Overview

overview

8

Static

static

3

OperaGXSetup.exe

windows10-ltsc 2021-x64

8

Resubmissions

04-02-2025 00:25

250204-aq1r6sylfx 7

03-02-2025 11:18

250203-neq1gs1pdj 10

03-02-2025 11:18

250203-nedp6a1pcl 3

03-02-2025 11:08

250203-m8k6nayrdx 8

03-02-2025 11:05

250203-m6x3fa1mfr 8

03-02-2025 11:01

250203-m4qkksyqfx 8

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250128-es
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250128-eslocale:es-esos:windows10-ltsc 2021-x64systemwindows
  • submitted
    03-02-2025 11:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OperaGXSetup.exe

  • Size

    3.8MB

  • MD5

    5b8cb1947781b81771c8ccce8c2acf9c

  • SHA1

    dac0a7b542a624c851bb182af26ad4540f9b3662

  • SHA256

    26bb11eda4879dfcec579835c2e2a4240bd115415919d9934199be2d442bfc58

  • SHA512

    70ace2d4fd39fa3923cca59f80a085025ad5c5477d873beef61036ee9590ac77a2a670d23cd149691b194e2b20f96661af8dd5d795a61bf9cfe31ff0c65d43c8

  • SSDEEP

    98304:IA5YT8y844FnN4ChLeQEGfleiLdAXmjTjiMI:4T8y/IrBr5f3LU2ml

Score
8/10
discoveryspywarestealer

Malware Config

Signatures

  • Downloads MZ/PE file 4 IoCs
  • Executes dropped EXE 6 IoCs
  • Loads dropped DLL 3 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Enumerates connected drives 3 TTPs 2 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • System Location Discovery: System Language Discovery 1 TTPs 6 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • NTFS ADS 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 18 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 60 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:3676
    • C:\Users\Admin\AppData\Local\Temp\7zSC5EA7C67\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zSC5EA7C67\setup.exe --server-tracking-blob=MGNhNzQ1NjcxM2E0ZmRiNWFiY2M3YmE5YzIyZWU4YWI5OWFiNjUxMzVlZDMxYWE0NjI3MmU4NzFhNzE5ODFmNDp7ImNvdW50cnkiOiJFUyIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT1iaW5nJnV0bV9tZWRpdW09b3NlJnV0bV9jYW1wYWlnbj0lMjhub25lJTI5Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cuYmluZy5jb20lMkYmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZneCZkbF90b2tlbj05NDQ1OTQ1OCIsInRpbWVzdGFtcCI6IjE3MzQzMzY0NDQuNzY5MCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNiBFZGcvMTMxLjAuMC4wIiwidXRtIjp7ImNhbXBhaWduIjoiKG5vbmUpIiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vZ3giLCJtZWRpdW0iOiJvc2UiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiYmluZyJ9LCJ1dWlkIjoiNjg2OGZjMzQtZTBjYi00NzI4LWFiMmMtYTQ1ZDAxNGIyZmYzIn0=
      2⤵
      • Downloads MZ/PE file
      • Executes dropped EXE
      • Loads dropped DLL
      • Enumerates connected drives
      • System Location Discovery: System Language Discovery
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4620
      • C:\Users\Admin\AppData\Local\Temp\7zSC5EA7C67\setup.exe
        C:\Users\Admin\AppData\Local\Temp\7zSC5EA7C67\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=115.0.5322.89 --initial-client-data=0x334,0x338,0x33c,0x310,0x340,0x74ba2d9c,0x74ba2da8,0x74ba2db4
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • System Location Discovery: System Language Discovery
        PID:1624
      • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
        "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • System Location Discovery: System Language Discovery
        PID:1252
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\EnableWatch.mht
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffafff846f8,0x7ffafff84708,0x7ffafff84718
      2⤵
        PID:4048
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
        2⤵
          PID:4108
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
          2⤵
          • Downloads MZ/PE file
          • Suspicious behavior: EnumeratesProcesses
          PID:3636
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
          2⤵
            PID:1504
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
            2⤵
              PID:1036
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
              2⤵
                PID:4816
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
                2⤵
                  PID:4212
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4864
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
                  2⤵
                    PID:2868
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
                    2⤵
                      PID:1192
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
                      2⤵
                        PID:4320
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
                        2⤵
                          PID:4748
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
                          2⤵
                            PID:772
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
                            2⤵
                              PID:4676
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
                              2⤵
                                PID:4524
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
                                2⤵
                                  PID:3720
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
                                  2⤵
                                    PID:2476
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
                                    2⤵
                                      PID:4824
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=collections --mojo-platform-channel-handle=5528 /prefetch:8
                                      2⤵
                                        PID:2484
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=6636 /prefetch:8
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:1596
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3364 /prefetch:8
                                        2⤵
                                          PID:4524
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
                                          2⤵
                                            PID:2708
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
                                            2⤵
                                              PID:4580
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=7028 /prefetch:8
                                              2⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:4304
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6992 /prefetch:8
                                              2⤵
                                                PID:952
                                              • C:\Users\Admin\Downloads\Vista (1).exe
                                                "C:\Users\Admin\Downloads\Vista (1).exe"
                                                2⤵
                                                • Executes dropped EXE
                                                • System Location Discovery: System Language Discovery
                                                • Suspicious use of FindShellTrayWindow
                                                PID:1484
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
                                                2⤵
                                                  PID:2076
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
                                                  2⤵
                                                    PID:3240
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
                                                    2⤵
                                                      PID:552
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
                                                      2⤵
                                                        PID:1960
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                                                        2⤵
                                                          PID:756
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1
                                                          2⤵
                                                            PID:5028
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 /prefetch:8
                                                            2⤵
                                                              PID:2136
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=6396 /prefetch:8
                                                              2⤵
                                                              • Suspicious behavior: EnumeratesProcesses
                                                              PID:728
                                                            • C:\Users\Admin\Downloads\Curfun.exe
                                                              "C:\Users\Admin\Downloads\Curfun.exe"
                                                              2⤵
                                                              • Executes dropped EXE
                                                              • System Location Discovery: System Language Discovery
                                                              PID:4016
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1044 /prefetch:1
                                                              2⤵
                                                                PID:2784
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
                                                                2⤵
                                                                  PID:2620
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
                                                                  2⤵
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  PID:4992
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --lang=es --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5764 /prefetch:8
                                                                  2⤵
                                                                    PID:1092
                                                                  • C:\Users\Admin\Downloads\Melting.exe
                                                                    "C:\Users\Admin\Downloads\Melting.exe"
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    PID:4032
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,16661958244508016547,8523765251103640409,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6196 /prefetch:2
                                                                    2⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:2640
                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                  1⤵
                                                                    PID:3132
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:2964
                                                                    • C:\Windows\system32\AUDIODG.EXE
                                                                      C:\Windows\system32\AUDIODG.EXE 0x4a8 0x2ec
                                                                      1⤵
                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                      PID:3092

                                                                    Network

                                                                    MITRE ATT&CK Enterprise v15

                                                                    Replay Monitor

                                                                    Loading Replay Monitor...

                                                                    Downloads

                                                                    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_49536AB5156BDD74EFF881D01C36A419
                                                                      Filesize

                                                                      471B

                                                                      MD5

                                                                      3393ab8b7af6da2ea6b96350e8554d9e

                                                                      SHA1

                                                                      10034dd35e864f598b4579d22e8f819a058a05d9

                                                                      SHA256

                                                                      5dd4d4afab5454514192c0c71be2306e361fddff1b37f3a071dec0119474d838

                                                                      SHA512

                                                                      b3e4130979b4e05c558ac55c881810df38a65000d407ce0b440d6d478e1cb5536d7b4934845e630da8b0bba1fbc5e4297529fb26b7d248ca299b8ac480547941

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_49536AB5156BDD74EFF881D01C36A419
                                                                      Filesize

                                                                      412B

                                                                      MD5

                                                                      b57da0606ad72cf2bae68c99d3828338

                                                                      SHA1

                                                                      810b0c379f677b4fc2bc37029918fa035aa4c025

                                                                      SHA256

                                                                      f21ea2e2846d82f878b0b4b4303dba99676cf916e97fc948cd9f3329b8b6ade0

                                                                      SHA512

                                                                      74296c1076cd0c6caba7a18c9283ee314e25128c5ce84427fa9aae562065db44e0549b301648b64f4637b592bb99c1bf95df8652c78a215cb6a85feb8d35aab2

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                      Filesize

                                                                      152B

                                                                      MD5

                                                                      3fb127008683b390d16d4750e3b7d16d

                                                                      SHA1

                                                                      8204bd3d01a93a853cc5b3dd803e85e71c2209af

                                                                      SHA256

                                                                      6306c5c7293fe1077c630081aa6ed49eba504d34d6af92ba2bc9ebf0488bd692

                                                                      SHA512

                                                                      2b8003cc447e44a80f625a6a39aacad0a0b1a5b1286eabd9d524252d37e237491d069c603caad937d564d0eb0565224d6c80c407b61092b562c68087785a97e4

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                      Filesize

                                                                      3KB

                                                                      MD5

                                                                      f48fc8f6b4ad048af2d3ccee73becbe2

                                                                      SHA1

                                                                      6a337b329ff3dc823f3b8ef4921b4d06bac60bee

                                                                      SHA256

                                                                      ff10fe3b8d3e8cc96f1c0c68fffc34e52670515dd8bb9db9fcc43eb27ceb9794

                                                                      SHA512

                                                                      3f1b83c613f579c45303ad95ee7f21efe478bd89d665179515650aa0d41b815fffd022e5e7222c6a6e079a314f313f0a82758d44406943443d696a4d940e53f1

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                      Filesize

                                                                      111B

                                                                      MD5

                                                                      285252a2f6327d41eab203dc2f402c67

                                                                      SHA1

                                                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                      SHA256

                                                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                      SHA512

                                                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                      Filesize

                                                                      857B

                                                                      MD5

                                                                      b6ae1874cd9ec492b12dd03bf262cad6

                                                                      SHA1

                                                                      7134e747200c88515bf7151c3fed2a97fddcce4f

                                                                      SHA256

                                                                      b1a0021a3c1e95005f3cf9453077fe985b20429333f4166c5a983fd4d9684316

                                                                      SHA512

                                                                      662c1985106e9989f6b0ff6d4a3433bab60f8f4e7864fd39f63fce9d6953b7d7226a90bded86c08457d461b3a2cf0410a3f226d1bd901804f860b3e2e6cafcf5

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      5KB

                                                                      MD5

                                                                      d56dd98cc481b70796235ab2b80d2885

                                                                      SHA1

                                                                      12fde42b26080c91fdd30b8b07635272c64877b0

                                                                      SHA256

                                                                      a1a817567d0da2ce1abfedbcf43d429b501ad96ad6c6eb1d59b9238c5972c522

                                                                      SHA512

                                                                      9c42c8cd68efe6aacd65f7bdcef9a7418c84ae6cd15dfe7cc28cf105bad170461debb1338ea28739d3f31ff188cae029fa882a65f97dd153972f5e8727b9a6e1

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      35ceb88babc269492a97a966a4fdf58c

                                                                      SHA1

                                                                      42babd48953086ce49d73ba671f5e237c6c4a027

                                                                      SHA256

                                                                      e5ae56c8a8e7da8d325bc69d0cf18009b47779053caa260209fc5c851c04d602

                                                                      SHA512

                                                                      6425e185c1f9966d78ad73ec2975052df6c4252e1857468ea8f8cea25b901748e59a9aaefd3d844553f33756e8f234e1639218a4009a93da083197308440c0b2

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      7dd94fcd4ee1db1f4fa0ddf53edfd262

                                                                      SHA1

                                                                      3d775f5ff0d13ba533660736e1d4b23d1e04db95

                                                                      SHA256

                                                                      9e4399fead0435a0a4051594c99f1689613fa57d61e21b8c6e47e1c1a60800ba

                                                                      SHA512

                                                                      ccd77ccef409a3365f5874854bcbb30833635571ce9f612054fafcd158538a8994898743c48dafbef637af7cff60284548f1136f82b069ea51d3ee20aec25752

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      5KB

                                                                      MD5

                                                                      fc1df3687518c4a19c702168ec4a6c01

                                                                      SHA1

                                                                      8ee81a3a135a9acf1b6ebb526c01b6882cd35474

                                                                      SHA256

                                                                      2c9d1be832b714b294ce5e6d26960d79d1d35b9b964e4623d1ee19406fdffa4e

                                                                      SHA512

                                                                      e331e4d8147a8ec693c9e5a2789132ddde3285b1146b88d6242d83f1adaf2319c386da258033a738ee0184a43fd7029133b43291c59f4fc04d504bae762dbef1

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      55476f5bfacefa00d29c494f11502ed6

                                                                      SHA1

                                                                      619be677c4eb3812fc98cc1e1bb44d7c17496ed6

                                                                      SHA256

                                                                      911809e2600a661338670e87e800a44e16937e900540968282134ab2e426d2b5

                                                                      SHA512

                                                                      efb65857f8fc4a1643c1963dcf703735f4fc2dd01695ef88a5a0c487118aab5447a9e9d9c81e86143438539409bc340e62f7855a3a500ee9dbc90cd230135b8a

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      04588130869a9a83ae424a1fbc1aa708

                                                                      SHA1

                                                                      51cbe829ce0dbd6608fcd98feb6febb0ea82f033

                                                                      SHA256

                                                                      f6d077a3a5f777c79ba8b41476b1457a45c2f624c91481d2e9be2e80272eb748

                                                                      SHA512

                                                                      488435ac6d898d0d86f02d48c8c99f6ab100b25f57828f93cba1236062790f24702155fdfc4e19156e6100f984ddab0ced9852aec86bc9cd3ef63b4f41927f75

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                      Filesize

                                                                      24KB

                                                                      MD5

                                                                      0677b7272984a6e8d243405b2c644c7e

                                                                      SHA1

                                                                      a844ae7f8d5fb7839f1258622142e67953d19607

                                                                      SHA256

                                                                      d5107326caeba499cd7c455096423d8ae9417bacee6cf3aa6f814d93eb4f7ed5

                                                                      SHA512

                                                                      0680e6d08364b7eb6d66d25b26220c21a4974d249c778f80ee60e5a257d44afbc2013017a8743699c7139d6275b97883940e7b0914bcaf1e2281c8238b64c972

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      c62f23103de43c0a57b13b8c7e4d0137

                                                                      SHA1

                                                                      d15608d75ca1d9d3261e2070fbec80fd5749f6e4

                                                                      SHA256

                                                                      29009564ab10de1362fbdd18a45f403f4ca8674b55a9cfceda28b42e8cdb74d7

                                                                      SHA512

                                                                      f40f5e63b269bc91d7e9bcfc51cd4a068a4dac3b5cc899039b1cde9f0fde7abbcbe055eb2efd486cc152ad5cf8636f25754525a35a98009c2e65d976e4c8713a

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      84b53eb975e0855c7cf67e7c7f996748

                                                                      SHA1

                                                                      2e4add3bcacbdd259de3996feb9c6e050e34260d

                                                                      SHA256

                                                                      6e8504b31772e60bff77312ab72883c8dd0a140c05d7b39bbf6b29748758e008

                                                                      SHA512

                                                                      b594b0b7325aaeaee062cf6ef35af9fac0ce644368e228865ef83df61fe1816fba9f218164b2045d43780cdc6b12add56de80f352200e80439efdd1fc92ba6d1

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      b08757e67605adea5efabbb9fddbd115

                                                                      SHA1

                                                                      4ab8383b6825829578df89bbe205c48428520c21

                                                                      SHA256

                                                                      e655398f04cd10abb99942831f520b0b15f5d92e46cc667c5dfd33aed2f812f2

                                                                      SHA512

                                                                      2cce38c1ed3481fefe995be89be066e78cde499a49c3760852d9b8e2ee3459a5a6ac0631be6a3fab8701ad751c6ba9feaa89132faa94ec3598fc9d694e7259eb

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      d01c2425ef096c118fd7a64e8675dd16

                                                                      SHA1

                                                                      f190a12d621af3ceef8935a1e8ab88cfe17e091a

                                                                      SHA256

                                                                      2b99be430c27d558e8a819e6956d399fcdb4cd4cc04eacbb28ba8c3799e271f3

                                                                      SHA512

                                                                      4c9b6ab81f298737560435cb97347d7fc223c8876a8427a55bd61799a4fce4275fc14f87dc5ccff5cc58e25a1b86b4354896ce60497a9c2741268ef8ea0248e6

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58024d.TMP
                                                                      Filesize

                                                                      1KB

                                                                      MD5

                                                                      7e70b6a567a857e3418f48f4f9cad3d3

                                                                      SHA1

                                                                      7c478af78d9fbc0083beefd5f86ae5df25878e3d

                                                                      SHA256

                                                                      862c1b0e954137a42dc4b06f55a4039037eb880ce4e9f5b9e1c5f206b9d53cdb

                                                                      SHA512

                                                                      acd1c6cfa4649c43979574d4e5b893968821b13b18650be0e4abb85c604e2a2d5c8c05ff7abbc7265e35cfc8e06b2a2096bb2fb79870d2d5dc47319c0a76302e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                      SHA1

                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                      SHA256

                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                      SHA512

                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      11KB

                                                                      MD5

                                                                      a6b22921d1db3c7019e0bed4696154f1

                                                                      SHA1

                                                                      1f95ab0c953658adc97a8aa49a5d5b02004d6e83

                                                                      SHA256

                                                                      5c1297d727a301ba21727bc93475f3367efc7746908b79a535d1ee2fd6eaef0d

                                                                      SHA512

                                                                      8489c58f6a8c85b42ac83ca70b1b1308193fb6132f3549f7f6e90362db0f90416a90ea32ead11a2b4ba04185fccef9d6eb1a3b5db53e4bff7ed14a3847fad0ca

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      10KB

                                                                      MD5

                                                                      cd31f81c1d52c453ada5997a69046b04

                                                                      SHA1

                                                                      c63c924ddbf4e2f3703a995e5c81e353c3709603

                                                                      SHA256

                                                                      cded5c076301e274ff3ccef6f96500e6686ea656572e9cbaf0e1dbceb50e068b

                                                                      SHA512

                                                                      9e01bb0b5627f1d1301c6acf0568f65d0677e3eb7d803a98b927839e642980dd0ecf8fc0792e625edc1c245de855a4c249bff19a8fe99318e7f24db6d0cfa744

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                      Filesize

                                                                      10KB

                                                                      MD5

                                                                      39dd8f598fae70980629c2d2b30682aa

                                                                      SHA1

                                                                      a7eba57be6b2c5581baa86872ab133d17fe4bc35

                                                                      SHA256

                                                                      97e9dd2aae2d4f27b27189155acf846a40f96742aa02e37de6a546a91a65c28a

                                                                      SHA512

                                                                      3085d1245a012d6a82966b0eae1ad0b8a037ad5e15792c088d39911fc33075864531c6543ae5a11e24efa74ce8506a3217ccd2846809cf85cf1e8ac786b8e95c

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Temp\7zSC5EA7C67\setup.exe
                                                                      Filesize

                                                                      7.3MB

                                                                      MD5

                                                                      49e7ebda27b78f0995322e0fa63336b3

                                                                      SHA1

                                                                      6e38e971bc7f249e4fd726d25a40a38dcb5acf3b

                                                                      SHA256

                                                                      4cb3d4754510e21dbd794a59eb47ff4d811064ccb9c74b02b1d62a96c9f2de7d

                                                                      SHA512

                                                                      ac6cfac6ecaa9feb74ee5631aa09649d2db33f6fcdbf4f65a0216f396d8b2e8ff5d1c62b14f6d025f29e37b3eccf87e9b838024e6c82502c956a21f686268b18

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2502031105272714620.dll
                                                                      Filesize

                                                                      6.8MB

                                                                      MD5

                                                                      be12a3550124e852e52fa2effa9d48da

                                                                      SHA1

                                                                      a026f8a03b22fcfc4b256b28177938645a423f63

                                                                      SHA256

                                                                      41d5b126b9d1885a0e4f42b67366cde76ecb7573e93213ad6d6ef398d5787706

                                                                      SHA512

                                                                      331320f69449e632de51f1317788f5fe64b647a8493bb13088c26dcfc86969716f06ec9956048cf4fcc817fd499ea153fcc8a26c3757da882c3f6045529d6602

                                                                      Download Submit

                                                                    • C:\Users\Admin\Downloads\Melting.exe
                                                                      Filesize

                                                                      12KB

                                                                      MD5

                                                                      833619a4c9e8c808f092bf477af62618

                                                                      SHA1

                                                                      b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

                                                                      SHA256

                                                                      92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

                                                                      SHA512

                                                                      4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

                                                                      Download Submit

                                                                    • C:\Users\Admin\Downloads\Sin confirmar 532474.crdownload
                                                                      Filesize

                                                                      138KB

                                                                      MD5

                                                                      0b3b2dff5503cb032acd11d232a3af55

                                                                      SHA1

                                                                      6efc31c1d67f70cf77c319199ac39f70d5a7fa95

                                                                      SHA256

                                                                      ef878461a149024f3065121ff4e165731ecabef1b94b0b3ed2eda010ad39202b

                                                                      SHA512

                                                                      484014d65875e706f7e5e5f54c2045d620e5cce5979bf7f37b45c613e6d948719c0b8e466df5d8908706133ce4c4b71a11b804417831c9dbaf72b6854231ea17

                                                                      Download Submit

                                                                    • C:\Users\Admin\Downloads\Sin confirmar 93010.crdownload
                                                                      Filesize

                                                                      1.9MB

                                                                      MD5

                                                                      faa6cb3e816adaeaabf2930457c79c33

                                                                      SHA1

                                                                      6539de41b48d271bf4237e6eb09b0ee40f9a2140

                                                                      SHA256

                                                                      6680317e6eaa04315b47aaadd986262cd485c8a4bd843902f4c779c858a3e31b

                                                                      SHA512

                                                                      58859556771203d736ee991b651a6a409de7e3059c2afe81d4545864295c383f75cfbabf3cffaa0c412a6ec27bf939f0893c28152f53512c7885e597db8d2c66

                                                                      Download Submit

                                                                    • memory/1484-527-0x0000000000400000-0x0000000000ABC000-memory.dmp

                                                                      Filesize

                                                                      6.7MB

                                                                      Download

                                                                    • memory/1484-500-0x0000000000400000-0x0000000000ABC000-memory.dmp

                                                                      Filesize

                                                                      6.7MB

                                                                      Download

                                                                    • memory/1484-484-0x0000000000400000-0x0000000000ABC000-memory.dmp

                                                                      Filesize

                                                                      6.7MB

                                                                      Download

                                                                    • memory/4016-626-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                      Filesize

                                                                      400KB

                                                                      Download

                                                                    • memory/4016-655-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                      Filesize

                                                                      400KB

                                                                      Download

                                                                    • memory/4016-657-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                      Filesize

                                                                      400KB

                                                                      Download

                                                                    • memory/4016-661-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                      Filesize

                                                                      400KB

                                                                      Download

                                                                    • memory/4016-665-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                      Filesize

                                                                      400KB

                                                                      Download