Analysis Overview
SHA256
c7c16847de3660b072a71654312ad44f2015e31f4a53cdca60748104b94a4820
Threat Level: Shows suspicious behavior
The file Craxs RATTED.7 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obfuscated with Agile.Net obfuscator
Executes dropped EXE
Loads dropped DLL
Drops file in Program Files directory
Browser Information Discovery
Unsigned PE
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks SCSI registry key(s)
Enumerates system info in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-29 21:09
Signatures
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-29 21:07
Reported
2024-12-29 21:22
Platform
win10v2004-20241007-en
Max time kernel
733s
Max time network
722s
Command Line
Signatures
Executes dropped EXE
Loads dropped DLL
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\ucrtbase.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\ktab.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\servertool.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-core-namedpipe-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-crt-math-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\jfxmedia.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\tnameserv.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\pack200.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\javadoc.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\orbd.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-util-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\deploy.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\klist.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\glib-lite.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\verify.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\glib-lite.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-namedpipe-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jp2iexp.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jpeg.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\klist.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-core-console-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\npt.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\prism_common.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-string-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-runtime-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\dcpr.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jfxwebkit.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\decora_sse.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\glass.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\javacpl.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\java_crw_demo.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\mlib_image.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-crt-string-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\fontmanager.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\msvcp140_1.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\rmid.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\api-ms-win-core-console-l1-2-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\java-rmi.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\jli.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\kinit.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jli.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jsoundds.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\native2ascii.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-core-file-l1-2-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-core-interlocked-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\zip.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-console-l1-2-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\prism_common.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\rmiregistry.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\vcruntime140_1.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\api-ms-win-crt-runtime-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\jli.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\jpeg.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\server\jvm.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\bin\jar.exe | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\decora_sse.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jfr.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-conio-l1-1-0.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\jawt.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre-1.8\bin\lcms.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk-1.8\jre\bin\awt.dll | C:\Program Files\7-Zip\7zG.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\res\Lib\7z.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\res\Lib\7z.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\res\Lib\7z.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\CraxsRat_Bilder\platformBinary64\bin\zipalign.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\res\Lib\aapt.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\res\Lib\7z.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000\Software\Microsoft\Internet Explorer\TypedURLs | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133799803472334627" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.apk\DefaultIcon\ = "C:\\Users\\Admin\\Desktop\\res\\Icons\\apk.ico" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Downloads" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\NodeSlot = "7" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = ffffffff | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.apk | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 14002e8005398e082303024b98265d99428e115f0000 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.apk\DefaultIcon | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202 | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\CraxsRat V7.4.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Craxs RATTED.7z"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap11185:46:7zEvent11167 -ad -saa -- "C:\Program Files\Java"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb417dcc40,0x7ffb417dcc4c,0x7ffb417dcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1868,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1864 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1968,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1960 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1716,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4584,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4416,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3712,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3204,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4692,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3388 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4540,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3396 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3488,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3352,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5156 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3468,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5148 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5232,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5324 /prefetch:2
C:\Users\Admin\Desktop\CraxsRat V7.4.exe
"C:\Users\Admin\Desktop\CraxsRat V7.4.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=864,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3564 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5240,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3528,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3156,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5456 /prefetch:8
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -version
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\apktool.jar" d -f "C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp.apk" -o "C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp"
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\apktool.jar b -f C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp -o C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\out\Ready.apk
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_57033956288201272864830521939367527194.tmp
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_57033956288201272864830521939367527194.tmp p --forced-package-id 127 --min-sdk-version 21 --target-sdk-version 29 --version-code 30 --version-name 4.14 --no-version-vectors -F C:\Users\Admin\AppData\Local\Temp\APKTOOL4626081840768836339.tmp -e C:\Users\Admin\AppData\Local\Temp\APKTOOL293990194054367413.tmp -0 arsc -I C:\Users\Admin\AppData\Local\apktool\framework\1.apk -S C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\res -M C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\AndroidManifest.xml
C:\Users\Admin\Desktop\res\Lib\aapt.exe
"C:\Users\Admin\Desktop\\res\\Lib\\aapt.exe" dump badging "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk"
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c java -jar "C:\Users\Admin\Desktop\res\Lib\ApkEditor.jar" info -i "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk" && EXIT
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\Desktop\res\Lib\ApkEditor.jar" info -i "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk"
C:\Users\Admin\Desktop\res\Lib\7z.exe
"C:\Users\Admin\Desktop\\res\\Lib\\7z.exe" e "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk" "res/mipmap-hdpi-v4/ic_launcher.png" -o"C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\res\mipmap-anydpi-v26" -aoa
C:\Users\Admin\Desktop\res\Lib\7z.exe
"C:\Users\Admin\Desktop\\res\\Lib\\7z.exe" e "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk" "res/drawable-hdpi-v4/ic_launcher.png" -o"C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\res\mipmap-anydpi-v26" -aoa
C:\Users\Admin\Desktop\res\Lib\7z.exe
"C:\Users\Admin\Desktop\\res\\Lib\\7z.exe" e "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk" "res/mipmap-hdpi/ic_launcher.png" -o"C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\res\mipmap-anydpi-v26" -aoa
C:\Users\Admin\Desktop\res\Lib\7z.exe
"C:\Users\Admin\Desktop\\res\\Lib\\7z.exe" e "C:\Users\Admin\Downloads\de.stollenmayer.philipp.Pop_1_1_Android_4.14-30_minAPI21(arm64-v8a,armeabi,armeabi-v7a,x86,x86_64)(nodpi)_apkmirror.com.apk" "META-INF" -o"C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF" -aoa
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultdbf1342ehb2ech40bbh96deh19c0adcaf407
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x120,0x130,0x7ffb3a1946f8,0x7ffb3a194708,0x7ffb3a194718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,7433971594614987056,11076192965263582138,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,7433971594614987056,11076192965263582138,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,7433971594614987056,11076192965263582138,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3056,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:8
C:\Users\Admin\Desktop\CraxsRat V7.4.exe
"C:\Users\Admin\Desktop\CraxsRat V7.4.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe"
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -version
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -jar -Duser.language=en "C:\CraxsRat_Bilder\platformBinary64\bin\\apktool.jar" d temp.apk
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -jar -Duser.language=en "C:\CraxsRat_Bilder\platformBinary64\bin\\apktool.jar" b temp
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_23851152479144354238121861052235253887.tmp
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_23851152479144354238121861052235253887.tmp p --forced-package-id 127 --min-sdk-version 21 --target-sdk-version 29 --version-code 1000 --version-name 1.0.0.0 --no-version-vectors -F C:\Users\Admin\AppData\Local\Temp\APKTOOL3334049341802888965.tmp -e C:\Users\Admin\AppData\Local\Temp\APKTOOL2532396386991400154.tmp -0 arsc -I C:\Users\Admin\AppData\Local\apktool\framework\1.apk -S C:\CraxsRat_Bilder\platformBinary64\bin\temp\res -M C:\CraxsRat_Bilder\platformBinary64\bin\temp\AndroidManifest.xml
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -jar -Duser.language=en "C:\CraxsRat_Bilder\platformBinary64\bin\\apktool.jar" b temp
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_74798539284379593335275597642094492117.tmp
C:\Users\Admin\AppData\Local\Temp\brut_util_Jar_74798539284379593335275597642094492117.tmp p --forced-package-id 127 --min-sdk-version 21 --target-sdk-version 29 --version-code 1000 --version-name 1.0.0.0 --no-version-vectors -F C:\Users\Admin\AppData\Local\Temp\APKTOOL6894169250653254174.tmp -e C:\Users\Admin\AppData\Local\Temp\APKTOOL2288068969489685924.tmp -0 arsc -I C:\Users\Admin\AppData\Local\apktool\framework\1.apk -S C:\CraxsRat_Bilder\platformBinary64\bin\temp\res -M C:\CraxsRat_Bilder\platformBinary64\bin\temp\AndroidManifest.xml
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -jar temp\dist\Crypt.jar p -i "C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\temp.apk"
C:\CraxsRat_Bilder\platformBinary64\bin\zipalign.exe
zipalign.exe -v 4 C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\temp_protected.apk C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\tempzip.apk
C:\CraxsRat_Bilder\platformBinary64\bin\java.exe
java -jar C:\CraxsRat_Bilder\platformBinary64\bin\SignApk.jar sign --key C:\CraxsRat_Bilder\platformBinary64\bin\key.pk8 --cert C:\CraxsRat_Bilder\platformBinary64\bin\certificate.pem --v2-signing-enabled true --v3-signing-enabled true --out C:\CraxsRat_Bilder\platformBinary64\bin\output\ready.apk C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\temp_protected.apk
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4892,i,17840290636691031785,5760960331180207955,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| US | 8.8.8.8:53 | 126.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.gofile.io | udp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | 210.242.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 172.217.20.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| FR | 142.250.179.65:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store4.gofile.io | udp |
| FR | 31.14.70.245:443 | store4.gofile.io | tcp |
| US | 8.8.8.8:53 | 245.70.14.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 195.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.179.74:443 | content-autofill.googleapis.com | tcp |
| FR | 142.250.179.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 74.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store2.gofile.io | udp |
| FR | 45.112.123.239:443 | store2.gofile.io | tcp |
| FR | 45.112.123.239:443 | store2.gofile.io | tcp |
| US | 8.8.8.8:53 | 239.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.52.177.198:443 | cxcs.microsoft.net | tcp |
| US | 95.100.195.158:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 198.177.52.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| FR | 45.112.123.239:443 | store2.gofile.io | tcp |
Files
\??\pipe\crashpad_1968_KLDYTBCVVTJJAGVY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1968_1440363585\0a8527fb-254e-497f-84e7-76a16acdb9b4.tmp
| MD5 | 14937b985303ecce4196154a24fc369a |
| SHA1 | ecfe89e11a8d08ce0c8745ff5735d5edad683730 |
| SHA256 | 71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff |
| SHA512 | 1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1968_1440363585\CRX_INSTALL\_locales\en\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 21ba20d1d8df0282dede0c2084da0e7e |
| SHA1 | 7f17d576ad9324bb1301827dbed1293b63b0e4e7 |
| SHA256 | b52013ac278ac665f0cdfa6cc7b75b2283ec56713ff021932e2caa98ffbd2f04 |
| SHA512 | 54a779c752d025c60bb60057275f2439c2878ea2f5b9180b3aefb6f8adea65c85025102b5ef662e2ae80377ca8a2c6f29b98cbda7e5459494805320c4d0f6d5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4d158cdd-b03e-43b0-8505-d828dc630fd2.tmp
| MD5 | 6790642808e6ea315dd8b3aa969575e0 |
| SHA1 | 9ae78619ee1782a4c19ee3f3ed8cc3a9e0b8c785 |
| SHA256 | cec4f01fdbcfeabadb7641b8a52b1c5dbf4dbb0a5c78bea3891497c9839a558e |
| SHA512 | 364368e489c08afd98f4d0a6ee544240485861040ca0b7be34f5d046c75d2006e4eef38273f894f99eda633d1c65c6635fca01faf3f7b6811df1932831fb9a39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7c9527d166ac8b5d89b323203c976d2 |
| SHA1 | 055ca63564ce944828243c1482f629434effc173 |
| SHA256 | 8eb815998200d19660fcb99fab82cffdee8d0b66fae6178b7b82d3ea4d7e2428 |
| SHA512 | 1b52b5670fe468555374d157f4a9686deee3815ab56c88553f5a628e9fd08177a0ffc885b109b4fe1db4d64a9e9a48aee20358107f580453ea76b5d5e9646d72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 594f9e28a11d3f1321b95985c09b4b3c |
| SHA1 | 3f1108767be54b7d3b29fc33fcb83a1f30979e24 |
| SHA256 | efc43445c24640be63ece18f64d2fb9e2c20e7592376a62282be56c57204195e |
| SHA512 | a1fd3d0f7c0f53774a72f27ca9601e753bdbda1973a6172722ea90a52a819a01b7d8f95bd5c04d763c4f47c0bbb32d3670d3690c1d6a1e0117fb7bc365febeb6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 24c34610946e45d9ecfa717d4d914ed5 |
| SHA1 | ff64dd98b74035c9a051ab9c3ec67dd9b1b82ec6 |
| SHA256 | fb6f0de2e8afecf02e1ec3d94774e75cd00e58e9dc43db9be52b65bfec2bc896 |
| SHA512 | 2ba8f4dc35b3ad8c1da665a361539af962ea5554586a6a2bc5da6740de4175c1375a02bee25373643542e6177a17e52f1c7a2a9ee826a647c33a003319692986 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7f739c74ae253b07a1c2886aec089ac0 |
| SHA1 | 3649524c2211d3331f647fda24e035fe4df97eb9 |
| SHA256 | 082b4d175e13757cfeb6a491d92470f35f39ca392b948eed945e0f6323f990f2 |
| SHA512 | c562410ff72edd7a96900c1c655d7341ebccb53bea94aa15a420afa4405def1a9e98c1e3ed6f11ba9e1239854ec7028770923f207e5d589b2f8eeb35345de594 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 53bdd649b169a0ddc45964ac72263415 |
| SHA1 | 3502a848fa3868cab2f88d6c65d30b002e3c9a53 |
| SHA256 | 4f55c3f495b2a44809102416a6c9179a6fbc26ef862f972cbe3d7a6b804c7d9b |
| SHA512 | 6bf39781b84d10a98cd04740292e5e5402016ea30cb9f096b636945357656511fc22d0f103e6355cd01ff6959d608aac95f0b3a5d7cf9c4a7edeed441760951b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0f6c17d421fb824ace8e3c8ad04f2cda |
| SHA1 | 6faaeb5f9134332f3bc16977b71e0ca2169cca39 |
| SHA256 | c0f9aee2306f32ec9f35389c023602a7fb04ea6be392b781ffa8db1aada92b40 |
| SHA512 | ef01cff0aa059d0800ee19184161e8065d81beaf2c80fbb6939f8854323a5c37e537ed7af83551cbd7f132332682bcd48d5c2684a6e56b318ad4527c90d1ca40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e35e3ebad480eba37adac471605c73f4 |
| SHA1 | d16fe92b8be961f2a138d7ce22c67d7910f9f153 |
| SHA256 | 45953ed56bf42ad7aa0e3d008f326fd0a56b5cd7bae0ec56d7acb8c2dfacfd88 |
| SHA512 | a101fbf44c498dc79c1aa9533ba292d2b27875606da080c6fcd24bbc9ba8d509cf7fff2ad2d495adae10b85f2c2374f1895cff109c32a7c480b4856d0dc8056e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 99eff778804bd6a6049e3031acb3ae72 |
| SHA1 | 4a8e7e7a1b69a582dcb79d7a0f9b4a04b2edb421 |
| SHA256 | 004ea059ada3f2203f724419eae1db603a05d83d1d9c6e2bc4aa74ba18156b2a |
| SHA512 | 0b62d3f29887a9cc7006fe53b2770f42ed4f9fb725dd33138504d296c3ca67d9ee18cfb6ef969dcdb114b0829385a9c61ec7db91bc26deca2a6ebdefd62b73ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 257f5cdb56f05e14a66e1ae9b54d85f4 |
| SHA1 | 0dbad6eb32439eb015e631860e545111f7a5923d |
| SHA256 | 7673b49ef8a31a0ab034d31769db2280733ed977c076995c0c2ac0120491eed1 |
| SHA512 | e811fd84f089e8007fb85e3dfd763d8b7d2d1a8f1ba878bc7afdac472a9519f9888cecf9b20e97044fc75d4a7ded1e5277097c4abe4c5aaca67c205c9a8b3ae9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3515a90aff99b5e97b2462c47cdda494 |
| SHA1 | d9cd44f464cdd6f998d386cd436236d9b99f3885 |
| SHA256 | 2778d9649315c6a14809ae96f366b2a7edc5a770a53693f1251e3b4ec937b90a |
| SHA512 | b32e617af367db05c31b5f272896526ce9edf464848c0873685e89a753a4349b24f4f7eaf3e5c7cf65e630cbda15e22012e491f95f364b72fc328a47396becea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8ce6cd29b91c685e66f6b94103202766 |
| SHA1 | 8be0586ad9cda4e067da44f2a70929e5eb098103 |
| SHA256 | 140fa662022000f0a55f4228fee2e207201bbf7d3db5ab3ffa7c9aa7034ebcff |
| SHA512 | 612f0c858d4ff9465b0719891c3f91435a4c090c66df5cdcf32bb9385c8304f350329c3258699a2726ead6691c8d9aff4d25d87f22486b93150abb8240b3b72a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e636845a3012a54d65cbb811b0a9f505 |
| SHA1 | bc268d192cc6b7214e66751fbae96d9e6424b4e0 |
| SHA256 | 4ef0ba110be39e4e2d420418e3d8e4d3ef22b436fd8dbc732f66fe86112ea371 |
| SHA512 | e5f9d97ecc980407a78de020c2bc1b9392d59052e4e705776222a8c033510c4a004a091fc3e0ee15132fac538564d411a4fb1d2b8b56302a15aae74ad588cbad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ebaa0f8a94105cb8e235ad17e1270bc |
| SHA1 | 2c2a351a14b8b6f648bbc42771183be6c8ffb680 |
| SHA256 | 563eb8157cc5d2060e3fbeada5df78893a244c96329c3d5ba713446522fd88e1 |
| SHA512 | ded4a4936450c645e7fdf579d7e05cc343fca0b4f3d0ce60bd4879cff8f442147585ba5494442100d5c0c894bb59025fa9636de1d7d7ee2dd2af47de3063816d |
C:\Users\Admin\Desktop\CraxsRat V7.4.exe.config
| MD5 | d1158d00747c63b29a91da068c16ac15 |
| SHA1 | 540e2dec15f0735effa1288b9a57c56115dccc57 |
| SHA256 | 633b6dc8625d1b14d46ddffc922f362fd668043e3aaab40193e61424e42a951a |
| SHA512 | 2966d1d3cc8d29ce964d71f7300e4c129b2ab2ef94fe4bdeab7fd3069cb4598a091682e08a1f060a0f958bfce7d12eb4ff3b67e1bd26e982169da6600359a74f |
memory/1284-1602-0x000001E8B1850000-0x000001E8B565E000-memory.dmp
C:\Users\Admin\Desktop\LiveCharts.WinForms.dll
| MD5 | 76c775d09b24798f6923452e920979b5 |
| SHA1 | 3fe2c79512a0d1153fb07f6640b27106c90d333e |
| SHA256 | a5b61c1726304e6b72e09a0f35ddbf52f89a75a4e28e6ed098c8d1df6081b4ad |
| SHA512 | eacc093f8ac9401f617df7e07fd68a8a0f1f03aa150283de67ad8c338fcb1520b0f07335547cf533a646ff95f239c92b029f952a706e736bcd9508817c9be0f9 |
memory/1284-1604-0x000001E8B7250000-0x000001E8B725C000-memory.dmp
memory/1284-1605-0x000001E8B7290000-0x000001E8B72AC000-memory.dmp
memory/1284-1609-0x000001E8CFD30000-0x000001E8CFD6C000-memory.dmp
C:\Users\Admin\Desktop\LiveCharts.Wpf.dll
| MD5 | e924f79f0b5f3e79c98477d75831813d |
| SHA1 | 64f71e20e1953b13c771d8a8e63549ad6d64216e |
| SHA256 | 1bdbb1b5c1a50653e5c26161e9b7c03edc518721a6e10ea180a84049d967106b |
| SHA512 | 063e9bdbdaf0accb46cef5fdb98b30a97b8a6ba097a80d43a9799ff73e820d1c56d41ca9f71d94497736e3def7fbd0109db4000ab1d9e46cdc96357bf3e15fd1 |
memory/1284-1607-0x000001E8CFD00000-0x000001E8CFD2C000-memory.dmp
C:\Users\Admin\Desktop\LiveCharts.dll
| MD5 | 9642899636959b7fc89bf34a8b998a90 |
| SHA1 | 479a0254d1c9e5565c7d861bb77f54b7eae50c96 |
| SHA256 | 9fcf89837b60f69c1c501e4cfa4d2860887afd0b8f325803367e795a4e3bc9ca |
| SHA512 | 435dccb57ff3e9d0663770768c866838b19fbaa5b8e79de0ca111d9c73276f016e016d1d268f72cf3435ecac122039764fada952e1a4f68f368b492bb866c9a2 |
C:\Users\Admin\Desktop\DrakeUI.Framework.dll
| MD5 | 0562b4c97f643306df491a938ae636da |
| SHA1 | 0807c37b711374ed4814a9518c9e264517de89a0 |
| SHA256 | 70e72477f7fe0018e043ce8fe2228a289459058ee41caecd6f05855898bc5b80 |
| SHA512 | c969cd274b6bf65a34f1d129b6531616a3485a1f153088609ad2369d380fdec37c3e88a423495912715a26e353dd5498f7f9e73c895e9f3f18fc7d1e65d2ecaf |
memory/1284-1611-0x000001E8D0DD0000-0x000001E8D0F76000-memory.dmp
C:\Users\Admin\Desktop\GeoIPCitys.dll
| MD5 | c070f2421851420e832e4f5989a775a2 |
| SHA1 | d6af3c48ffbe0fa1e0e54860836d3bbf374b8b46 |
| SHA256 | d54fd6c5903eea49a75d620d4ba232f8effb1863f5f9c974e4ac0a8fb1904131 |
| SHA512 | 75c3edeb4c16d8e82eedc5595b9c3fde4cbd4a3e9deae1967ad513474920a48e4e9275fdc76f44032b1be570a4ece1a6393c4680af8989f67bcdec039d06798e |
memory/1284-1613-0x000001E8DC810000-0x000001E8DC846000-memory.dmp
C:\Users\Admin\Desktop\res\Config\Pass.inf
| MD5 | f13c9fd7401845bcfaca535744744440 |
| SHA1 | a0f1325a69f2c303449177932c43030a4b5991ff |
| SHA256 | 87c67159e71ef382bd47a763527c906c18a77f79fa66d9e18569d1ed0cbdd167 |
| SHA512 | 8bd1dfc2df7e51ae7113f9b0212335614961716dc0b10f58433d8618b9dcc80e2aabad9e563b8106a3151314af593aea9fd0a401cde30d7b47bf4b71d3b9abb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e2337421772dac0c1441a60e80fb518 |
| SHA1 | 876f2607b3c14ad83fc4df9c4c6a45285cdcc949 |
| SHA256 | 1e2e10b7a70839c3b7892eeaaf1c43f1f02a5317518fc5c7d4291bef00c9c5d8 |
| SHA512 | 64e6fe766382bb84d085631504079e7026b9d635a4b3dde52ae657ae99851ee28e65ab6e17e4d746e51ce777b5f1800a20f99c514900a4dac86953bb226297fb |
C:\Users\Admin\Desktop\res\GeoIP\GeoIP.dat
| MD5 | 2fbec46d430f57befcde85b86c68b36e |
| SHA1 | 3ff9829e3242deb69a7fde0832b7d9345b925afc |
| SHA256 | 681ede512fe7ac21e976c754bfc1e1a75a9e02c3d931ce6849cfaa9d4080338a |
| SHA512 | 42036af6f57e446fec194ce71fa634dee9f4c77342f64a867fca8730d76349190960a7e7a5967ea59c250ca1b220d4845b4911dd63ee870f5620d9eb513b91d6 |
C:\Users\Admin\Desktop\res\GeoIP\GeoIPCity.dat
| MD5 | fab3cc04a19ffdf90d775e27967a7c25 |
| SHA1 | 723c1635338bec7c1c876769618789268b8faad2 |
| SHA256 | bf41a0a700e3b35415609d090b15c5355e5cf4ca703ab119626b2d450997c608 |
| SHA512 | fe013386ff799cda195222341ee601d7b8b3c5c8abacf3c80e3fa03af52ac848f8a79a7dd87d8831d5a366243343f1025f704f49d858da4b02235968f834a9e6 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\-1.ico
| MD5 | 410e4dba1b3e1acd689425d024f3fd56 |
| SHA1 | d38fcae133db0cff918dc455acd8ffa437989659 |
| SHA256 | e10518132ded7ee51739953121f6efe77412aa85bd744ea7b256a5a6da751e44 |
| SHA512 | cac41002ef9ffe4592a0949ebb3a21b3837645838e623d3a188f7e70b6c82b2253c586a6a9395007849da0ef94d6dc47bcfce9cde554e8b6becdaf21082cf014 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AD.ico
| MD5 | 2cce7e02f2decbdcf648cc249eeabbfc |
| SHA1 | 4a9cc2ab3162a949d5f559ac2828813da7aaa6d2 |
| SHA256 | ffd5e4016c4bc247f49ded9d4ac463e7bd9d7f92c9889528f5f3a865dc8234e2 |
| SHA512 | be3d96046ec50bfd8e4399d1268856d0cc1f541635896ad128d660660294cfd98f79998dfa46849a2e6e5aa3e637626a94a062ab694444b7210f69b3a55d1686 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AE.ico
| MD5 | 5c22046c8b4f37adbd0f41a811238d5e |
| SHA1 | e3c49202f86ff0718f169ce4cb82570457891bd3 |
| SHA256 | 0759c987d55b3e2bc78ea1761d451b0b40928865c5b5652ef7b304426bc1dab9 |
| SHA512 | 655c129c7456ce083a9eec235e04b871a16c4226f7cb1aa2ac4b119770b24ac61036950b0a77257af96352318a991037a1b9b5e2925ca84272995dd8135abca8 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AF.ico
| MD5 | e18c650283441dfbdc3aa46a414f326c |
| SHA1 | eda65607858d6b93db9ca4a9f20cac382cb685db |
| SHA256 | ecf99e08bf15aca4325c4790ee20ccc674b6f4fc6dbbef0885f36bf8e6e8aa68 |
| SHA512 | f10cd2a31390bbb06546052214a817153f35ed9b5c5403995267e1e9b4987630c08ddf7db414146211b8cfb4769949cd660060bd2a5c8a51bf5bc381372a6673 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AG.ico
| MD5 | 93f8d14b56bf5f257f87ea438c7a3601 |
| SHA1 | 31b71ace333e016408af2f18290463389206d1c0 |
| SHA256 | 8e36c85a8ba6b92ea906d4dcda412b492449e668fac3b05f5fc512118fa71e5f |
| SHA512 | a70adeb933e65ba11b28d11fad9a2eae29a623013f9bd8383afa5c794f214a6820f797f03f1714759bd38356b160b9c1e159dfcecbfa7e95f4ce2b24bfb24cf5 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AI.ico
| MD5 | 2d5ee470e51e769e649109d2721937d3 |
| SHA1 | 89bb18a904dc2857e52cff3a384df50858d5e17c |
| SHA256 | 08afe88e8a0475e320c6da70ff530ada3a6fb426051a6337a769c14dc37ae316 |
| SHA512 | d6801a6b238a9779b0b8829f79412c227ed8480ec060e3d1992c9b1024c94a8f1f6ed32097c8a93a6f2600ad68b2ac537fba5f0982a41fef01a832994cc0cc20 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\CA.ico
| MD5 | a28d60062ceb07e296f5c4ddd6e76fed |
| SHA1 | e9306422c690eb6e773b9ce306c6e5eb545f6e1c |
| SHA256 | 642b7b575255c44fa96167b1268e69f2fa72e76d62aa8f15768eeebdd45d11d2 |
| SHA512 | 73dfb8a1ca49d5b8e9a739fc36dc68f5ee7a66be7b851f38941c6a7b55af64187b3390d1e8962b850e6d3f3755b9c03c5103ae62cb0e29855b2cc7cc49b3105f |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BZ.ico
| MD5 | 79c5d3202341bbd141ccd6543fe01983 |
| SHA1 | ea4b1accd5025dce621752bd23a5143b1128873e |
| SHA256 | 627bbd8aefb32eb4bd11c2519ad35427d5627bdbd54b68119827990ef66b4180 |
| SHA512 | 790390d2e6bd15f35f7f414504a01f206b6114837388b8897cf74bb0191598b4dbe01f1a99a39e0f3a535bedc714d77b63dfbe1e368f744e04acfe93f938ae25 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BY.ico
| MD5 | 4c2fd28b7d3e934b6979550174bf4f97 |
| SHA1 | 5177886a85094d8446ff457e2956481a68b066db |
| SHA256 | de9fb648d544aee8166232826f3ddf7973d957eedb70ce5100df5a969d7a6cc7 |
| SHA512 | fdafcec7528305f0aa03d83ec5888c19bbea333b116a142ade6fb53d2812f4cfe5735ffb2ba2158389751c04b3e172fd196648e9fc8e95892125fdac1183a976 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BW.ico
| MD5 | 52744003db72b685d11c884f2f9e56b6 |
| SHA1 | 310b6932dc8864a8a6b2811badfac88288609a79 |
| SHA256 | 9c1c1186d19dd5c439351fcb756df877c4ea351dbf4aac1de226b98b3053ff01 |
| SHA512 | 6bfa94f9e8905498fd503b55d67d87ad2778799b04c9129c5f15de45d3fbf75d3460b5b855f048d169e345766e4457b25e29b03abeff043ef68b4669822c6d8f |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BT.ico
| MD5 | 6354a3e9500fd25c6b16d06ee185b4df |
| SHA1 | cfc3cdf3c1dffc5b8e00751cd25ec2e25d4ebbbe |
| SHA256 | ea70f8f17623daf8128eeee0fd9b91d942d928e5b20da5e1bbc7a5d7a4be5e1f |
| SHA512 | 941b4b4b61f6475dd10df924f6580fc0b351d6bcf3dc75e8a9ed6ad60d57931379483457bf5d3c998e8fcae23ad110160fd73cb1e876119a702c0aceefe3b486 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BS.ico
| MD5 | 8e52a4c31bcf00be00030a8e22e0642c |
| SHA1 | a6743ce24e9ccc60064ea3629d54593cda7309b3 |
| SHA256 | 2f2cf7125492eb037d8c5bfa15c1584ad8b55047f46e5052b142674ce10e95c4 |
| SHA512 | c5fe2072d1c029f359f79e07835e528f5527ccffef1d85483760eea8556b842449dd5babdad3b6f3ced1fe5a6104bdb4d9a688630bd9e26c8e533bdacf6096dc |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BR.ico
| MD5 | b44d5f3b7562b900379302a2f8abe2e7 |
| SHA1 | 93f2167eeb28510497a4cf6e731aadc1deb783cb |
| SHA256 | 29be53093407af0aa165535b196cd3233e19903e7d07c7487c3590feaf3806dd |
| SHA512 | 6654a62d640d0b20be490d05a871abe2cae150e3ebd9119c656a8e62deb8a820a417c06fad5fcfbbf5d942c73c9042a281affbd9c28240d85d17ffd1af709ef8 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BO.ico
| MD5 | ac44c7d4d6d1725f969c9aea026bbff1 |
| SHA1 | 7796cd8f72ca40280d819cf4512a534eacf35b68 |
| SHA256 | a74d0a96d71485df49614b77a3a232af0c0984443cf2a3efd30d2a9b367271f6 |
| SHA512 | 1a68ed03fd0bb79460fdb2c6a0c3677db9055f17a14da79eb3388fa3d4a61d17984ea3d0b7d69c9bc5b6a39be955fba62962993122d8df860355125b2e759242 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BN.ico
| MD5 | 4af382e98b18f91caac79ae5240ccc40 |
| SHA1 | 3158bae6579aa85151b67ab08687b64467c19e4b |
| SHA256 | 9cb1449764b3abaae85b2edb0e39afb9776e4c662591f3b241b741a502bb777b |
| SHA512 | 0a6daa2b22ee49819d0cda58cfe74343638c62041ef342b08918edd4e1e9e4e90ce2e72a09773b2d9a8859310d237cb8f765fa9658cdfa4adaf1b9e40bb5880a |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BM.ico
| MD5 | d3be823145f7a4b0424beecfff5c9e75 |
| SHA1 | 0d279742a4c5468d58f2d141b5e3922699b165b7 |
| SHA256 | 7f33f4d7cdbe5ac4745917badc34bb93d38a8e5abff6bcdc0c76d3171baf275a |
| SHA512 | 6f84de202333e036d1aa772a82448e3e0adb2b453d3f93eab5ed745b4399b74e07abd3a533862a68b57dcd1982941698545e239a6510e0f59a51a442adbd7009 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BL.ico
| MD5 | a5b94c9bcb4d88d9db4d0a568f80b079 |
| SHA1 | 80167cfe16e20d0eda73b7b4627ce676911814be |
| SHA256 | 8165efe84da8f10193cadb266016cfb6ca87724614d00c70495a7b9afc172caf |
| SHA512 | 5a186a33e52870dbe2e58c889e913315add63486dd184b216cc3a8b2317169e3ffea8eaaf95084eef6ea04a0f3a791d6012bce6b0118143aa514820050577c54 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BJ.ico
| MD5 | 994401f509db6b74c3ba205814ff1f02 |
| SHA1 | 3334f65250c7ba7cbee20065bf4d52becdbd392d |
| SHA256 | 569c37c33bf5fe84cf1766c26c531be1398e80585551cd065dfb8dd62a57b608 |
| SHA512 | cbdf647eebcbbab5df5b8b68ffbb900534f2d41ec2f4d74e53e53eabbd2219caf83dce0cdbb53cd9c126ce1f88aa667439bce5a5a6ae5e6eb07acc8c8740d1d2 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BI.ico
| MD5 | f44e4ff32292c899f1dfc0d40946c945 |
| SHA1 | 3e1c7d81166d64dcd6052a7fbe72dd6a56753682 |
| SHA256 | 84145ca9e4595bdd4838af891ca65f3b88f4ce830f867b6d4f821780152b9c16 |
| SHA512 | aad82aee512ee6768ab98e83aeda9b6954d792e81273594d4c2f46183fc0f7df8c0fc4a8035a43c8989b61690dbebea8e286461b01eeafa3398ecbe61750fccb |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BH.ico
| MD5 | 75c68788c23a5adf9efe2c1b70526710 |
| SHA1 | 3750a765118359dd026580d071da6bd3ecd677f3 |
| SHA256 | 2525fc71eb284013f3add2f13578363e8030ed41fec3a7fd599a96b2a8ba0d70 |
| SHA512 | c2a8ee014d1c9ed3ff09d6781c5062fd9aa2dd233c911358eefc2f27d24cee05883086420b2ecab27138a5f6d0143e045ea2b80a221b30b28eb02ecfe3b6c0d3 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BG.ico
| MD5 | 8237c4778058a9bab26f406b8f06dca2 |
| SHA1 | 4bc2b85679ea7e634af68b4e31135d3205ae01c6 |
| SHA256 | 426c8b630bdc5916c5a687450e90a265d18a1042111c7f26a5a7d85d143044ad |
| SHA512 | b64ec153ba921e2f91146ec1461a75b59fb8e71ddb27dc306144a9cc1aa271e6a61096210f4a3a8e56b45ced2f16343cf61a8bc594b52ccb1d9a0d5b312456ed |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BF.ico
| MD5 | afe862286a0c17305ca72a54bacc21ca |
| SHA1 | e220c5912d11960c8e9ee38f44dca1361b729dd3 |
| SHA256 | 5f865103ca695247ab7ea7e02a1942ef01cd65120973e17fa3fcc3e59f9f7eb9 |
| SHA512 | 33905016ee79a2213a5dd03d553e0245058422d45861f4587f4b3aa2e9562686c209fd1e76575d7614a52388f3308907bbdf867223e15a7fe62d3650b130ce68 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BE.ico
| MD5 | f7ed63c5a74feb0ee727cab8d64e2ba2 |
| SHA1 | d06d03cc1f832a30c3b5ae51f164291498ff4df4 |
| SHA256 | bd0eefab4e51b0beae22d4557f8c43e2908c39b23158900d9c3d38d4a3c27b2d |
| SHA512 | 01bb6f850b6b213e365b55861f6a92442c15931db6989f6be03a009a97151abf066eb1298fbd6d130a7ff47970097ecda5855acd2f15fb750f1e5f6916b06e48 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BD.ico
| MD5 | 7bb2410b8a58504b0645e9e869cb903e |
| SHA1 | a1d49a900e2367817575d581c34a3f4b5282db25 |
| SHA256 | f8d767b5e74cde08d614d64bc51f4d9db90dc056dba1c38ad8b21aa6c598a286 |
| SHA512 | a629b6e3a5fc4cc0499e18139260a7c67c629d76c8264ffd3d99c62154354b50bcc5d73b0475891cf38b90809de996648c211a9c2df0aa4e885e536fe4d3f825 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BB.ico
| MD5 | a272b143736710d954a021e7b5b1fe41 |
| SHA1 | abf3a358da02a0d9786a022a1367d9bf805ae060 |
| SHA256 | f679b5b2dfe2c980b55b713a025936c10260db10254391c5b66dcec51dd97705 |
| SHA512 | 9290ed552de75f080719d3e6f4954234b48cb1bf87952bf62d1799d64c0d0a2419fe6776d5a84f691f877a6e7ccb176824e7dd00f5ceec7da32458faf1ef6485 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\BA.ico
| MD5 | a603875f8aecceb0d62c9c346f250e62 |
| SHA1 | 44b58245d17d8d205e6bc2015965b3ac9374245e |
| SHA256 | b586dd987bd326d24ad3edddd1f649d2fc49eaf96028e62e6e14208591a31a9b |
| SHA512 | 62c218f9e7e30c056c02b0e9e35b39fa9b66faced7fa8c3a14e9636450d271da04aa5f04a627452be03d0df062b38db0bbeb4fcdedb0d7d820d0bb186cb38953 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AZ.ico
| MD5 | 3abcf274a070469b7fd5cc1f60408c9d |
| SHA1 | a2fbdbc0028f398a90b351fe5e3a2e4b31153b07 |
| SHA256 | d3cc5eeabeae7f54a8c5600b5c2354b355492634031e32e8ba981806b0494b61 |
| SHA512 | 14be128eaa0b49b7ad07ad2230732e923a30c204faae1c3afac766088836845fc385a99ef50938f6261456e0e45afcd17c0661345ab72cca8b66bd710eb3035f |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AX.ico
| MD5 | 19169001a889e72fef769900ca7a8b27 |
| SHA1 | e17d9c371cc34d19f05c46d81e06f7ae2159dc7f |
| SHA256 | 5ac8c61a8ad2d7ecc3e76927fd6d52b4f279c4d3a92dd32715395581c4615423 |
| SHA512 | 4c8247ab0f37cafa90ae34aa865af45b6b388fdfa8ab96935d2ae2064c620240dbb8f93c9958844a34fbd249422a9b5751639179697bab44aabda8afc18b0454 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AW.ico
| MD5 | 49d969f363a153b7e1cb4dc2cb742238 |
| SHA1 | 2a8fbfd37be58690dc2e0ca2b3ce04c2d15d6eec |
| SHA256 | f0d730a0d8ce85f049a6d8a52733c506a8cf48584b18838f3d677b09d9c09b52 |
| SHA512 | 97f17ab20ee96ae4e71e31c7864c509ef0b714215606413c801b3608770415ab63d6d5be0980af7231e4c2e270407fd273c36e0e47d524e59126b933fafa4eac |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AU.ico
| MD5 | ae8189b2c04d783a2f68f0204f1baeab |
| SHA1 | e5709598ed08427a1dd83e1d994330bba1b1b091 |
| SHA256 | 047f9bd82ca7e2685c1dca4c065209977b5e8c32f78ee821bcc7aba12decb044 |
| SHA512 | ef1dd8330cf3cfa9840a5902e13c669e6de911ca9f383067506e2c106f05021aa79df60e2a867259bbd1dd056b9367d5814e9bcbafb242d718fa7fe0fe664248 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AT.ico
| MD5 | 8effa2f5bbcecf6415b04f9408c0a65d |
| SHA1 | 3f3249fe921c1d4767b76b0c3a720cba0262b565 |
| SHA256 | 236c59500b9bd83212375ca7514c0d62dc088203ed269e9cd55ca6349adbc8f0 |
| SHA512 | 3f8a1f0683207ed616819a0e42b18e5b02eab0300fcf6eac1c399f0e5475f45d62e0bdebfe0055d411d529649938623acfd4b3b02fe80fc9da6a0492dcd31822 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AS.ico
| MD5 | caba1e66c954bc8d784efe2a3c02d808 |
| SHA1 | ef1d5ba4735c99b55648503513d9ae7393a3a6d6 |
| SHA256 | 4946c58e14318696ea03cf9bcb5d8a7334273c2f9e30173a3c7ae0bb7ee70bc4 |
| SHA512 | 430806d048e383411e36a8e3777a27b7efc1819cca50c7d7eeba662d32351a366d3cc0b892f819b6a96db8281c5e249d3faef13e8a4ec3bef75e67b9567bd466 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AR.ico
| MD5 | bb4f489b2ae1f6601513296357fb478b |
| SHA1 | b8337772e2e17d48412f44373ea8a821b85e9c54 |
| SHA256 | af2f591584f6c59da15fd42e5175dc136844442e1c755fac047b0efae3956c50 |
| SHA512 | 547e0753a1ac4058ec609ddd2d6ce54b50cc47177ee319f5bcc82eca9e231d01d74b7c2d02de90557c08224bed962c74f8c4079a1292153cbff32db234ddf6a6 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AQ.ico
| MD5 | be6fa7ab4980735841141d4d3f642a4a |
| SHA1 | c6d03cda7f73a959a3d20d0e3897595fbe2915e9 |
| SHA256 | 3439ebcdd8e7a614f157f58d7f77d190aac7fe514129a01024a8b68b7008fbb2 |
| SHA512 | fbc116df306de7a04f43cb2becfecbbaf103d6b252336e0bd37f006506140ceb14f114cdf62e203bc12f78c25906066385eb6caa67f694d8526b341bcf3462f2 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AO.ico
| MD5 | a5c78266329a1eb0f3e52bc0343783b5 |
| SHA1 | e0b254e2176f0eab8d2b76213a64c24ba1788675 |
| SHA256 | 550a1b6e2b97febd865cd130b0c0d484cf2fd02b8066ddf6d7290b9cffb35059 |
| SHA512 | 61a7bf67f9019e5f4c653246e1844703619d6421c3625c963862ee9b0b3975b26ce2f785c9b3cc79e77181c098f0e3d60c9f0e21203928117c6cd45f104af36f |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AN.ico
| MD5 | ed05e0515da2b4c11d839493abf8d44b |
| SHA1 | 8862a2bd75632d916fdd049b31f2155ac7894524 |
| SHA256 | 8f641c948721c9e7e92f28224b8b1beeb27382e5bac8a4014a57537dd7543a8d |
| SHA512 | 31613012f4ea1da8d1318f69e6e9a4be068e9e490f01ef0e1f880b33f50d715d92d7498ca99223ce81d6656ccc4293a7fbd272939e99dbc21d62176a6c6d9553 |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AM.ico
| MD5 | 16782d3d013fbdd1277424363dd8a0ad |
| SHA1 | c26e1fd52de7ceb24af6f01fb4486d39e1932bfe |
| SHA256 | faf3d661a09912ff0c1f6cc92dd8775c3d2be31e9a72fe0962c144d679021d86 |
| SHA512 | 44bda0a5d59f1ead6939a6af13b81ab23b28be44a61e7e736d5e21cbfee813a3a44c5832b16036717f0e18a418dc449b5c3aa1e0f05c4830cb3b64698ce0901a |
C:\Users\Admin\Desktop\res\GeoIP\Flags\AL.ico
| MD5 | 5dbcdfb9a2f9120ba42006c997e22b42 |
| SHA1 | 01fe537ccabec19b252e07ed6ab557a46a70e6df |
| SHA256 | 8f726d2132b2b7764936aaffb52ef7b0271abf857949588c36b32fb3c769bcc4 |
| SHA512 | 519b0757a1bba205915aea9f8bb715072420fae126a4917f146c9ea7567fc231d74f93ded8dead86dcffb0fc293de1a4c85a161dd894b490e57806df67cf01da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6053f743fa4d592cf2b1e69128cd05a7 |
| SHA1 | 61d273d7138bfc5ff3a0c2974baed14f5cf44568 |
| SHA256 | 4a360a2dc35f34f5d8180aa21fbdae96b030ef967ca9ade7c62e62486e8a7d90 |
| SHA512 | 6efbe02a7a65a43150eb38632dd80bc2a52b1d5267040533f7431bd61ac1e51f0fae6f276e0c1e8349fc9ef2602e8c7632952ef3509a07ac600a1557e7028072 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2deaf98850625c9028991d4ca1e32cf7 |
| SHA1 | 127dd8a5f1914def9bd5a57ae95697ca3b50d510 |
| SHA256 | cea6da723663b98691eeac2d416215486b91ec86a20228cea820dad9c5bc8dca |
| SHA512 | d69a386bc0fcce40b2116508c86a1e01695772631c06d3b2ee90c883dfd79fffff075e79c7204ab26b92fefae3b7991f9ef54c929ea990c634d7d164c81f7eef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 83de6d7d7b69408be5a3bf878ac72520 |
| SHA1 | a207ef3de989d9c940d2528f3d0610ad65785f90 |
| SHA256 | ae6487050e7c46122715aa4a3e157d3c69fcdd3125c18fcfcb4bb092a677632a |
| SHA512 | a08846ac7456ebd89c1d61e368c85b52cf973c9cf669466993cc2bcc8983bf49628dc82c56b7c6302ee268a9bfc647e195c9bf750f3ca2251341ff0f6a0bbff2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97ab361e157ca021f806f775e64868ae |
| SHA1 | 093fe05e5cdb58f4969e2c1c81917f30c9ec59dc |
| SHA256 | 3f116452ba47033618664f6bea67a24601d473bfdaf080fe292ff216cb5393a2 |
| SHA512 | 8618dfa0d9f2d61bcdd65210af2f9f3793b5abc75f1122481770adc9a1508aedfef5b194181e49795b1051f8d8fbd9121eb595ac75f56ca1088fae4adc78750d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9573248a3eee2639c9a41581f894405d |
| SHA1 | 4d3f7a24b733377e5ccc601875d6a9395bb4dbe4 |
| SHA256 | 7c307ea4e331483a54bff91ce9cebb856a9ad25cb4c76f6644a7038d99828701 |
| SHA512 | 5e4e74f34201c295a581b145c8e2eb7a5c4ac7350988115ae521b1d8b16bb0fadc272cee28fde2cdfd1b190278994d42ec41160044440a172b9547aeabee27a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7dcb1480f737b3b292a29089f95bf08c |
| SHA1 | ad8ed0013bd0eba87ed88e35be40e13625fa8d55 |
| SHA256 | 6858f38882fc2162f843a4c6629b21057d6b2c217cca2cabe04620efa4a3ed76 |
| SHA512 | 2d9d6cf0f4bad2b361797935421a68dd15a27451bfa4c4a4658d576546ccb45449e971e0aadd3fb78b55fe70faac83af339c8779ece253c36c4588a67b9b8062 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ec950f78ad97681bba7cddb99c1a52f4 |
| SHA1 | 5b1adec2180e5bc91edcbbb41641b896d072e2b1 |
| SHA256 | 343ae49d958c8b5deb47afc1ca1f7a4fab7c4221ae06c87436f73aa07b4fb13a |
| SHA512 | 83766dd7ba0b024752b5093e751345171015a6244f89a06944980385e076c88416dbae7549ef80ef5716182233d2fa275f745328da884585083cae8947063971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f1dfb16018b678db96b1130219f7d0af |
| SHA1 | 26f6eca0dbec944872764437346b9d2778cfbc2c |
| SHA256 | f4fd98a8a54113d3ff6d73c29587beed6598a5c1417967f06aeb1a2c3b0f56b3 |
| SHA512 | bed2e2bfa01bf45c41f289aa6dea324d6c42db9bf8df80663a879ed005c07615812ea9dd4b62173d9ce54a439833dd4c2e4299eea8e5e9d8f1eb0852e44973ef |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\user.config
| MD5 | 79ceb3d3398192b9d52e10446c71cfab |
| SHA1 | 00390a257c386a3012e3bac1e29a56b3d97050fe |
| SHA256 | 420526b71e9407713eefc1dd4e425b769ba5e589584783acd294ab03d720fb80 |
| SHA512 | 80e70b409f6a7faaa16d39a0dac99a357154ae4615120523d05f9d6273ec6aefde9371a47c60d5bba1b59be43f4f6b3533c9b2a84c933c60b4b4bd02bbd2d32a |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\user.config
| MD5 | 0e2a3bc0d50f2c4e1b35f02f499cadf6 |
| SHA1 | 4bb1e046c81c955242d7f03d643d8fdf34f95012 |
| SHA256 | 7d46365f5df45465a6ed17682f80e804d46b4d15bb9f095af4f3d562baf88b01 |
| SHA512 | 9f4b7dc22329bf79cbff419f876b5ea58f4099878349c611bbf650b256eaa1f19bbeabbb5d17f93294af983c376a670c457014e07f7b6434a24764a0e95b2b1b |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\user.config
| MD5 | fda0256e807c1f8a6018064748ba4bec |
| SHA1 | 0084a83e1fa9fba5ae06fdb06b7f8bfba7c6096c |
| SHA256 | 6ecd9ff3e84fbf17c3004d60c8057e3759b5efb934a61a7583ef578672719b0e |
| SHA512 | 14b1f2074a55aaca462792a68dc18f7e9d7ec9aaaecf240942e8205c09e3678269df7f442195a7c59c12d05ba9ee6dce01ccafa534dcdd471f3f51198378ef13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a4e211d83adcc1e2ecec92de99ba72d1 |
| SHA1 | 9c1446523396aff65d9b045f3c2f3cfa47586567 |
| SHA256 | 180af4093b3f3b8b96ac514b7fe866dc282fcfc18711f41eb8bf7d1bd29fa7ae |
| SHA512 | f6d5fd25a1dbfca7b7f797ad17e7ed4a9b4a67779e3425573dc58f7af8980e7b85244d270e67967b8f11deae4e261a82eb4959f2b4edd2e99f435dd3d60c2aeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 630bc4d40ef42919d75d683d23e7edbd |
| SHA1 | e73b007d3aa675ad1df78c210679e366c6d602e2 |
| SHA256 | 83a1b25107cf995441aeeed35056ba468caaea325ad7facd6bf08a73ef60213d |
| SHA512 | 354e5060406a66e15d857308128f572344c13406f1968544484dde59cbae1e934e075a62534c582c9e2fdf71fa9648e26a7a87d4cb249454585b435aaf0e85cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d59a7732fbdeae318c87e66346cd7669 |
| SHA1 | 416407d39ddf53483ad391cbca1072d12fa51a11 |
| SHA256 | 7a1a58b851293b6d5239ff46dc8f5e303115318d8d8a2d65dd984b37bc74b7dd |
| SHA512 | d138dab5f979fb3e68447fc7d93b5dc2c5c75715fe528d81b0ec49d540d8b48f48abd5ac53098765911b975c5a84ec3da4fe65f4f717850fdcc3d61eff69a0d9 |
memory/1284-1823-0x000001E8D8690000-0x000001E8D869A000-memory.dmp
memory/1800-1835-0x00000174539A0000-0x00000174539A1000-memory.dmp
memory/3620-1851-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
memory/3620-1889-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\imageio135146028544651280.tmp
| MD5 | 90abb5ffc510020e28f372e65174f156 |
| SHA1 | ac953f53bfe02e3ee01b8ec3e12f11a9fd1514a3 |
| SHA256 | fde815fa5c3267d58ce96698035dd6867c6daa573ec498dfc755c60f9445a677 |
| SHA512 | 573b8fd6d871f5ab20ffb0ee89ce1cf9c3b39554b3fd56d256ba515ab0bc8e84762fe30d55c2b38a8df2affd0c04285718d7cd3793cbaa7013ec2fabe041bd1a |
C:\Users\Admin\AppData\Local\Temp\imageio1771153999424049102.tmp
| MD5 | 5708b98917a30fbe3884fbd5a09413f4 |
| SHA1 | 54bcdd3a92b650486455ae546722d88a84a893b9 |
| SHA256 | 284958599c67afeef5baf8fd3ed8ace13f4c38091d9faabae24db3fc718e8159 |
| SHA512 | 6e1845c7f532a831a8cdc871d6e9de1104d956bda7e79f607b058fca501340a66f524b9c937a8f0ad348a43ba8910215caf6e30c5392ec441dca2fbadc89b8df |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\res\values-nb\arrays.xml
| MD5 | b08c88bc21c13c5f8c45dff311952146 |
| SHA1 | bbedfbe0fcbe0aff7598a1aa3a7513c11081bd17 |
| SHA256 | a10237208bb459da1f2dc89d8a4b379becb18c1f88af7b3385e98914cf1705a4 |
| SHA512 | c9a5711cebc7c304254e9de62e55a2f7ecb8ebabc1d30b00221df892f8bccbd39b45eae2534325f390cb46be550d616d935343160ddd75f83914f2d06d31eb48 |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\res\values-en-rAU\arrays.xml
| MD5 | 4cfad462b1615549c9e1f6807801ee42 |
| SHA1 | c3cec737349b2695302dcb7d2682fce28a98ed79 |
| SHA256 | 5cd235c8812d43392ddf72a61509fe08d4d5e3670ed6b9f209f0add22fc59e3e |
| SHA512 | 6fe89268ca5e89af5f56a74268bc557a45abeeeeb956f2dcb2e10cfa6a89a89908b191fbb340b35e6bdcdd8f3309dce8e985265dede42c05a73eb22ddcb2f365 |
memory/3620-4831-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
memory/3620-4825-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
memory/3620-4841-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
memory/3620-4845-0x000002C63E0B0000-0x000002C63E0B1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\smali\CoronaProvider\licensing\test.1
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1bb0dda117f50b41f9cc02fabf4764e5 |
| SHA1 | 59ef2be8fd4af71032f4a365a2f9d23b13f78c72 |
| SHA256 | 0fa9ce5bacd6100a971267ea6928dec439e689f4e04056215fad34ed4d274834 |
| SHA512 | 614475d141f23593cf05b0d0c3007ef535cd9d1ed3041f7eca04d2707ce3b0f41b95d586c1f1b87a6c4afcb403ab11ea0dee9a0eb2e3eb81272e7fa84acb1d46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3024617d1a155212a0b1d3e1d84c8ba6 |
| SHA1 | 1919ae4a30e8b4740f03065487ac6f293aa04633 |
| SHA256 | 9ee3ff0e371c2b14d226b55ddf8d1c62d505b72ac606b1603a56c5b02f67a68b |
| SHA512 | 32a9811680e1b7a5ec53a870704671f1a1cf448ff9e5cc6dccdc81de00b50f86e9e1b631dba2ab617175acf90d1c9a4a2d55f9828a23ba13c31a6a7693a91b88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 86a0f2279f4f125e1828747cb6853b1b |
| SHA1 | 675cd825d73243c990c0f38727674a9caf4c5de3 |
| SHA256 | 7bbfdaaf2e586b98c3a41fa9a796a05852869ef204ba27fcc31d4f7a3f089164 |
| SHA512 | 2d10e85a313ffe3a342a0002ac308551a787f5fbb04f59a1397366d536666759a981d7cda6f40bab798c12c5201692e36c0c01929a5a94ac356db876f3e6f063 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 23ed9e431f36840ee36352ec22e52bea |
| SHA1 | 74636b6768bf2c6f2c8573552a51cf440c09e079 |
| SHA256 | 9ff193f35601788f045fd8add98d760846b044b1afc6ec725fbf2aebcebe2efa |
| SHA512 | 10be63c7c59f2ef132029f724db8c8a53ef1881b1592d1567505112abd52457edef468093591a06efd8026d9a7365258c871a86256746eece3250f0d4177c880 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d9c18336c951bb41f0c4146899ee5e34 |
| SHA1 | 4f0454908be1eac6c292883035ca57bbe7a2a3ec |
| SHA256 | 593982c6a0f43779b8115fc566051c2f0c8fc3b975081e483ce7a7541ae87fd0 |
| SHA512 | 92a05075d4e60cddc9f7bfe396c3ab86959ee7def9f40697b84423eba667730d8fcfff727872b71819d0949d89203032c1843d529f8941316dcc4a02c586c45a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 967d22d4de7d92fc29469a343b0998a6 |
| SHA1 | a4aa51242e87c8d44b54d570e27e71f7ad307d33 |
| SHA256 | e313d65bbc4139c09a6239c61d8183c523e5227cc9ef26ba7dd86a0ffa7c926e |
| SHA512 | fa17fdb51fa27138d8024f6a87d851a113c5c677a7178bc2fde1c3379e86445e69ca30e8af6600ff70ac5ed0c68cd3b4d68b1f2bcb41f025b9c9c3c11c1fd9c2 |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\assets\audio\b4.ogg
| MD5 | be025145114eda5194d073e177a6a84e |
| SHA1 | 0b8c8876a138de27d8c7348cd28f5af53233665c |
| SHA256 | 7236c5d7a43ba078a0a8983a2a06b95770ff2c393a68c67ee4a605d1f7a69d3c |
| SHA512 | 4b73d78dc6266a93e1dfd91d01023ad142d025cdd51fc9454101eb990b3f72b9b68cd23ddb4a5e1500f369d33aa02b1c9ed57528cb3e4b2961b62989aac24d26 |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\assets\audio\click3.ogg
| MD5 | 15c3aa04558ad3b00d56819ca5a070c6 |
| SHA1 | e20787182a80e4509aede31912065541618af683 |
| SHA256 | 7dee60d39a7b72a1ce942b0c0e863aae09d8008900170d3f0c83d6fbb0d5b5d1 |
| SHA512 | 28cac88b10d83417b03117c183ddc964877b106ff503f2e22ba88390259ef80823785908a56cfc40e3da0d883986e72557ee13ef75a30aaaa70536ad0f367007 |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\assets\audio\h.ogg
| MD5 | 7e58e0a938b81958dfa2fa59e3f91deb |
| SHA1 | 32acd65b1c818211c5bb8478f1026ce37a3dfafe |
| SHA256 | 66ac310a08e13a9c6898d712674a162390d58501db00d5c7d32b19d70401a222 |
| SHA512 | 9bb9aa60d1f44bd4057fff5c30047afed1fdc62c1738929a9597354a5c13bffb23b0af8a5223974ea110b371966c33fa5abd12664e8526d838e510fb8be05efc |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\assets\audio\m2.ogg
| MD5 | 5303eae5eead6fd57166be4574225ce2 |
| SHA1 | ea402cf0a9049ba8a2122de14c1c25ba821f1833 |
| SHA256 | 7d6b0bc7ce45052e105d53948062a3031f37e53260a6509ae5f5b462358ce23d |
| SHA512 | 3f28b760cd8934b5344580a776272037f4529c65d8faf2801bbcc5a5e3d207c2a969278d9732d80a06a17b04dfeb0de1096296ed47edbe4b5fc06ab1c780e225 |
C:\Users\Admin\AppData\Local\Temp\CraxsRat_jector_DRyAYvpaBY\temp\original\META-INF\androidx.datastore_datastore.version
| MD5 | c9e47dbb0e1927076ed7b2e1ec157be7 |
| SHA1 | c538b66c7110ca3a028ccfe422d0f1fa200a9935 |
| SHA256 | 59854984853104df5c353e2f681a15fc7924742f9a2e468c29af248dce45ce03 |
| SHA512 | c6e5081ce77f5971474ff994acc1b8887818f3007a4e3db32c91640203906f0bd2df3012441c9e1b6c1ae4e54dfea465ec23034092779cf6852aece45bf1df21 |
memory/1284-57871-0x000001E8D86B0000-0x000001E8D86C2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1651536797eb51a69f42d1dc53b8918a |
| SHA1 | bf36177751b0cc18b6e96dc44c294949f232e25b |
| SHA256 | f1aed089a026d7b0e1ebaeb7272a9a315f1bccbe575af907763a2f782a39aee1 |
| SHA512 | bfe626259f3597b173621953b099c89c206f3d459821c31667cbe230f122cb4a0ef24d7bc36e3b0f3510071d10e6c821940fe0a60a37897852ee71f2227aa181 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1fb85ad3fab8097687ff3edc7a7b12fd |
| SHA1 | e18849dfb72b36d12dc979d543c836da86682a77 |
| SHA256 | 2467c7e82115e752d1616813c1285a2ae4b41f2d3d6f912f4aefac0a89fd85d7 |
| SHA512 | 4b96eaf61523c7901ef574f2f6d578b4117b6b84a520c1cae6db05fdfec6b83c27f2853914d00ab39730de910bf2bc9e6fae0a93b8ee0ea75c6e7e2b4ef405af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9b0876cf832d18db9ba6535cd4e94ca9 |
| SHA1 | 783d007f4a451861a5df721a063b066e5dd6c4d2 |
| SHA256 | d76815e484829385e229d58bf6be08c7dcae8d4b2e091cc4d140cd0284e61bd8 |
| SHA512 | 59f777ce060585a0933920a230fbdb1598f9ed16d9790b581d964ee196a6a6ddd3985f69f6613f840e2108e798ae0a3653b41597e4d35935d55720294ea287ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8ace553184346c84bd4055a84afcf3c5 |
| SHA1 | ed6572e4b40ecf8485be82b76746eec8980afb0b |
| SHA256 | a9154bf6bdb331c6a41ac1191e9d712397ff52f717e8f1531b74c912ebd97773 |
| SHA512 | e7ea076c04ac9a351774d71df52d8e8af66bdef293b7a67967a1959acd8d4dde647737a51b2f53c50df49498eb6403c26f2e8404aed5c5f72577f00a45a1122a |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\zgtq4jgn.newcfg
| MD5 | 9b15647b25fec396b5747853374279ed |
| SHA1 | ef21dcc503951225876b743fa6ff8dd0a5a85a91 |
| SHA256 | 5eaa49d0b120a9496860463a2ada201d08fc719d4093884895f51f18a18c7d2b |
| SHA512 | 7eb1871e3bbf24505b06e3f626819480c93049b6d0cd2a8ca7fd6f5552c321fd7895aa872d1fe51dd5100a36280acfe2a00c5eb628684992fd5b90dc90574ff9 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.core_core.version
| MD5 | 2633bcfd72a07696efee526bf5b21aa9 |
| SHA1 | f9eaa1b9ded3195ed314f3da14875a80360e328f |
| SHA256 | 30f4611383aa30a15753789f40effde81332f2f8714e6d3b2940bf0fc4592377 |
| SHA512 | 50be4a49f862cd3e8d863cf516a5a9fa1a9705be8655f57ee8a7de1c89ad7fd3193b392caa1ec4b71725f5da47ebecac93cd5a3117b572bb0e627b52f65f9a66 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.appcompat_appcompat.version
| MD5 | 4049400e232490d58f1e26d9ab973a03 |
| SHA1 | cf744bd007850b04601dc865815ec0f5e60c6970 |
| SHA256 | 1e5b51cde515396a9fa762909cf8ca6584ccc564b325d2eebeea76175fe95c4d |
| SHA512 | 8da6b544889de1985ee82a224a8a8a40dcc4a2eea849ae98a9806655a88ffd5a9931d910cc0b0463742dafb10554c3e312565f0a4829fa6fb723033e227309aa |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.activity_activity.version
| MD5 | 0088b569435cf5183dcd5e57d7e6f1bb |
| SHA1 | 4e14bd237419e980f611f57a8b1f58c95dc30ea0 |
| SHA256 | 249182a01164b81a5f7af87e5c5cdbd3344a80a7a66dfca624cecfb1501b2420 |
| SHA512 | 64fe7b8b4447a4ed13900c9b8253627fe7916109d39e605aa18fa78c585b19bf5d4f242d4e05a6c4f957d932fb73c6b9743d57dd8178cf5f6725728785b90b5f |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.fragment_fragment.version
| MD5 | 30a04cf33ee91a3ecf4b75c71268f316 |
| SHA1 | 05e17b646a817240c206186f94f8f4c70974d5dc |
| SHA256 | 1575e1af4a95f12f70b4ee6a6adce8160953d93ea17dc2611b90883ccc3ad3b8 |
| SHA512 | 45068042776137c07c26a0a005777fed7966ee689c1eef6a4bf3500857aadcb026eca047e6c0665482273dead269de7c810ccbf5753aa71703ae79272f278c51 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.privacysandbox.ads_ads-adservices.version
| MD5 | d308909cec41ffd3e90b37b10836228c |
| SHA1 | ed66c9cdbfd1abb0db9e4cde932068c13739757d |
| SHA256 | 6a47710af8eced6a36ebb3e6382b132c0a90e2eff666e93fc9a5ceb8e00c1601 |
| SHA512 | cc3c2cfc589c910741dcc590373d23ee8667333cad3a68073b0e0885f7157ed544868109adfd49a1b0d6c163ff97ff8a6e57d7ffab141af66cb067cbe8bd7d5c |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.profileinstaller_profileinstaller.version
| MD5 | 0589f66713bc44029a1a720b9a0d850d |
| SHA1 | 2fdf7d04f0372055c9d77ca43d9a3c08798905f3 |
| SHA256 | 64d23f858ef51b0f996e4966d4e27c0371b437e2d2787890b1f7ad22d4ec5663 |
| SHA512 | 31b29544fc93eac2109cd1e4a617b5d5cb361c0ba608a954e873a64648e93dd65c7b4aed7f4b687f85c47e9909852fec93b224d929babde1e0145a58dea33634 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.recyclerview_recyclerview.version
| MD5 | d4ec81e89b0e7cb07587d71e22c6788f |
| SHA1 | 9576dfbd47fecf72420d42171d6bb7a2e728a1d8 |
| SHA256 | 6cf4e084b47f33c9b02ef79279d157833868f8f70514169a768be353ee328fea |
| SHA512 | e3ca200319bb0cb2e8758ceee10cfba0acc73c305cbc75be507dbc51c2875d8661b0ce0ac0c6d3b5abb9d8ea66631b659b02bb92d29ddea966f0066e20992803 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.sqlite_sqlite.version
| MD5 | 1a00e191aa1988423a795d26c06cb785 |
| SHA1 | f97b0f811f25906ab78f1aa58910db5757c64c58 |
| SHA256 | c89b87c262e9d5ffd20e73aac74a1772adcc9f5a21682cc33adcf5086e5fef5c |
| SHA512 | 86cffcafaa10e6dddb11081200ff54677f638fa313f35375a14b2dcd2da1b06503bd39cf84825d9dd94cd69cc2fe60e0fd89e0abafd12ab0e5e86989fd30a0c5 |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\kotlinx_coroutines_core.version
| MD5 | 91a5707680c61dc2aa1164b867e4d795 |
| SHA1 | 348b6913760dfd78a9394bc38c5a8fa7528208e2 |
| SHA256 | 18ba3cd396b304c3bf6ebd743e5adbd9b9b5b2a42f553e7f74e0bcfb5495a21f |
| SHA512 | 16db427d8284508a5de5b86f9681f24f22f1c33412c14b9dfca90c5c0af31621a8afe8a870b74d2efd1c53598a4d26eba6a3d3ad29aa573ec7baf7c3559efb0e |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.work_work-runtime.version
| MD5 | c7b46c48e218a9fa48dd337a91bb3490 |
| SHA1 | a8c86d12b1459b66b47ef640f3f0c87822c25901 |
| SHA256 | 362148d7721ad4a1bb64981ff8d604ef7f4d22267ea8845042f54f90940f24fd |
| SHA512 | 294108697ec66acf16af2f9518c5999605a8585058ad25dc9303029fd890e6835b2fcda23fff2ad60058f8f6a8a19c945d998e4e228453d4946e395b9aa2055d |
C:\Users\Admin\AppData\Local\Temp\AET\Cachede.stollenmayer.philipp.Pop_1_1_Android\META-INF\androidx.versionedparcelable_versionedparcelable.version
| MD5 | 375e8a39ec9331ddd89c8acbeb620028 |
| SHA1 | 3b1c4a149729cc044e1a39df31b3628cdbf5f895 |
| SHA256 | cc52f678848b814373757b460383bf61960e4943c203735adde0a350b3e50989 |
| SHA512 | 32bac321e3df5237d7e66c72179befdc5ce68ca80eaa2766705c31d84d20e0409df49a39a521c2bd7e6783513395834c1a75240f97f2405a5fd914e1e15864dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5609530bce44d1df64b672d39f0e4f8b |
| SHA1 | 346e07480e53662446598bb3a77047797aaa98a0 |
| SHA256 | 1c6e413fba086ec33bbc931160f7844bfeac87ab20778406fe7ee22dc43c293d |
| SHA512 | cfeafd41445d1c7667f793974df001f440e00cb68d97f07ab290908a48add41f9854e4ca89c5ce4eee620338c85cd117487399d41477bdc4acfc6094562f3bd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92aed71c37d9742b39c0de37e8dd4461 |
| SHA1 | 928ab1003c12f2eafe6e684b2934703991ed29a3 |
| SHA256 | ef9daf30bcf42e35ec9353ef03f85a19f0b3d7dd8a3d398b3faf3c2b406ef5fc |
| SHA512 | 1ba65b23acaf8dccfd0cf39aee59c4e09e3d9856fab3d13c7b310dc6b7815e61fe9c2f22e353c2a34d3f18e61f00ac4a71f9019ae7a9bb024d22dc392d7e3552 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7890fbe468dd7d0cefcd273b99b024bb |
| SHA1 | d62ae06d3df2e4b05de7408b583e6cd857a3c7d6 |
| SHA256 | 6c44e4c8b26d563083e868bd6b85e94c607087d2411beabf404294fb2e4f754d |
| SHA512 | dc623a6425f262d4e0c4bbe73dce30a8e5a08ff20a5bba23d2e846ea0f38f49d404991e77eab8aed3994abe948414d33502ebeb3de156b553d8e23a648dd9e0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0da93b401132f70d459c7be7b590ce0a |
| SHA1 | 910c8b863ed408a24453c51b9ee92f9575c020ba |
| SHA256 | 023052be0aad6d84d0270b0e8bd6c2096eefd06e13650e8349255b36bb2df98e |
| SHA512 | 17689fa032ebdff7d0b96142c66e7db802fc19e5e9e34cee128ab21b1af33a60473b7aa156ecae18947b5603b5ef97269d29c4be701749268dc9e29c74384897 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7088ca128eba5d122c2127c8f713bb26 |
| SHA1 | 59183c6e018b92cc9e2c474439899f5f0f129b77 |
| SHA256 | 53f7b4254540fc52cacdf9fd815ec75c58c4c64454e710973a6a8170e690ace5 |
| SHA512 | 03a53345650aa888f21ed21ed04ca43a16b33eaac63529348d2c0b6805d97431a76225f01976f7f5921e92d697d11dff2010f7521312ad14abe94ece0c30a0cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d22073dea53e79d9b824f27ac5e9813e |
| SHA1 | 6d8a7281241248431a1571e6ddc55798b01fa961 |
| SHA256 | 86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6 |
| SHA512 | 97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a93e3db4-e34c-41ba-bd94-5506aca83f7f.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0f4fae9128c3334141fc958361ec6c82 |
| SHA1 | 19e6ef3e0b99e5ae7fdae9a21ed56fe8bee79fee |
| SHA256 | 1214a8809fb49122a9d18429485f4d6bb27c476fdaf9adaef796012e32ec8d0f |
| SHA512 | 7cacdcbbeffd58625f5ef3ea28551e7f4759f2cac0a74488dd63b902cdaae46d7fd42700da4284dd7700373d30d414d3cda2eb6d1e74720cfd6fb56ab0c20ba0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5253468ff7557cf6d4a2123ba417e7cc |
| SHA1 | ec03dd2f9eb5b2798be563c8641dd979316e5322 |
| SHA256 | 750839254ef9cd2930337f94dbb52a20b4396eb68c8c71a7e96ee442959e1de6 |
| SHA512 | cd37e00f2d0c2b93d589cdb3c4491a93c29b4a436c74252f6fea4692ea46f4571241db1b57f9598136ef42864c043984484c83021f87d729a23670a8f38450f3 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 56bf22cad7c5d32f296d14a8aa77422e |
| SHA1 | 714cfd94a319d887cc9c77f22c2740949d198ba2 |
| SHA256 | 31097220d5a829f7aa212c98986b7ea9f995a29a527bb677457100605d970849 |
| SHA512 | 964270fa62abf7a5af0b3de35bc5ed0607d8db3a3c5dfe2174f0dc74698a13a413ef15ee4d17329541f662bbd5a04b0fb43e27e83d6e169e3b73d8b991a7ba0c |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\gkctg5oh.newcfg
| MD5 | 1ad868165f7c8bd498d2af6aef722e9e |
| SHA1 | 68ce06c30ee3a2b4583ea3f061f0f844e25a2501 |
| SHA256 | db83ec5f98e1a379f34b5648fe1a5608f8f8381540d09e234d0876c607dd7c9b |
| SHA512 | a0fe482a26d7fb0a75ac7b37d09396c0b9eea65b5ef93a23af258ce5f1563f6b8eb0f6c7f075e3b9ebc9f2752e38b127d4483a860dbd6b98584cf55d9bb6b49e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03b85a25ec02c119df5d43c169b2aa77 |
| SHA1 | 7231004926edd36b820f170751f4b64527d04745 |
| SHA256 | ceb2d734a1c5af97cae6057e321c2bfcb132ecb888f24e716518f4c4261b8669 |
| SHA512 | f388306311deeeb4e7373e79cac05d53794519afa7a1e305418b7f2db7427083214d6e93d13bfb9765aa169f93f603e14913fbf9c96781e3dab38c752b66341c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8602ac31730db95cf694195e63ff30e1 |
| SHA1 | 2f048253ee8603ee2c12154cdeec68fea7b0a71a |
| SHA256 | 06c6ac80eaaa4865e9a96802f0a296e0084aa6a2e8571032c6a38f6f869629a2 |
| SHA512 | 2c1dd3951f00d6e5e1b6662257c41fd04c216783d41fae201a2931097f81031753d68f6a808a48725e9ad07a13e71974baa1a0418d3ea0fc2fab3156244d9bfd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9fd1339fff11b0c6d7716ad3dc6b94a3 |
| SHA1 | 2e7a21246096ffeca5cf2dccba6f6c645b4db50f |
| SHA256 | 27e385d6749bbccbd60ac8fb9119b7365330faa68b5ba93cb01ca04ed28a2074 |
| SHA512 | a082684fae6c712583605a015cf87f61345987ea9bed7f57c85b86400f81ab06a321c49eccc74423ef430c38c0d8da0aee8314afa785603e23b776bdb8a109b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6e764c8015d651d510ce7ddb2aeb37a |
| SHA1 | db323362a5306b7cf9062ad7c2123fcb149a784f |
| SHA256 | 666e13af4b2d5d48f31803e3ea525f8a84e201d3e2a626e2109a18e37f5d7d98 |
| SHA512 | 70e0e0f6058ae88c89832d84cd478fa15266998ef1bea3f839bfb44a2c5575f29e7bc33b5fc2f4c9b5fc78051b4d9fcfcacc5af6cf72fa4ab46daec898a83bf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44c2b7463691bebc7f73f164cd4f309c |
| SHA1 | 3df9bff2d7aa1a40d47a9d111b61ddc894af31c9 |
| SHA256 | e33b56d723652500c77e5332d3e4c6e8cec777152497b8b56d2309bc2295ee74 |
| SHA512 | 75629931b0f70ff7ba594ececf4c985275e77240b5450ce2b9d8b8fccc7a75febc0b945eff534cdf4470641dcf537203670124f4b4205864226a1c30054af7aa |
C:\Users\Admin\AppData\Local\EVLF_-_t.me_evlfdev\CraxsRat_V7.4.exe_Url_p43x3kxcg1uhy21hsp3zmxlnszo5l103\7.1.0.0\user.config
| MD5 | 571b91e1c6c5eb3705b6ce2a860b57af |
| SHA1 | 3d8e496362ada6af651749fef78c70aa1d0ce497 |
| SHA256 | bc0b0fbbf5efd258da96206f849d1092d845110a47a2b13cd1d68aa2d991dcf8 |
| SHA512 | 495572d8f72ea69ab24928c08c1065e25f318225e13b656b6c4c0553023d2d7eda8217ef73d6b40117735f0532b95bf29338912ec1e3c97e4883d170a0abfbab |
C:\CraxsRat_Bilder\platformBinary32\lib\images\cursors\win32_LinkNoDrop32x32.gif
| MD5 | 1e9d8f133a442da6b0c74d49bc84a341 |
| SHA1 | 259edc45b4569427e8319895a444f4295d54348f |
| SHA256 | 1a1d3079d49583837662b84e11d8c0870698511d9110e710eb8e7eb20df7ae3b |
| SHA512 | 63d6f70c8cab9735f0f857f5bf99e319f6ae98238dc7829dd706b7d6855c70be206e32e3e55df884402483cf8bebad00d139283af5c0b85dc1c5bf8f253acd37 |
C:\CraxsRat_Bilder\platformBinary64\bin\apktool.jar
| MD5 | c186ee0c87dbf197456cc010aeba99da |
| SHA1 | fb9f342bccda27ba17b737b2f8e8fa77ba9f50b9 |
| SHA256 | 7b4a8e1703e228d206db29644b71141687d8a111b55b039b08b02dfa443ab0f9 |
| SHA512 | f6268c7103e6c2a10416fc039ba087b9129a699136ff172fd5e386d46c6a1ab24e4bb0562a4e6862f0f2201877caa404ea7afc6a08501d3da890bd9fdb086c8f |
C:\CraxsRat_Bilder\platformBinary64\bin\server\Xusage.txt
| MD5 | b3174769a9e9e654812315468ae9c5fa |
| SHA1 | 238b369dfc7eb8f0dc6a85cdd080ed4b78388ca8 |
| SHA256 | 37cf4e6cdc4357cebb0ec8108d5cb0ad42611f675b926c819ae03b74ce990a08 |
| SHA512 | 0815ca93c8cf762468de668ad7f0eb0bdd3802dcaa42d55f2fb57a4ae23d9b9e2fe148898a28fe22c846a4fcdf1ee5190e74bcdabf206f73da2de644ea62a5d3 |
C:\CraxsRat_Bilder\platformBinary64\bin\signapk.jar
| MD5 | 947070d11359bc1620536489b366f446 |
| SHA1 | 9dd3a070770a55b92d00bfa519960535845ba374 |
| SHA256 | 4295ef085c0de5cbd5d8e4c73126e948e20d3126db26a4f60125864c15f8b8cb |
| SHA512 | 8089650da841f10b9ecc33e4d9725e05a06e22821f0c023c1e1eb814916e313142094b52b1396c841d17a4d60a952450399bfd91748dfabfe90476f25cc0a6d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4eedef166b692923163427ae7aa2165c |
| SHA1 | 154687bedfa817486fa8a2862559a02d58e0b4a9 |
| SHA256 | b2564938dfff69245ee9dcfefaed0f267e9c6e7754777aac7f50f6de9759ac98 |
| SHA512 | 08892003e6f17ab355046e9d5d4b19d60980cc96db2bce851b8f09aa21f625029da181a7dc08c10492f34ee074af373e283b7307dfd93b89a7a8df099f98da82 |
C:\CraxsRat_Bilder\platformBinary64\bin\zipalign.exe
| MD5 | 81685347e5b418a412472456a2492046 |
| SHA1 | 625bc3215df7635649454af2dc3db7ced6626624 |
| SHA256 | 13f6f6be7d322483c967f79a35683baf024a26b5e7837e16e58c2d9626c8678a |
| SHA512 | bf1a91670948c8e76ff0d5ff84f47ad359d9a9c713577033c26c76917d65a0d497d5b0b7dd3614f560664ed24d92669b364a4d4e3bb634e4986831401b05101e |
C:\Users\Admin\AppData\Local\Temp\imageio4363781934357861625.tmp
| MD5 | 01a1baea228fbd529094d3cc4086f5d0 |
| SHA1 | 91c4f0ae00e993be974629367bca29d7a96696fc |
| SHA256 | c8df22a232207c77d742250092217cdc7ccb4a6a56582fabea838c1d80171613 |
| SHA512 | f4e3be6f67f0cb412c8fbff06c844eccec25694ada161a3d9d1b60e9577aefe27ef7f59e172519082a2c72861e5ded6cc2768ef77f7e9e05f28371e1c91f4491 |
C:\Users\Admin\AppData\Local\Temp\imageio905839355980645203.tmp
| MD5 | 44c8f3a568c83a646e91e21d2480b23b |
| SHA1 | 0ec25e577b8210e14c91220c91bc6996e33ddc01 |
| SHA256 | e87a608a352f6cdb810d4a9378e2567b37de60847a3e8f0fe67c70b29af1039c |
| SHA512 | 05138bedab76144f3917c184e306cc31db7550bf0c4e6af9bd29c860ca1490107cb4c98a1f05b3ce7434642db9d726199e56af718345d7d9b408289ceeb397b3 |
C:\Users\Admin\AppData\Local\Temp\imageio5268988870883988575.tmp
| MD5 | ee96f21eaf69ff375c3952ea0bd6db3c |
| SHA1 | 0df22b6d68b84cf8afa23518fbfe0af5eb8b5391 |
| SHA256 | 7bf6c05d119f94343cc34d8076024369fadbd1c0976b7c30bc688ad2894a8672 |
| SHA512 | 64c0c2f0d6092aef62ef3d3fc877b679abfe32bc9d3ee006bbc21124d8a4a63d075326511cbc84516f76e2c4903fc24262d5005e8bd6fa6da3654bb2476843dd |
C:\Users\Admin\AppData\Local\Temp\imageio6987433868439515191.tmp
| MD5 | 3078ba27f51f1f5e0f9f7c907a931c45 |
| SHA1 | df70d7f0de5d2db2e0c1c45bc120580ab2f97ef2 |
| SHA256 | 6322b2be78b14162c7001bccb50bd9f7e7414843d2fdf5e3e4e0b8f20338d61b |
| SHA512 | 7edae941aaa701099d527161a66fd1b7f441b3aaa089e1c62b2b82b18ca33b5572ab76f5181efcab88836dc03dd00b59990a48f9ce37086425351102d1fa89c7 |
C:\Users\Admin\AppData\Local\Temp\imageio773437106145280649.tmp
| MD5 | 43bc167e8fcb85e6814875781fc7bed3 |
| SHA1 | 392085b6e4bc6f8f635533b423a3b7c96e242dd5 |
| SHA256 | f7310f4fd71ca8387264afca37453e038699abf458df5315a7a5e497d020a510 |
| SHA512 | 52a38dee34b3fc511317867fc1e067dd2d30d0ffb2dbeb54b864f2369a648c10788b3ec26a476946976b33772f9d5e2b2fc12e6506079f9d0ef99e2f396ddc6b |
C:\Users\Admin\AppData\Local\Temp\imageio5622432227098837872.tmp
| MD5 | 9afaf96a994207937d923e7ab54a2723 |
| SHA1 | 90c9a46ded9c9f6fb3903f75b71698f041eeea78 |
| SHA256 | f1dba2d96fcb0e8c7f5bbd2a106f053c36a8c6bb38ab697076418f9454728c46 |
| SHA512 | 17f99316732741054676a3174482d6a8c4927f036d84065378a43665eec9aa08d8587534ac2e65ba1f18debe1e3f8e713920dab6db111613c49ba45139312bca |
C:\Users\Admin\AppData\Local\Temp\imageio6417037265121602136.tmp
| MD5 | 08dbf8ff59c349febbc337da61a6dc14 |
| SHA1 | 6de0c989863a875ceb7a76eecfc977eac9f3848d |
| SHA256 | 5035bda05e9eec6ad8bffe9ce44c4a93724bb7c002b76aee91cde0db3e8df938 |
| SHA512 | b4f0f507f8dd5d7b19f689785444cbd68b86faadd4ed0715b6cce787a00a861f297913e3d9f62a90c0ee24dd7a77bd0069e352bfaef79eab64bad66c7c9e4354 |
C:\Users\Admin\AppData\Local\Temp\imageio4218382939944687024.tmp
| MD5 | 9fdf65e163db06cdc17b848e7ee64c3a |
| SHA1 | 7d87954e447d33ad6f5702b81029294224333249 |
| SHA256 | 338e500399ab90fe9aa14960690e2424f259be235ea1b700af67797609d7a10b |
| SHA512 | ea99fee50a20527f513d72bc719c6eff698bec0450f5fc1673684150532a5e372554caad80838f2d9ac2457dff87f8972c2af97ed793b1ca6d65e7f99c38a705 |
C:\Users\Admin\AppData\Local\Temp\imageio5665851334478105207.tmp
| MD5 | 73dd864f84b2f45ea6f0fd1897b9ae47 |
| SHA1 | 18d0c385fdfb4cc60465eca7ef1b66ec7b7d132e |
| SHA256 | 57df7a087e411dd96f16a94df61f10fbed359f3ff35ee67742c1b8f96e38ec17 |
| SHA512 | 824825c6a2cdaa90ab85f7ebf376ffd6651dc7ff08153d715d053df467d0ce45480df735bf023cc70834d22d453c4bac499f5a30c9d7c2f561408cf285ce14cd |
C:\Users\Admin\AppData\Local\Temp\imageio2137209049274923897.tmp
| MD5 | e13447f49bca480718c2d3ea5aa4b2dc |
| SHA1 | 07a8a032da19f20935082c4cae59c751b1c91b5b |
| SHA256 | dc422e5ec3c425bffc5a03a1d3cf7a947106f5b030c4d825b26f4a6b2eb5dbd6 |
| SHA512 | f95e44e6dd91a9396ebc0d52227510ea1834e5f600d6cc85a19b6d6e57baf53fed4ce4671acf80841193d1e0192a76009d9c9b4506cc047957195326e7153590 |
C:\Users\Admin\AppData\Local\Temp\imageio1934619131715952912.tmp
| MD5 | c6b623f67eb09850ef220092486609a4 |
| SHA1 | d4350db85825d52b4c8a6b1be7575cca99b9c515 |
| SHA256 | 6858e2fbcbd4309381266b4f02978112747c19ef6f72a8d8ca870263e7cb43af |
| SHA512 | 04cc5b924c6de208733ca25aa4051fb5a85c2e951410c507d11c8e854ae410aefc1ba5fa06a7b498070914685cd1dc109bd84370179889a6a6e9f6fa9a50bfad |
C:\Users\Admin\AppData\Local\Temp\imageio1035768143183134859.tmp
| MD5 | fa078dfdc4e4febfa758f0e24d5bb594 |
| SHA1 | bad3ce4f50dfcffdf6fc9ffeb532292a99b5a15a |
| SHA256 | 9be7fe23fb7f0f635851d4f1c948e6f386fafdd14253813f3b8b85f13c1ef00e |
| SHA512 | 65318217871c8e365bae2ee1ffe819cc0aa1976fdb7b2764a92390eebab6ead7223fcbf0f096850efe3af38877a1298c8532fd2df22aedbf9ffc28a1960a62ec |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\res\values-sk\strings.xml
| MD5 | fb8f8b6b6af3fc4cc9e38049d29f68a1 |
| SHA1 | 68fc85de9cfca09fd7e4ef4743107470d048eb5e |
| SHA256 | 93dc3f1043cd8ebbafc142591d8c0c1de4de841ff9d0728c681c9ce65651af01 |
| SHA512 | 58554e18de5b75f0aa4624d35a1e44632379973709b2cc179e2d0523bcae038b4f8d3641459167d4b65937380e8b5aadc0636ee83b1514eec322e1ced087a13d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4cae2fb18a88fae9f9cf012115f1f7fb |
| SHA1 | 4993a76ce1ba5a53e40d8a6be5e7671b35beed47 |
| SHA256 | 74205efbdb257486d37793a9157111c833606853d73aa252b25267127d9e5677 |
| SHA512 | b465e1e1c35259f1e58d8804b11cbf233e30435332c8c5491f15131234fc743e9f1e3060192cbcdb1bde686881e6a647d923093f40c42d40d56144bc09c2a6c9 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\progresst71.png
| MD5 | 9a2bfd2a014257a0d6db2d2f792d0489 |
| SHA1 | e5557dc5ba5f6d0c4c8023185d9acc1b3f063ae0 |
| SHA256 | 67618fdaa085253410592dbe82f1789b41070f69fe3148639e50112f6f0cd2ad |
| SHA512 | de16a07add39820a814cf9a05a618fbb036bf726ab68eae7c95d41a286b3ce318423d8f46166a630c86fc1df7a2850b05e57fd25710f73619173d575fdfc99c3 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\temp.apk.apktool_temp
| MD5 | ddd34c559a0a7747b40fd1418c56ee0a |
| SHA1 | 2a913b7a83dd4c9e3a3b3aaf0df54744d163ca5a |
| SHA256 | 530e7b3f3a1b08f65c3eed1eefaddd0ad45f325165b6ba707bd6b5b88a118d06 |
| SHA512 | 664577bddac7d325e0563625ee5137afb21e8f0cab51d7327ae7d355c95e58fcac71ff307a3bf852f33697361f0e0b305be014effce1602ab19dbba07b8ef8d5 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xxxhdpi\freespace.png
| MD5 | 96d7616f7ade6580ab12756a63dbcfee |
| SHA1 | 579cb9655fd22ccbb2898868708ca83663086316 |
| SHA256 | 22e13c47280bcd1f9dea5e047723a9c25f0c34bbacdc3cd0c86c1388609dd79e |
| SHA512 | a61137651676dc99e78dd7bc72425a0036c5e8608f3215061f8f0903411b03012efd86a70e59ba3829ddc63ab25fd2cbb667234fe2f349965c2bf735c72a49cc |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\AndroidManifest.xml.orig
| MD5 | 0a8f323f53dfeb739f9f5a815fb46284 |
| SHA1 | d65cd7ca55c6aad324b68943bbfa31da7d0c2cfc |
| SHA256 | d0e203685fec34e3ddb8cf26b3f72a1a4262df03eaf34b89dcfe49009d3a354b |
| SHA512 | d283d7508a5ca916f85381976563a5919bcfee80e921e55743f7ec3d8d78bf1b9f748ec97fb97bfea97417432f4c3eae07697f95a5572a09311d23f7d2b74486 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-hdpi\notify_panel_notification_icon_bg.png
| MD5 | c0d309204db75f8f194cf7b5f781b3ac |
| SHA1 | 8a72b2861c9980eeb9eb8e4a47f387d3a97a7407 |
| SHA256 | a3d6ba61761e3957ef14110a4fb26fa2d0255605acf496e7133093e01392a069 |
| SHA512 | c374533670d795f4a10ba93021d765d5e233924c0c3fc2e2618659a332e844f2461e9c6bc8580361e48ff2821dda3f8d3d8def53a23b5307c96d67cbf359b13b |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-mdpi\notify_panel_notification_icon_bg.png
| MD5 | 379a0adc8c29ff8e6aedb6dc54c292f0 |
| SHA1 | 733d9c4e949bc54477e29902328dccedafa64979 |
| SHA256 | 2e28693300c8cd5dbdd49cbc71970454e9ebd2aa3aa62ed97a97dc1f6894843c |
| SHA512 | 22adfe1725f05d862a3aac0a49f9eff75cf7b627e9d4564c05091227b05e2a6e25780238653e83b31644b9732bedc0d2fa3b61f1a7cd885d3c487b876e68ce96 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xhdpi\notify_panel_notification_icon_bg.png
| MD5 | a0c2ca0fe4db91be21cc897f237c9373 |
| SHA1 | 72e27e730966e503ba7eb0050236d2f70eb3849e |
| SHA256 | 6598a6e07bd8876909eb886ebb75529bb91fa8677e0e5718ac38eb2962833da3 |
| SHA512 | af6ca8471d76262a6232a420d186340ac7d61356a99796657b383eefdee241279e0b3563c8207f522f71f53aa91880e3628ffbafd82cd145c8e617153732f8f3 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\ar_access.png
| MD5 | 00bff1515731929a7c2254fc71c4d16b |
| SHA1 | d0f24ebebad7a734945a9c71cc87940e9a5691e7 |
| SHA256 | a434d3daa641643d2dd5989463bcea7940053ece69381a8cb6e1e48773ba0475 |
| SHA512 | bc463bf073f87f8298afa2911df743cae55d94817f56354482be1a91be67c002bd6ee6d547da8fc2600cae379391c08576994d8c45545db3670f7fdca699a235 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\btnback.png
| MD5 | 86bd066aec48f7179fe2b4e3cc305e64 |
| SHA1 | cae46eea99d8ce7080be6849495afc824363a022 |
| SHA256 | 90449202d9fc1229626a244e45d7fcac854147ff87a6ffe8f2287d89299f0ea3 |
| SHA512 | 7ebb00a67c50ed4e748f36d7e536ffd4aef8f78ec76cdc27524b5a6ca6525480666b7f0d750a7e9100a832cb4ac2a757198ae6d3d3b4adbfa5f90f8540c71cb1 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\bakaro.png
| MD5 | 531a21c44b66e195a1029b29b2aa1e79 |
| SHA1 | eb65f9000dbbcc345692b6c8343d202808b8375d |
| SHA256 | 3e6051eefccd1935db1d3bcaaca1538148d23ddf6eeb76d055b4c12877238666 |
| SHA512 | 0b32cd0b86d5cfbb71c821c3ca441c37c1f7c306e6179936509e589465c0cc4b1c22c0738033c3f186592427a095844b04264e59c24e0680d2be56126c7484c9 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\cn_access.png
| MD5 | 32ea9de96b3b21869e851a055603ab4e |
| SHA1 | 9591ab5f86a60b3830bf2ca403bfd34b53de1967 |
| SHA256 | 9dbc3a5501f2fad6d714cfaabb7765771b7bfc88044976e9326514f91ab7d9a3 |
| SHA512 | f6e74575f478d76b6f9b2e247003116f56cdf528413eb63608bcea0f00883dea82dff08d084620f60c2ff34566a7705c183232038825f8da02e9206e5d483a8a |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\newbtn.png
| MD5 | 5e52dcb8d92f9f6e7d8b4ae0c08f4a1c |
| SHA1 | 666e652ee0363b167797086a5961651ab31e89e6 |
| SHA256 | 6ce06189b4927ab29c05f690dbbb1675f5936dd49f6bc72c6a883b154ab00515 |
| SHA512 | 4a19e65e742239479d380540a945c0524f8c4b34d5fc349fcef232d3317e352aa5734cddcd4ff6bb403f899275127dc73c5d0db74ce6a3c4db12794c8be3de79 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\keybakno.png
| MD5 | 4ceab5c16dca3412747f41124c8464d0 |
| SHA1 | d9433ec326315df7479dfd295f806bc119cf7512 |
| SHA256 | 6ad78c5f714a357b019e1beefe53859886ac55ef798d631c98a196a62c072c08 |
| SHA512 | 5b09f5ac4492bb066f18b5918ffeb226e914f9e36dba864fd7f1b9b667ede94d2ee340518482c4c1e5d1e35741f3c1655602f11bd1b2b0ece269cb39e690b1d7 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\keyback.png
| MD5 | 66d24f5d96ee09c300f57fba3268cd2d |
| SHA1 | 6668309843e3574bba49e557766004c8d1313c98 |
| SHA256 | 511d2a2d97d54e3df15c6faeb165a80796af8f3118e6c59de91f50e39231eb2e |
| SHA512 | 6b2914ced65d2e1ab9ac5225f939546adf54b7a4ff7fd177c21631af1d9ad68ad4d6058e3fb3efc1765e0e23602ac41cd552de2fc4571f0ffa2dd242671930ea |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\glob.png
| MD5 | 5a454dba7025d65da265401ecb6c7607 |
| SHA1 | bb635246423c4287ef6bb10939cf53bad81ebf1a |
| SHA256 | 4c5a893698068ec39b013e40b4c290fba579b40684459b15ac19a5417e0cef9f |
| SHA512 | 7495aba136a7a004297d7792d90b94fafb5ed92747ca7cd38a50da227ca8d21564b0bea37ceb162a8db919bd2e3e04d3a6f25cf988600321543c73536aa25c68 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\en_access.png
| MD5 | f26a4122f269d0bac1c7f8b72dae5557 |
| SHA1 | 78bbbdfca77b724886b58e238dab4e535ff975e8 |
| SHA256 | 01b370f3f0ea9d66185e717f9e1e0963498bea4981a6035db73c62931953c803 |
| SHA512 | 24941d9d634cfbc5ecc87964437fc38a9c7fc6715cbb83d9ad7138938f5b48b05f07d511726bec732fd3e0962dc3832dfb6cd21d7549edf3b5d08896af165f95 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\del.png
| MD5 | 3103a2f2c768ae3e1cb6a05dad51d2ae |
| SHA1 | 00ceb26ce636ab8090dcd2b8ca0ca1b5db82a403 |
| SHA256 | 744738ffe92b1b2acaaf69991b00b6a2874f52e583a2cc820e392ca25a18b1f4 |
| SHA512 | 4afe3d78d220ea5dac03c54a966fed4ab0feed8347acc1f7346036c26b13368154ca493d03b038634c25498fb896110aff933726bd296b9aab535b7c1e6ca8ba |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\cpas.png
| MD5 | b11de8eeec86780a704aebb574ff5b20 |
| SHA1 | bf5ec267ce3e18252d9d07b5b94b08ee9b66383a |
| SHA256 | 95af58ee4857dccd8d5409dd7b7f6ee4c5a82f96ae51c1a766729cc65f44b415 |
| SHA512 | 8ea36caa44b406606356c954160944840aeba59f673187c0552100850f2da3e95f059df94d2616e61a9f36a2c318beaee0b50bb6aa8198d68f4eeffc7f099480 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\nont.png
| MD5 | 64660d754f805034a58bb25176d33273 |
| SHA1 | 87a7d6fb75f334b10691ed78511811dae40206b8 |
| SHA256 | 14b29e9370a4b4151d71d6e38713bcecf99de1436ead1bf4d8f169bca5c79a2f |
| SHA512 | 5402914cb829755b10f05d21a9e9fa41ae9b5f7ff01b1fc47a0d2d0a4731d003f33a3927ba4185c2244164f560f0095e2d9845378fc516549c24d53805bba717 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_ar_1.jpg
| MD5 | efc13a6647b5474367b86b835fd4faf1 |
| SHA1 | 2f2946d0274ec481c798c168ecd8fce588c7879a |
| SHA256 | 734250f3de8f40cb3145de509ae552eabc07f53368befab886f8b049c470edbb |
| SHA512 | d99d2234ff967b3d691508fc6ac7409a459265d4c66d0eaa1836c1a156d7d26b61a8e79b3b92720a36fc6a5679e5583c7bc9bbafa477ff524332560ae5929c36 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_ar_2.jpg
| MD5 | 5dac58540858bf955775131648459ec8 |
| SHA1 | 00d10ef0d343293a00ba686dca52c4c0d2d7b320 |
| SHA256 | afcc5c0213bdef5a0d1d5c09406972466ce5b76bd246f60d5937098f67d639b6 |
| SHA512 | 9ad2042e91aa1e2404cbf565f467ccccd8d641ffd00ad940f2e6ba0e41bc687c45daa772cf71605f6181959ef9f820bc9681e3e0cf3368297f0705ff4d9b9505 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_cn_1.png
| MD5 | f89a7dfaa4489dd06cf03f0eccb61516 |
| SHA1 | 9fa34466e7a8a8bd2747ab68cde827d40e03342f |
| SHA256 | 0aa5fbccd5f246b408e5e863c5e63578722adb243e68559fcc1fffbba0c6b8b8 |
| SHA512 | f60048e4bf0c0fdbb42126764372e9d6a71c22370214e342bcedef9bcb5d1aae723814596bb3411f47d01381b196ddd368a7056f7382ce002541d4b90c86508a |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_cn_2.png
| MD5 | 0d8630478e1f0c73e2b9c2f41a4f3816 |
| SHA1 | 2d72b9e7ac9e10d7b7376ca82a6b789c6b2d6870 |
| SHA256 | 9e86de042c926fd41d9c1e1cbc7a775af1a0835d8c182a0312bda3a77ae8fb68 |
| SHA512 | b42ca837b2a244ab7eba7cd842bc337c75362266b07c24402bc25d5fd290aa6f139913422d9ca8b28778ac99ed5f90fbc6d3baf05d10440ad03fc1aedf785b6b |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_en_1.png
| MD5 | 4f99302a19da90cc12c230f4601fb9c0 |
| SHA1 | 6a3c3c548b682a78ea6f8bd1b989b14b492fc74d |
| SHA256 | 8c04c76f8fce35362cb4819c175ae81253d574cc5160b488b8b3aa872cec557a |
| SHA512 | 082dfb2d42244e9c4eca9d4ffce800b74e6f15a5151226382ff5bab9deadcbd3506d4cf80be27db8e3a116d2f3013b8e1d28598b14f900355889402a145ba70a |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\toggle.png
| MD5 | f21953ea0bae88db07b5552a5ad4dec4 |
| SHA1 | 1e946e1167b0d3fa15af22b402e231af6f29c3b6 |
| SHA256 | 999c9fe7c01758050e7ed0e8ef61199c9e482f436a9caff7a995ce8101a30a23 |
| SHA512 | 9a38d637e9edd3b9996247a3900f6814a2a5993f7a2911ef7b0e3a09b8fba722b82fc3eecb5adb4ffe30a0ecd411329f07df3daf61259d41fa7fe05faad43224 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\rpand.png
| MD5 | 07efc149d9e0aec58d4691b04718f464 |
| SHA1 | 0559be9d64306b03a4350af8db97c715bd0054bf |
| SHA256 | c11fb632f4d6af016766f204069e25b5782baa2d0a5c9e550fb5e246d92b234c |
| SHA512 | c2366f476c5e8b1d9a3294b9a38f2bc19a30ee141a5c1c6964859e0a812c209812df46cb5fd19402adcf7c469f33c1bdbb1ae0c13d6317d5c7b9c3c490d4f4e2 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\remove.png
| MD5 | ce291781d9b3b824005a0c734fa2a034 |
| SHA1 | b09074f429072b5a6a0c5753bcbde8b40a7007cd |
| SHA256 | 61ea6524a86b21891fc7444c615da203639fe3447dabecc2c6c9f4a6e59974c8 |
| SHA512 | a3b3731e6135056872b6688c5770f75fd1d5602efa7cb5896a29d40720dd543d2b56ee2663f82f693ece8586ff8b5202d0cdd03ee7234b298388497e7327e307 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\oppo_bty_en_2.png
| MD5 | 50c79d913be1e6e93220df9368d9b6c8 |
| SHA1 | f585a3f3c16952f5cb0d877fbf565c791016a351 |
| SHA256 | 1f456d699383617c711aa5f0004b11a2ce5672a09d6618b80b27785d999a9fd6 |
| SHA512 | f54c3d462d8061e76cf204ec8493721eadf3d0eb44b1b5a7e5d3ce8599f881e7ddf833e152b1dc99df665e9b32c60f48ee8f81d805fbbfd0ee085d28616dcf65 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable\treelins.png
| MD5 | 146619e7179d32ed2c56f749d38542d8 |
| SHA1 | 42834afbc70437211015aa3de8a50b2b8813d2be |
| SHA256 | 15a771cda6439cbaebf85c8042686819931877047c7848d39a833e13e656fd89 |
| SHA512 | 12186dd68bd30eb0f6c9b123ff68a44942f0a8fb16d49bbfcf2ec8f5635e7833d42f5931ac0181e2cac1233edeee47f3357092cd6b9c6628c4585a359dd7a10f |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xhdpi\notification_bg_normal_pressed.9.png
| MD5 | fa054cbba957c42a29528e848242f4fd |
| SHA1 | 344d8897537d06d483fd9ec163a727036da65521 |
| SHA256 | 4a24d2180b1dfd48e40bd675e2b601fdb26099732b4700678984f59cbd67d417 |
| SHA512 | 180bd0c909721fe183600dd2736b2703fccb4f4eec51440708a91f5feb7aadb45b67823325c7b7653b368060729a5a1c15e9c4d9cf8ba95aa66d489795b00600 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\resources.arsc
| MD5 | c32145e2f765425e8eb25ab93c3713e6 |
| SHA1 | 07312aca5a38b8b50332743a0f3fc82b2a9e154d |
| SHA256 | f511dfbe77c253309333b6f751c2f96243037b3d2a8b0fa80a73f964883f3bb7 |
| SHA512 | ef424ec27d387355b49a916a1a29efc928b549f4c89905e8e9280d7a33e518d22b15d124f8a8b79b8646a53302148319ffa087c7ba76554a681b528c9b85a91e |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xhdpi\notification_bg_normal.9.png
| MD5 | bf3a10daa260ba3f4cd3325b94f75cf7 |
| SHA1 | 511cf72f3fed223300b577cd1e299670340b4ed4 |
| SHA256 | 559bf783d765c02338e97952bdc9c6689c7ff99090b8c9813369118da8b080f0 |
| SHA512 | c558774509b6d6cd102fe5758fd8dbc242bd66efac8484399f2a11be604e4610be9a8bc51c682b22b71b226c50c70c000353dac011e5186fb456e938650b0eaa |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xhdpi\notification_bg_low_pressed.9.png
| MD5 | 668d179f248f33343f95b98ba90066a1 |
| SHA1 | 07386f05e7edda430c9a0e1dc079396d840f662c |
| SHA256 | 3b79243ef0228d6a5b66a25416c980ba9620851c879093a9da4feb84b33961a0 |
| SHA512 | 524c0f4be67bba44157a0a917f5521a3451254ecb41dd4d16e5a3746f80159d05f55e3698dddb57a930d4b0f7b04e4065924b4f52ff16d962c5fec002f2a15a1 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-xhdpi\notification_bg_low_normal.9.png
| MD5 | 3d4e903880e581df0dff44a4cc07c65b |
| SHA1 | 76739b885ae4d43bed479546809590c04ea835ea |
| SHA256 | 3e09afa21c45372c035598c017c8fb405a6d678e6cb84dc857581cb3b40e482d |
| SHA512 | 88b24898f5206a6a4c2ec6b153e8cb2f082a88c685d48b2f9969b3cf109b8c3afe41bf30dac301fc58b28122eb4a83e41693fd61e27ae338f6eb3006b51ac3a6 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-mdpi\notification_bg_normal_pressed.9.png
| MD5 | 34c35696bd285f91cb2a5506eb258afe |
| SHA1 | 5ccedf7866cc6be4fc127c0e54fe07e4de450dcd |
| SHA256 | c7d9e7992b7fe7fad1ac8a469e0d3767e96336ae151a0f5cf85265a88f452605 |
| SHA512 | 05453111699d0b6e4c15321f6f17c80aee0a018cdca19344352c6fbb6a62a285d918f84ed2a4f8adae2e5342ef4d30aca2afd315ead3d2c25939664c3110b805 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-mdpi\notification_bg_normal.9.png
| MD5 | b9272156e69985c12fb792d602828b8d |
| SHA1 | 5a5e2306486d3d2f44f89916692d063b2a0c6eec |
| SHA256 | a8676a1793ac8310ffb12986232df66df092d29c242aeedc2b73556c010d38dc |
| SHA512 | 3ad0cf717a293a3f52cba088d8ffa7a21424ecbb3660306ac5543d3a26fc1cd1940e3e2b2dce5d2fbd02241b2c3a30abde71f826a074873f10e4a2957bbc3a87 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-mdpi\notification_bg_low_pressed.9.png
| MD5 | a07d2b366567cc7e6149d388f7897c9f |
| SHA1 | 1f95867eb54974b9006f736ad723a5f81e92925c |
| SHA256 | 452a417d7ba3af7292f03e7a8b73d8a9122fda7953425fd5603f5f6aa51e6a1a |
| SHA512 | 5ed078f25cfc5e02286daf8974f92ca9726f8388a270cad3ab8f9ebd478ce7deaf67ad23a0be40c619823964957323ac4386a610783735113f42acca3ea89628 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-mdpi\notification_bg_low_normal.9.png
| MD5 | becfcdc666bad2da32848991e97e1475 |
| SHA1 | b145c1483988c2b5615cc018b6c9a9300759b153 |
| SHA256 | 2f7fbda0ba6e53e9a47e2fc0e24e32c447c613a5808c2d6285dc651e83a07ad7 |
| SHA512 | 9df721e22a3845858500fa0da497a109c74ecc619b7a6bbd0cc57296859a470fd7a17dd3d5dc8858bfc99d680bb30b1461a1e45f5a36935d01eff4f78d038181 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-hdpi\notification_bg_normal_pressed.9.png
| MD5 | 6e8af82f4c8393d50496361364f43542 |
| SHA1 | 163e34d2001e4efc110ff1ec79c1980e60cbfcbd |
| SHA256 | bbe825fae7ad565073981bb22700d71837708b515ebe99fe2fd0ed5ba5928a0f |
| SHA512 | 1577384c857936796e5915f2722453519b2f1301552e2f685eaad1c9dc7262ff1bc0845278f029793ae0ca55d3608c5800077b358b9c7afa9fb2bc341615f125 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-hdpi\notification_bg_normal.9.png
| MD5 | 6c3c4b9d0b6c4f7019ce57cbc7e7aeab |
| SHA1 | ada9458bfc632f36738a64a69401821405207db1 |
| SHA256 | 0c6328c7b2420570a7ec38b3beb3bac9a29d895ac1ab7239315aba7266418593 |
| SHA512 | 197a49aba9e31671e73709f0c18ab4732fdbf3c7bdfd33c411a80c3818fe5d787c25fb6dac1e758acaa8bbe498699630d5111746c4aeeea36adcdfd91283d6c4 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-hdpi\notification_bg_low_pressed.9.png
| MD5 | ddff200be4c8e0794003808eec48267c |
| SHA1 | 507c5f65f380dc8cbad0a5bcbe0e3085d34e3355 |
| SHA256 | 859dbbc97eecb8c52d4a4cd299511d947ad9fd704687818d5c84a803b46eacda |
| SHA512 | 96fc42b457ca9d93d97410df478b7a7a12c5b0737a0b90c9f104da7082ce4396a7f8767f47d44970bda201812b3726beedf021c5e417957fd5ac24a6dd0cce9d |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\build\apk\res\drawable-hdpi\notification_bg_low_normal.9.png
| MD5 | 9beb0f023e6da0e206be1340063cfd1a |
| SHA1 | 0f63e128ce75b58668f1aefdae22775e2503da77 |
| SHA256 | 21f0b55280be10b187ceff8edef4a5a7047683e6e9fcf47de410aa3839f41094 |
| SHA512 | 880ad614daca85f36d7e986bb32b1a8f678eed22570e7ff3962ab8161da9c6574580b17ecf6101e6f44668d07dd7392066b583e813a382ef5206e1a0f6af9324 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\temp.apk.apktool_temp
| MD5 | 4abf16bbfdfcd397d05b09d6850b72f8 |
| SHA1 | 00880def3e77bcc38f7037188ba39bb24d237647 |
| SHA256 | 165109e54b9d1d64934dd8adfa33f82bb23aa9e53692e7b527731d5ccde11ef4 |
| SHA512 | d26dfbacc7b1ce9667cb9c0de71fb0d7a449f18257c166f079307dca11a7bb6f0e6f64978f53bf1b2e5659e0551a76999900b769ce82fc434a7d43bcff4771a3 |
C:\CraxsRat_Bilder\platformBinary64\bin\temp\dist\tmp-804870544
| MD5 | 5b9aac2883efd7d7cbbeac6a61ba270e |
| SHA1 | 18a128a4f277075d6036002aa54856be73253e94 |
| SHA256 | d46f19d92dade2a456a47c77e3952250bd0a7f9d935cdf573c3c45e41f351e63 |
| SHA512 | 91eb6526a68bab1ea541afa796d7294e2e8fe296b0c93a5deaab3515500a4bd6a187dcf15780fe6026d6ba7231c0596d80b477934c4bea01c30f30c7724fc2d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98ec0d6a2a859941ba70cd5848c5ad3e |
| SHA1 | 4615eebd9c02a61421e57e2806c1ed23797a01d6 |
| SHA256 | 59713f73bdde09fbdca3e085e7015de46dbc06e83a851d182de162c851a18629 |
| SHA512 | 99f5bdf3f3a20f4ac7935a12bee489d384f01e6e2bf8fa05ec4673af5386b50a051b3317f3cbd65b0b4bdd7a85dd91cbfdd3a1c51a2ea1de9b5bfd8c67d84b54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1832ec00237c7160c824485242aa2013 |
| SHA1 | 22b7e2b9d2144adc4f96e86e05713855d4e62120 |
| SHA256 | ed1ff70400d34c13a6e9b61de6b6eff105b89c4ff797c4de598de453750a8e53 |
| SHA512 | 69b9deada04e01d63f0da5850c09b6840f2a2b8b14a4b4be17b2502963a02f894155b45047ff099131ac5593dd294ca46fdaff5a615871e023d5f53444c0eb72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 3db01f3289b7517e321aac642a91c7f3 |
| SHA1 | 4d54518f6f94dbe3e4e0cd7cc0d13698272d197f |
| SHA256 | 45c8217bf1571647763788b5472b9621330f6b065ea3107e2c6340a60ccb73a1 |
| SHA512 | 69e7726636a206b910a971c00bb9a2a79835e5f98bc588158f62484ae77cfed138f8741e68b6d69ce77830420bb87df46762c51862a80f01d04112a3561673cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20d331237048ab5c12cf318e92873624 |
| SHA1 | 70984ede84928df70c9a7f07bad5bdaa8f3521b0 |
| SHA256 | 7b36c477852d419242e1f5710b05f8a41e71fdba321a4c30409191582b27aedd |
| SHA512 | 6c5ddb6ac8de0e1d2cf5e08645a4aa6fb1525333c005c4f40e0f0f5b3b9a7aed22caae73cf17a99ca628f965ec7a815ee9033f2ecdc45be57a28c85e888d6cd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6c268fad0ea01397b033c2d98646bc4c |
| SHA1 | 95f04eb2430cc99dc47fe985334c4e2da75ee4cb |
| SHA256 | 24273ffae76950d22a66515dbda573adc45a35da0953027914466a928f4d234c |
| SHA512 | 5c987328a49785146cd9b3fc9d65c2fdd58a6fe29cf5370bb059acc88f64671fbf2bd8d88d4a378f2029186eb473170b5a1f9c13a5445a913c90ac29e4f19451 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f0c3a65f42e7c68dec2fffe9293446cf |
| SHA1 | 8143357653f1d4c5da182e000ffc3bd00fc02d9c |
| SHA256 | a287acff34878577266b5f99c951a54c6a6cf0845a2f364598a80810baa5b45b |
| SHA512 | 0427727e186d5c2912154d0ef96ecf9eee7fae66a907faa0996e3ed5b54b21510fa2b36fbdebc964d6d43491822c8dade2585c221bb9b0580a3dd839f373ebd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a9a270171b73417c854f178a3ff16c23 |
| SHA1 | 707303f276b9874ef803c74c6f341de708f324da |
| SHA256 | ffe51f1bba6b77887f918735c75f3de755c3877f91bb49a9da3308361fbd4d7f |
| SHA512 | 391b851de4bae8a545b08fd506d418489e6188356cfb2f035d1ef09e9581654abc37005ecdc7ff4e9d813ebf954bfd8ffc568d9af4324cc8817e780c05aadceb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d46d38221c49562ec0f3bbd58ad980a9 |
| SHA1 | 57f207736d766dcd11637bf50667a196cad4abd3 |
| SHA256 | 1044f171be604e3dc98a82c773f5f449c621d40f452c231a0f03566ee2ff45ae |
| SHA512 | 9f422ad1edfb9d8d03d8150aaf0abf81f636a8eaa81ae3cda4d0d1d6c4df1b96fdd4e58c8cf565b2da9bb93661dbfb5889e9bdb66b397eff475d5ab99a8fd9af |