7f664cc144c
SHA256 3177ac0becc35ab786384b028da49def6d1213dceb25a998e9d9a23dd354e2ea
SHA512 34355238287ef114294a90d91f17be569e5dcc5b389a99b5c1181150d30c6c87933d633cbeee7652039ac27fbef550b058f271529feb4d584ac32da69862cb12

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 1301a13a0b62ba61652cdbf2d61f80fa
SHA1 1911d1f0d097e8f5275a29e17b0bcef305df1d9e
SHA256 7e75ad955706d05f5934810aebbd3b5a7742d5e5766efd9c4fc17ee492b2f716
SHA512 66aa4261628bb31ee416af70f4159c02e5bbfbe2f7645e87d70bb35b1f20fa915d62b25d99cd72c59580d1f64e6c6b5ad36ace6600d3bcdb67f45036d768ed8b

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 964219fcbf4c1e0008bc5e05686367a9
SHA1 685a0b860afbfd43305bc67763e41b296a22ba8b
SHA256 4f4388ce8c3055db4827ad4b6d7d6ffc7bead99955a3fbe44ab3a5454651ae25
SHA512 2745f64b2bd54740a5c1f754785c39eeda9b6b5112707cc8630ba188638442de7c636446f750aeb340905d9da26f96ee4e7f7c96e2b690058ce29d7b6efe8c16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e078408f40d62f404d0f91615fa128b1
SHA1 abaa0af6ce7629777e0019f7a7feafccaf643102
SHA256 52d8378d7860acacbaace8d2bc70bbda5a3e2ce35bb1775aacbcadc779698610
SHA512 478265605760bba1f8004c26bedefe20fcac05d47bcbf37d355fa13325776946be38e9fcc3e6d5a10211b301a597ffe038b9bd1947358ac05eb743cf762ae759

C:\Users\Admin\AppData\Local\TacticsTechnology\SuperNova\versions\0.1.23\currentversion

MD5 f50b3648cb98ec69ff083bd113389e87
SHA1 64ce2b9cc1652d78d995d765a33f694d74f6a2e8
SHA256 f3ddb4109c5afddab1f3a7ad19fb9450b6629e4247ddfc8d88c8b6f70f04a27b
SHA512 45c3904c4f5a9802324a165ac597b9388fe23f514d0de4d67196c261a74fe679e75fd003d004659a1a7be094cdc2eb8bbefbe4d0a7dc92558e9c6390999591d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1d8195677183663b233448f8cc7a4bd3
SHA1 f96d51325c82d6100d357b6db124285266cf87fd
SHA256 eb9fd924096b6391082128f2a62f4a1f9332950f3e58c3fd77de3f56a8c70670
SHA512 3d5ffea045aad7bf2879ff9b93144f82b566c3874deff1b14f7820da445024fc676dee3debb2234f1fce22f60d6d7a22c1ec3b0db91b7374af660a299b37f171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 38d986e7bdced2a0a3067e9305e0962d
SHA1 3f35f169b93b0b9fdc623741c5cfb18939a1ce1d
SHA256 b88ae820ea904305a14b0ff91dcfd93302b4614eb6552ab0372cb7a0b9053fbd
SHA512 45f23e3cfda75abbc12d12053215793c33622fcd60b91d9d183f6e670f36428e41d30544f3f1e4eb3ad7a1a3184595bafd18b9b904291a6eedc673df31315cc8