01cc2b1bca4a1a99bb6ae311ff222b788700913cb0ba765dbdee7f25160bf91a

Analysis

max time kernel
1043s
max time network
952s
platform
windows10-ltsc_2021_x64
resource
win10ltsc2021-20250314-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system
submitted
25/03/2025, 06:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

[CRACKED BY L1nc0In] NEW DCRat.rar
Size

97.2MB
MD5

7e51293bc2161cb1daf677e7c95f4811
SHA1

a228a7c2e2efd5abd891b8cfc0d33f3b536a36f3
SHA256

01cc2b1bca4a1a99bb6ae311ff222b788700913cb0ba765dbdee7f25160bf91a
SHA512

04bed232d385c16425e94782ecc55ea6a33e8c92b18859c4dcd7d4697c483c5b3f46c0835bd134a3cbf1da47d22197ce7cdc7a9c06b5e9e9c76dc8d4fd766163
SSDEEP

3145728:yEaICN96e3iUVcIEg2njK723B+CTfg8B1:yEaICr6ejSIEgeK75CTfg01

Score

8^/10

discovery

Malware Config

Signatures

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\drivers\etc\hosts	Patcher.exe

Executes dropped EXE 2 IoCs

pid	Process
5536	Patcher.exe
4472	DCRat.exe

Loads dropped DLL 4 IoCs

pid	Process
5536	Patcher.exe
5536	Patcher.exe
5536	Patcher.exe
5536	Patcher.exe

Drops desktop.ini file(s) 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Documents\desktop.ini	firefox.exe
File opened for modification	C:\Users\Public\desktop.ini	firefox.exe
File opened for modification	C:\Users\Public\Documents\desktop.ini	firefox.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
140	pastebin.com
75	pastebin.com
76	pastebin.com
77	pastebin.com

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
5536	Patcher.exe
5536	Patcher.exe

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Patcher.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DCRat.exe

Checks processor information in registry 2 TTPs 26 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-780313508-644878201-565826771-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 24 IoCs

pid	Process
1756	WMIC.exe
1756	WMIC.exe
1756	WMIC.exe
1756	WMIC.exe
4812	WMIC.exe
4812	WMIC.exe
4812	WMIC.exe
4812	WMIC.exe
4948	WMIC.exe
4948	WMIC.exe
4948	WMIC.exe
4948	WMIC.exe
1136	WMIC.exe
1136	WMIC.exe
1136	WMIC.exe
1136	WMIC.exe
2536	WMIC.exe
2536	WMIC.exe
2536	WMIC.exe
2536	WMIC.exe
1128	WMIC.exe
1128	WMIC.exe
1128	WMIC.exe
1128	WMIC.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2696	7zFM.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	2696	7zFM.exe
Token: 35	2696	7zFM.exe
Token: SeSecurityPrivilege	2696	7zFM.exe
Token: SeIncreaseQuotaPrivilege	1756	WMIC.exe
Token: SeSecurityPrivilege	1756	WMIC.exe
Token: SeTakeOwnershipPrivilege	1756	WMIC.exe
Token: SeLoadDriverPrivilege	1756	WMIC.exe
Token: SeSystemProfilePrivilege	1756	WMIC.exe
Token: SeSystemtimePrivilege	1756	WMIC.exe
Token: SeProfSingleProcessPrivilege	1756	WMIC.exe
Token: SeIncBasePriorityPrivilege	1756	WMIC.exe
Token: SeCreatePagefilePrivilege	1756	WMIC.exe
Token: SeBackupPrivilege	1756	WMIC.exe
Token: SeRestorePrivilege	1756	WMIC.exe
Token: SeShutdownPrivilege	1756	WMIC.exe
Token: SeDebugPrivilege	1756	WMIC.exe
Token: SeSystemEnvironmentPrivilege	1756	WMIC.exe
Token: SeRemoteShutdownPrivilege	1756	WMIC.exe
Token: SeUndockPrivilege	1756	WMIC.exe
Token: SeManageVolumePrivilege	1756	WMIC.exe
Token: 33	1756	WMIC.exe
Token: 34	1756	WMIC.exe
Token: 35	1756	WMIC.exe
Token: 36	1756	WMIC.exe
Token: SeIncreaseQuotaPrivilege	1756	WMIC.exe
Token: SeSecurityPrivilege	1756	WMIC.exe
Token: SeTakeOwnershipPrivilege	1756	WMIC.exe
Token: SeLoadDriverPrivilege	1756	WMIC.exe
Token: SeSystemProfilePrivilege	1756	WMIC.exe
Token: SeSystemtimePrivilege	1756	WMIC.exe
Token: SeProfSingleProcessPrivilege	1756	WMIC.exe
Token: SeIncBasePriorityPrivilege	1756	WMIC.exe
Token: SeCreatePagefilePrivilege	1756	WMIC.exe
Token: SeBackupPrivilege	1756	WMIC.exe
Token: SeRestorePrivilege	1756	WMIC.exe
Token: SeShutdownPrivilege	1756	WMIC.exe
Token: SeDebugPrivilege	1756	WMIC.exe
Token: SeSystemEnvironmentPrivilege	1756	WMIC.exe
Token: SeRemoteShutdownPrivilege	1756	WMIC.exe
Token: SeUndockPrivilege	1756	WMIC.exe
Token: SeManageVolumePrivilege	1756	WMIC.exe
Token: 33	1756	WMIC.exe
Token: 34	1756	WMIC.exe
Token: 35	1756	WMIC.exe
Token: 36	1756	WMIC.exe
Token: SeIncreaseQuotaPrivilege	4812	WMIC.exe
Token: SeSecurityPrivilege	4812	WMIC.exe
Token: SeTakeOwnershipPrivilege	4812	WMIC.exe
Token: SeLoadDriverPrivilege	4812	WMIC.exe
Token: SeSystemProfilePrivilege	4812	WMIC.exe
Token: SeSystemtimePrivilege	4812	WMIC.exe
Token: SeProfSingleProcessPrivilege	4812	WMIC.exe
Token: SeIncBasePriorityPrivilege	4812	WMIC.exe
Token: SeCreatePagefilePrivilege	4812	WMIC.exe
Token: SeBackupPrivilege	4812	WMIC.exe
Token: SeRestorePrivilege	4812	WMIC.exe
Token: SeShutdownPrivilege	4812	WMIC.exe
Token: SeDebugPrivilege	4812	WMIC.exe
Token: SeSystemEnvironmentPrivilege	4812	WMIC.exe
Token: SeRemoteShutdownPrivilege	4812	WMIC.exe
Token: SeUndockPrivilege	4812	WMIC.exe
Token: SeManageVolumePrivilege	4812	WMIC.exe
Token: 33	4812	WMIC.exe
Token: 34	4812	WMIC.exe

Suspicious use of FindShellTrayWindow 21 IoCs

pid	Process
2696	7zFM.exe
2696	7zFM.exe
2696	7zFM.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe
2196	firefox.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
5164	javaw.exe
5164	javaw.exe
5164	javaw.exe
2196	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4472 wrote to memory of 5164	4472	DCRat.exe	95
PID 4472 wrote to memory of 5164	4472	DCRat.exe	95
PID 5164 wrote to memory of 6084	5164	javaw.exe	96
PID 5164 wrote to memory of 6084	5164	javaw.exe	96
PID 6084 wrote to memory of 1756	6084	cmd.exe	98
PID 6084 wrote to memory of 1756	6084	cmd.exe	98
PID 5164 wrote to memory of 4724	5164	javaw.exe	99
PID 5164 wrote to memory of 4724	5164	javaw.exe	99
PID 5164 wrote to memory of 4692	5164	javaw.exe	101
PID 5164 wrote to memory of 4692	5164	javaw.exe	101
PID 4692 wrote to memory of 4812	4692	cmd.exe	103
PID 4692 wrote to memory of 4812	4692	cmd.exe	103
PID 5164 wrote to memory of 4892	5164	javaw.exe	104
PID 5164 wrote to memory of 4892	5164	javaw.exe	104
PID 4892 wrote to memory of 4948	4892	cmd.exe	106
PID 4892 wrote to memory of 4948	4892	cmd.exe	106
PID 5164 wrote to memory of 4964	5164	javaw.exe	107
PID 5164 wrote to memory of 4964	5164	javaw.exe	107
PID 4964 wrote to memory of 1136	4964	cmd.exe	109
PID 4964 wrote to memory of 1136	4964	cmd.exe	109
PID 5164 wrote to memory of 5020	5164	javaw.exe	110
PID 5164 wrote to memory of 5020	5164	javaw.exe	110
PID 5020 wrote to memory of 2536	5020	cmd.exe	112
PID 5020 wrote to memory of 2536	5020	cmd.exe	112
PID 5164 wrote to memory of 4216	5164	javaw.exe	113
PID 5164 wrote to memory of 4216	5164	javaw.exe	113
PID 4216 wrote to memory of 1128	4216	cmd.exe	115
PID 4216 wrote to memory of 1128	4216	cmd.exe	115
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 3636 wrote to memory of 2196	3636	firefox.exe	118
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119
PID 2196 wrote to memory of 2716	2196	firefox.exe	119

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\[CRACKED BY L1nc0In] NEW DCRat.rar"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2696

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2340

C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\Patcher\Patcher.exe
"C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\Patcher\Patcher.exe"
1⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- System Location Discovery: System Language Discovery
PID:5536

C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\DCRat.exe
"C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\DCRat.exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:4472
- C:\Program Files\Java\jre-1.8\bin\javaw.exe
  "C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Dprism.dirtyopts=false -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\IIlIllIIlIllllIIIlIIlllIIIIIlIlllIIIIllllllIlIIlllIlIlIlllIIIlIIllIIIIlIllIlIlIlIlIlIIlllIlllIIllIIllIlIlllIlIIlllIIIIll.jar;lib\IIllIIIIIlIlIIlIIIllIllllIIIlllIIIlIlIIlIlIllllIIlIIllIlIlIllIIIIIlIlllllllIIIIlIIlIIllIIIlIlIlllIIIIllllIllIIIIIIlIllII.jar;lib\IlIIIIllIIIIIIIIIllIlIllIIIlIIllIIlIIllIIlIlIIIIIIIIIIlllIIlIllIIIlIlIllIllIlIlIlIlIllIlIllIlllIIllIlIllIlIIlllIIIIIlIlI.jar;lib\IlIlIIIIIIlIIIIIIllIlIIlIllIllIlIIIlIllllIlIlllIIlIIllIllIIlIlllIIIllllIlIllIIIIIIIIIlIIlIllIIllIIlIllIIIIlIIllIllllIlIl.jar;lib\IllIIIIIIIlllIIIlIlIllIIIIIllIllIlIIlIllIlIIlIllIIlIlIlIlllllllIIlllllllIIlIIIlIlIlIIlIllllIlllIIllllIIlllllIllIIIlIlIlI.jar;lib\IllIIIIIIlIIIIIlIllIIIIlIlIIIIlIIllIIllIIlIlllIlIlIlIIIlllllIlllIllIIIlllllIlIlIlIlllIlIIllIlIIlIlIIllIlIIllIlIlIIIlIIIl.jar;lib\IlllIIlllllIIllIIIlIIlIlIlIllllIlllIllllIIIIIlIllIIIIllIIlllIllIlIlIlIIIIllIllIIllllllIllIIlllIIIlIllllIlIllIIIIIIIIlIll.jar;lib\lIIIIIIllIllllllIIlllIlIIIIlIIllllIIIIIIIIllIIIIIlIIIIIIIlllIIIIIIlIIIlIlIlIlIlIllIllIlIllIlIlIIllIlIIIIlllIllIIllIIlIIl.jar;lib\lIIlIIlllIIIIIIlllIllIIIlIlIllIlllIlIllIllllIllIIIlIlIIIlIllIllIIlllIlllllIIIlIIlIIlIIIlIlllIIllIIIIlllIIIIlIIlllIlllllI.jar;lib\lIlllIIlIIlllIIllIIIlIIIIIlIlIlIIIIlIllIIlllIlllIllIlllIlIlIlllIIllIIllIIIlIllIIIlllIlllllIlIlIIlIIIIIllllIlIllIIllIllII.jar;lib\lIllllIllIlIIlIlIlllIIIllIIIIlIIllIllllIIlIIIIIlIIIlIIIIIIIIIIIIIIllIllIIlIlIlIlllllIlllllIIIIIIlIlIIIlIIllllIlIIIlIlllI.jar;lib\lIlllllIIlIllIllllIIIIlIIlIIIIIllIlllIIlIIllIllIIIlIIlllIllIIlllIIIlllIllllllllllIlIIIlIIlIllIIllIlllIlIlIIIIIIlllllIIlI.jar;lib\llIIIlllIIIllIIIIllIllIIlIIIlIllIlIIIIlIlIlIIllIIIlIIIlIIlllIIlIlIIIlIllllIIIIlIllIllllIlllIIlIIIIllIlIlIIlIIIllllllllIl.jar;lib\llIlIlIIIIIIllIllIIllIIlIlIlIllIIlllllIIlIIIIlIIIIIllIlIlIIIlIlIllllIlIlllIIlllIllIIIlIllllIIIllllIlllllIIIIIIllIlIIlIIl.jar;lib\llIlIlIIlllIllIlllIlIIIlIIIIlllIIIllIllllIIIIIIIIlllIlIIlllIIllIIllIlIIIllIIIIlIIlIllllIlIlllIllIIIIlIIlllIlIlIllIIlIllI.jar;lib\llIlIllIllIllIlIlllIlllIIIllllllIlIIlIllIlIlIlllIllIIIIIlllIIlIIlIllllIIIlllIllIIlIIIIIIlIlIIllIIIIlIlllIllIIlIlllIIIllI.jar" org.develnext.jphp.ext.javafx.FXLauncher
  2⤵
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:5164
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe baseboard get Manufacturer
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:6084
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe baseboard get Manufacturer
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:1756
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c USERPROFILE
    3⤵
    PID:4724
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe baseboard get Product
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4692
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe baseboard get Product
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:4812
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe CPU get ProcessorId
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4892
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe CPU get ProcessorId
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:4948
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'serialnumber'
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4964
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'serialnumber'
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1136
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe Path Win32_VideoController Get VideoProcessor
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:5020
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe Path Win32_VideoController Get VideoProcessor
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2536
- - C:\Windows\System32\cmd.exe
    C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'size'
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:4216
  - - C:\Windows\System32\wbem\WMIC.exe
      C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'size'
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1128

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3636
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Drops desktop.ini file(s)
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:2196
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 1936 -prefsLen 27100 -prefMapHandle 1964 -prefMapSize 270279 -ipcHandle 2056 -initialChannelId {93592b1f-186f-41c4-b215-6c779bb62579} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -appDir "C:\Program Files\Mozilla Firefox\browser" - 1 gpu
    3⤵
    PID:2716
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 2432 -prefsLen 27136 -prefMapHandle 2436 -prefMapSize 270279 -ipcHandle 2444 -initialChannelId {53af2d81-1fc5-4d52-8d81-934a78c9c390} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 2 socket
    3⤵
    PID:5932
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 3856 -prefsLen 27326 -prefMapHandle 3860 -prefMapSize 270279 -jsInitHandle 3864 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 3872 -initialChannelId {c449b2d9-81e7-47c4-85e3-e0542624095d} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 3 tab
    3⤵
    - Checks processor information in registry
    PID:4472
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -prefsHandle 4068 -prefsLen 27326 -prefMapHandle 4072 -prefMapSize 270279 -ipcHandle 4088 -initialChannelId {1e15b546-0a41-464d-9e91-b1c0ac056342} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -appDir "C:\Program Files\Mozilla Firefox\browser" - 4 rdd
    3⤵
    PID:3728
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 2944 -prefsLen 34825 -prefMapHandle 2628 -prefMapSize 270279 -jsInitHandle 2856 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 3248 -initialChannelId {b9486e93-87e6-4dea-ba6a-ed1d30c6e0e3} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 5 tab
    3⤵
    - Checks processor information in registry
    PID:5800
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -parentBuildID 20250130195129 -sandboxingKind 0 -prefsHandle 5148 -prefsLen 35013 -prefMapHandle 5152 -prefMapSize 270279 -ipcHandle 5128 -initialChannelId {ea443b18-92c9-4ea8-9e07-f045290bbe9a} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 6 utility
    3⤵
    - Checks processor information in registry
    PID:5692
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5256 -prefsLen 32900 -prefMapHandle 5260 -prefMapSize 270279 -jsInitHandle 5264 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5236 -initialChannelId {b8686d7b-706a-4af2-b9c1-70bdc22a1430} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 7 tab
    3⤵
    - Checks processor information in registry
    PID:3968
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5468 -prefsLen 32900 -prefMapHandle 5472 -prefMapSize 270279 -jsInitHandle 5476 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5484 -initialChannelId {ba3f7851-1802-4e60-9c81-42d0090e5d73} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 8 tab
    3⤵
    - Checks processor information in registry
    PID:4772
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5676 -prefsLen 32952 -prefMapHandle 5680 -prefMapSize 270279 -jsInitHandle 5684 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5692 -initialChannelId {df58ecf9-c690-4c8d-aaa2-fdb32378be71} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 9 tab
    3⤵
    - Checks processor information in registry
    PID:3000
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 6076 -prefsLen 33031 -prefMapHandle 6116 -prefMapSize 270279 -jsInitHandle 6112 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6128 -initialChannelId {1418c391-88b8-49cf-932d-1e3f273e7028} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 10 tab
    3⤵
    - Checks processor information in registry
    PID:1204
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5892 -prefsLen 36918 -prefMapHandle 5888 -prefMapSize 270279 -jsInitHandle 5900 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 5492 -initialChannelId {2a4d3c81-af94-4c0d-ac63-e3592f1ce4de} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 11 tab
    3⤵
    - Checks processor information in registry
    PID:4116
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5552 -prefsLen 36918 -prefMapHandle 5556 -prefMapSize 270279 -jsInitHandle 5540 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6684 -initialChannelId {68f9d686-cb82-4bd8-ba09-1ced47538d8e} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 12 tab
    3⤵
    - Checks processor information in registry
    PID:4688
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5584 -prefsLen 36918 -prefMapHandle 5552 -prefMapSize 270279 -jsInitHandle 5556 -jsInitLen 253512 -parentBuildID 20250130195129 -ipcHandle 6832 -initialChannelId {223737c4-cc04-477a-92fb-00072ec6d32d} -parentPid 2196 -crashReporter "\\.\pipe\gecko-crash-server-pipe.2196" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 13 tab
    3⤵
    - Checks processor information in registry
    PID:1784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\activity-stream.contile.json

Filesize
4KB

MD5
3aba48bb21ccc1ca59356abe84a7d21e

SHA1
9689a1f4d7b674cad5e03ba6c6eeab37bf435570

SHA256
16414916485e1dd42ad183782bd8e7045229e6d1f4437203c518c345b2983b2e

SHA512
f331ef0fff4a5940e843efe9c407fe7f13644aaa5f02ce998b8e2866a0e281e12dae243361da5eb8970c2b1bc083cffaabc0905fbcdc0d88ee51fb4e17d36865

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\activity-stream.discovery_stream.json.tmp

Filesize
27KB

MD5
90c87151cd947166084c720b5ef2c5d4

SHA1
f25b61391d8276967f8fc02eb96052733f0fc1fc

SHA256
0b92faba61588630b7c4887c7a9adb65e7e343231205d6c386ba384a88bd9708

SHA512
a5f05db33e89b0928f68e0839de790dc149187114e0a9e8f0b368a42c686d0ea1762bfc867381cfa68126e7c415108cfc842d6cb11454d6563e45c1dd602eca4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

Filesize
13KB

MD5
777945047c189f86607738b26bddf6b6

SHA1
eea36f6fc2c0fbeb0e38d920f8e1b62fe10caf9d

SHA256
5b17ebe4a10b4f55b1e6ec264abdaf7c72a39faba5088703c25859af7753e5e3

SHA512
71d014d32470cb575f1b7382eba9e9fe6dd8d38f0609c56565f7fd5e87b3aec24519f62350be53bb14234ceea831ae63c950c35b9ace21527bf7db0de9e3ecbf

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\cache2\entries\A585344A45AF937E3AB7D706291A9A3ED8D581D9

Filesize
13KB

MD5
5374b0a5316c81d24be4a785f6041116

SHA1
4af9e2245487ce2a94fe6c6b27013f0ce226394e

SHA256
3bddc1a6dce16b332df7d576d7cd8f8e57b5eef7752af7356968d06460326cbf

SHA512
f6fd3e9ea657c6d6285a48d51cbfadbd4a3a3101bd329dbe760f973a9ccbab661e2d18d0bcbb22da84cffeffe06d7d6c735d8cb190b141bc065f4067a487a8a4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\cache2\entries\E19316B1CDA62317F9DA2551F9B56E711FCC77AD

Filesize
13KB

MD5
8c9354fe2b8f3cd5320c2417999b9463

SHA1
47a67897ac6eb961f90ad9b670af0ba115d3db71

SHA256
7807561aca6584874d361174d5d18020a1f29b7b33080507379be1200a47e64e

SHA512
6a24c73f698fbd2059220cb5a9c133e94b9ff135709057debe7a43ab8de3cd5860afab8f665c6fceaa22c6983facf87053d3f9d26af032abd99aa61e5ba1dec0

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json

Filesize
67KB

MD5
6c651609d367b10d1b25ef4c5f2b3318

SHA1
0abcc756ea415abda969cd1e854e7e8ebeb6f2d4

SHA256
960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9

SHA512
3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json

Filesize
44KB

MD5
39b73a66581c5a481a64f4dedf5b4f5c

SHA1
90e4a0883bb3f050dba2fee218450390d46f35e2

SHA256
022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17

SHA512
cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json

Filesize
33KB

MD5
0ed0473b23b5a9e7d1116e8d4d5ca567

SHA1
4eb5e948ac28453c4b90607e223f9e7d901301c4

SHA256
eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b

SHA512
464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json

Filesize
33KB

MD5
c82700fcfcd9b5117176362d25f3e6f6

SHA1
a7ad40b40c7e8e5e11878f4702952a4014c5d22a

SHA256
c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780

SHA512
d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json

Filesize
67KB

MD5
df96946198f092c029fd6880e5e6c6ec

SHA1
9aee90b66b8f9656063f9476ff7b87d2d267dcda

SHA256
df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996

SHA512
43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json

Filesize
45KB

MD5
a92a0fffc831e6c20431b070a7d16d5a

SHA1
da5bbe65f10e5385cbe09db3630ae636413b4e39

SHA256
8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c

SHA512
31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json

Filesize
45KB

MD5
6ccd943214682ac8c4ec08b7ec6dbcbd

SHA1
18417647f7c76581d79b537a70bf64f614f60fa2

SHA256
ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b

SHA512
e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_finance.json

Filesize
33KB

MD5
e95c2d2fc654b87e77b0a8a37aaa7fcf

SHA1
b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc

SHA256
384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e

SHA512
9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json

Filesize
67KB

MD5
70ba02dedd216430894d29940fc627c2

SHA1
f0c9aa816c6b0e171525a984fd844d3a8cabd505

SHA256
905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34

SHA512
3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_games.json

Filesize
44KB

MD5
4182a69a05463f9c388527a7db4201de

SHA1
5a0044aed787086c0b79ff0f51368d78c36f76bc

SHA256
35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85

SHA512
40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_health.json

Filesize
33KB

MD5
11711337d2acc6c6a10e2fb79ac90187

SHA1
5583047c473c8045324519a4a432d06643de055d

SHA256
150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565

SHA512
c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json

Filesize
67KB

MD5
bb45971231bd3501aba1cd07715e4c95

SHA1
ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a

SHA256
47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d

SHA512
74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json

Filesize
33KB

MD5
250acc54f92176775d6bdd8412432d9f

SHA1
a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65

SHA256
19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54

SHA512
a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json

Filesize
67KB

MD5
36689de6804ca5af92224681ee9ea137

SHA1
729d590068e9c891939fc17921930630cd4938dd

SHA256
e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52

SHA512
1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json

Filesize
33KB

MD5
2d69892acde24ad6383082243efa3d37

SHA1
d8edc1c15739e34232012bb255872991edb72bc7

SHA256
29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a

SHA512
da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_law_and_government.json

Filesize
68KB

MD5
80c49b0f2d195f702e5707ba632ae188

SHA1
e65161da245318d1f6fdc001e8b97b4fd0bc50e7

SHA256
257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63

SHA512
972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_online_communities.json

Filesize
67KB

MD5
37a74ab20e8447abd6ca918b6b39bb04

SHA1
b50986e6bb542f5eca8b805328be51eaa77e6c39

SHA256
11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f

SHA512
49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_people_and_society.json

Filesize
45KB

MD5
b1bd26cf5575ebb7ca511a05ea13fbd2

SHA1
e83d7f64b2884ea73357b4a15d25902517e51da8

SHA256
4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0

SHA512
edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json

Filesize
44KB

MD5
5b26aca80818dd92509f6a9013c4c662

SHA1
31e322209ba7cc1abd55bbb72a3c15bc2e4a895f

SHA256
dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671

SHA512
29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_real_estate.json

Filesize
67KB

MD5
9899942e9cd28bcb9bf5074800eae2d0

SHA1
15e5071e5ed58001011652befc224aed06ee068f

SHA256
efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a

SHA512
9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_reference.json

Filesize
56KB

MD5
567eaa19be0963b28b000826e8dd6c77

SHA1
7e4524c36113bbbafee34e38367b919964649583

SHA256
3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49

SHA512
6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_science.json

Filesize
56KB

MD5
7a8fd079bb1aeb4710a285ec909c62b9

SHA1
8429335e5866c7c21d752a11f57f76399e5634b6

SHA256
9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32

SHA512
8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_shopping.json

Filesize
67KB

MD5
97d4a0fd003e123df601b5fd205e97f8

SHA1
a802a515d04442b6bde60614e3d515d2983d4c00

SHA256
bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6

SHA512
111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_sports.json

Filesize
56KB

MD5
ce4e75385300f9c03fdd52420e0f822f

SHA1
85c34648c253e4c88161d09dd1e25439b763628c

SHA256
44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14

SHA512
d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\nb_model_build_attachment_travel.json

Filesize
67KB

MD5
48139e5ba1c595568f59fe880d6e4e83

SHA1
5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78

SHA256
4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa

SHA512
57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\personality-provider\recipe_attachment.json

Filesize
1KB

MD5
be3d0f91b7957bbbf8a20859fd32d417

SHA1
fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10

SHA256
fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7

SHA512
8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\50jftte4.default-release\thumbnails\97ec0cfe57d5e25e8656f7ced0f605f6.png

Filesize
2KB

MD5
ef6cf3bdfabcb5ffa5f5c3e4d76e1334

SHA1
8336cb18befb0dea685719bd6262312d6a54bb26

SHA256
af495d464ad8b9cecc27f39b4f96454703613b2bc6a519cacf5f7b2a88af68e0

SHA512
6d0377b9d50afc980aa13b88c0af287929e0a5d20b1d0100e28c26b50cb70731417ec0f9b5bf4014b5b6e736d2ef0a0d32a01e32bc5636370147f0cb85df6e55

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zE88AABC47\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\CMD_native\icon.png

Filesize
2KB

MD5
a8e72c0e27750ce36da3110126c38afe

SHA1
e96bc3555f8ed8e715af94d492965b4e6597563c

SHA256
a4f7e5adde35c1979fbf2cc44b37e2907ec963468443e34262b207dd3dab81b8

SHA512
e43e2c6abb6006c783331cb8b0e290560bb65f7cfd0e113bbddb31a6978aee31fb39a2b22b38ef83f27d512152329d066bc270e640e8900b2746a2a4e0b4dd48

Download Submit
C:\Users\Admin\AppData\Local\Temp\remote-settings-startup-bundle-

Filesize
186KB

MD5
9919a2515645639943abcc05b3626d1b

SHA1
c8bf524b4468967b3c94684d8c197740222c575a

SHA256
b89bca58fa820bf15b16a7d304375d2a0be54dd612c0995293b3a79d98162159

SHA512
9ce33ae8fc99fbedcfb905eb624da633ea670605930bead80f7af9091003aab1a7c342b1caf17168276d4afae816a84bcc9637ab57bb5dd7f40b5dd25787943c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
14.0MB

MD5
bcceccab13375513a6e8ab48e7b63496

SHA1
63d8a68cf562424d3fc3be1297d83f8247e24142

SHA256
a6af95a209b2e652ed6766804b9b8ad6b6a68f2c610b8f14713cd40df0d62bf9

SHA512
d94483deaae98bf9212699f1ab0bd913f6151a63e65ebc1ea644ab98d5e3ebd74ecaa08f70aca31e11a5d2c64d1504b723817af35bbe9d7b05c758dd6945d484

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
11KB

MD5
25e8156b7f7ca8dad999ee2b93a32b71

SHA1
db587e9e9559b433cee57435cb97a83963659430

SHA256
ddf3ba4e25a622276755133e0cce5605b83719c7cab3546e09acbfed00d6a986

SHA512
1211b2fa997ba13ff926aec58b6b35a81d7fe108b0caa8f4d6369d0a37f8481373b78a4b201651243adde9e2b2699ce929482a46226ff6299b0a0e40fe2ddc56

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
502KB

MD5
e690f995973164fe425f76589b1be2d9

SHA1
e947c4dad203aab37a003194dddc7980c74fa712

SHA256
87862f4bc8559fbe578389a9501dc01c4c585edb4bb03b238493327296d60171

SHA512
77991110c1d195616e936d27151d02e4d957be6c20a4f3b3511567868b5ddffc6abbfdc668d17672f5d681f12b20237c7905f9b0daaa6d71dcdac4b38f2448b2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\W1MYYX3Y4WRH18KQATQ1.temp

Filesize
7KB

MD5
b281515424b80dff4216b7f3d2a46264

SHA1
0577fd4f33f4279197e9b5153f87faa33c159898

SHA256
999e7d422071f17e360c9aab00937fd508a7bfb41ea3870d6416fbed812eb199

SHA512
1c8b341c5051f38ea9b49587268b9c576f91bef32f074ba927697eae12f9224ea70139935bd19384229d8beb973f48ad36d18c75675084c720a900ac3923b167

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\addonStartup.json.lz4

Filesize
4KB

MD5
35c57ef3bb7fb049e70102ad43f25888

SHA1
296602a909d76805ebbfe3ad9cb992590066e62f

SHA256
205c73b4dc0132465891b658c0d08fbca4fad9bc1e32e6e8325e5d364d66a23b

SHA512
21660a7249be35bed459ca296b347612ee2fb5a443b2c16ef2d449ce776e7ebad2133be22e7f1c8df20f2950c8f5fc9fe7778b529b4196c4c6bbfb42baf0e3e9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\bookmarkbackups\bookmarks-2025-03-25_10_voafIhEmjdoikwKScyIDTCME5sRoLOau7H5yVJcWDTw=.jsonlz4

Filesize
847B

MD5
8ec655be73e94c8e7b03b3998823cbce

SHA1
f24b871a1feb4c0a62e866148f9b6de7e6ec756f

SHA256
c3a47d78cda0a900a27604f7d818c6f10e5ea1028e8de6ab00e6d9b9179ef928

SHA512
0441b4fbb7ef88c30fd5ec424219b09fb75b9338c0e7adaccf8f2ab5e24376e8831ef1263790e4797836c30eb1bdaf9a146d95d1ac2976ec403f85292682c70b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
1821c4aa174ab394cb35a82914f37651

SHA1
dc96ec5c7094003822e676eae28fb66872831a62

SHA256
be70c4401f6863f8c2fd743bb91cc1954e5fccc34286f09e9faa0a99d5632d1f

SHA512
82546435c917321b1dfb89506aa511cac88b855e48a617111ef5bb1866977068f61e5ca8f8ac422738d747b543f72435b9d4465dd7f2e597284a69e5a16bc7fd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
33KB

MD5
b9be409cc49934f3ebccc907312db66c

SHA1
8fac24de0f2b925329cb52815a2f49895cf6a4e6

SHA256
1d2b0ac14aead03b96a9347798d6b0c495ef82eafa5c1822d9cfb5323bdaf554

SHA512
2e445a5d89db3e1cd799be97de6b71f36271f48aac5a7b12116cbf77c1b3e7fb7108fb31c88b04ac02206ab0ce13c648ae9750bf3934f8fcf9e1df426ab17aca

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
33KB

MD5
803896823e70fc9d1a2373297d4d6e10

SHA1
f16abf546658cf894e9f927c8a8e5d2578caa1d8

SHA256
1756a6fda2df7f2f208715c0bda282ebba9b8e7c3f30cda27236e2b2d87e4e54

SHA512
699cea562c8054e2e695b60dfc1b6c1ce3742cb63d2fcb3fbcb10bb94e68323c76a07fbd2e0f20926069395e376867789be32186289702c0f61a9ac7f8930c86

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
7KB

MD5
bdcfb169a637bc47434bb49fa4394a70

SHA1
614f9e1386d1c8586eb07c5adf7e9c7ba2d959f9

SHA256
fed97e24fde0b2c0341f2cfe744eba07e07d2b630977f99de166dff9e9f90a47

SHA512
52f106d5ec18d5b7c6cc0a4bbd3a10c42cd58f9f7677aa41ca94b8ad0045d6223d64cafcd91cedd97409dc459c75d6b1a38c9b7502b1a8bdd6c04fa7acf9cdde

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\db\data.safe.tmp

Filesize
33KB

MD5
fcaec34ea1c714452357b10f29e72d92

SHA1
4a3c9dc1dc18d644126895510131e28496c51e56

SHA256
f4c8dbc602c3e5bea8e3c858e4b6374a2782159cae77b49e2b670d049aeba99c

SHA512
8702babe1c63566bd38ece034b4be4579863321868fdea60c26661acf29d178eb8368f4d16c95544cfdbeec4b8acbecd3d0dd7ea30b3a6a97aab494d31c0a0db

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\events\events

Filesize
1KB

MD5
33b3b12f160e9f80b21cf0f16ed427c4

SHA1
dc89883048ebb5eb4d4f1740c3dd40907e49208b

SHA256
f9eac88019447869ae3f9c90b01ed2032132d56a0825ff351fb430b11c597baf

SHA512
2c060506735a7737d3062839396b578f1b00cbf1af95ec1dc6864cf5afc1c268aca9d8210c939a1bf2ab9f35c5b38e459422871d1996cd43632eb40d495b5d2c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\36513733-d243-4e83-a6af-86c7f5fc167e

Filesize
235B

MD5
b0a65f03d5c9aabae112534028934313

SHA1
42ed1856a2ae71753e05559c1151a8803812655c

SHA256
d60c002b509c5ae4774ae4d24dd854f69126d4b7f69ebf5376ce195101834bc7

SHA512
4bbd44345c89b21b79e2084f7e42d62d6a470325a6655cd23f3651d237795e4677328694fc022b6bf51af3e363574aa307381491857121c983d386e059d2698f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\38e91b71-e08d-433c-bb41-a67026170e2a

Filesize
16KB

MD5
6afe137f93afd3440aeb14891cde961a

SHA1
d855145eed1b9e9d4c6e05b94f057f9f2fef9abc

SHA256
8b4353380212d3ab316a8d7c03865ffe16a3483a73d230aaa81c2dbd216a62ae

SHA512
2e3429027879e9cef16eaca9e0f0d1b4cb4e665f4eb06153a7b1e0f4cfd335507b7c020f7e0f4567690462eaee7bc50d24f5a131aa80f6e17556575ad6c4d931

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\52f7f3f3-f8c4-4041-92e6-1c143bbcc10e

Filesize
886B

MD5
caea2ef10e47332c376fcf0473bcdb33

SHA1
54aa0603c0f39606ecb84066b59f1aeb7e6ad7ef

SHA256
f9eef7ae84e1e6e25c8890f8a2844e8b727bf03923070c62ec4e89f2ca3354a0

SHA512
765048bde6199c070779fe8bca77a496b3599be537d500c7ac2607cbfd4fb209ba7d036a1d8165a8cbc8b2c65c118b3ae4bc54a893f1799e396649f41fae5f6a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\6f0aeef1-aa63-4f9b-8ab1-f638afb0ef38

Filesize
883B

MD5
237b25c8c37c960109775fb7f336fbab

SHA1
ae88a06394814208dfccdaac44e9a35f46055e45

SHA256
2b822dd2330ff1ccc22dab0dc54c148fd4a0fd1dd78c4eb9d4844a03644f4b28

SHA512
7bd6b2d2fe49188facbfef06fe8b69babab3d0ce77abd10998d2f1b330612c88ad95b809ebab392a176eb38fd871a0e3974d004dcae7cb26bea49c787a778fdb

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\ae3b4b62-5256-4bdb-b8fb-25a16b548df3

Filesize
2KB

MD5
8d9a2a78744d7772e4eec30049199f8c

SHA1
84a30721af831019ccdba63375f7810122cfac15

SHA256
5c6a5bc96c1a297293d2c8e0fbfd4c1580ba8e4948cbb33dbdafeb773655a14d

SHA512
bfcdb5dc4e6928f705b9864cd9a4632b66819844de1e3fda9408355bea2bf16ddc72e3be7fc8f197252960b6ae608eae3d6f1b657e89d218c0a768e4d24df2e1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\datareporting\glean\pending_pings\c1fb4c08-3965-4fc8-bd07-884b55ffd0e8

Filesize
235B

MD5
baee6b90ce5bf9696ef894b592b1b10c

SHA1
1e78a763ef14ba435a1b9b864d360c7c5521b531

SHA256
d17707ad9248704830af72e679c22b0fb6333e69295b8d7d123ed11ef64813bc

SHA512
9730e4b2cb0b24eb0298df284757095436512a4e5c3ef8380c7a210be962510d41eabe38ab30c4344072bc7cb5d30e2ec26cb12dc24ccc19c3c334bbc683ac5a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\extension-preferences.json

Filesize
942B

MD5
20357ec0806e9826d6daf456b6b16bd8

SHA1
7d5d7a921213989294eb5cea2ee760e562ce5293

SHA256
aecfc11c0db969b2c79da2144415a8859c77d66fbfc37ca4924ac58a0ff29834

SHA512
2333fde606ee727a6b6d9812ed40e56e5d0dba4ec35abcc11b67f8ad61d1d3d4af5db699d29b3ed6b459b9e142badae69ffbebf18974b5a1c72e45ecc8cf93cf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\extensions.json

Filesize
16KB

MD5
8e4483245a20536550091c560c9a6150

SHA1
189b4829e56bb279bff49e43bf92b3161aa5b4bb

SHA256
ce03f70c6af4e991e091677fa759ec3a289ebde12f845712ad8d19cef9d2bb6d

SHA512
a4906a6f20a74adb3b8c9a71286c78b70cbab49c1466b45dc0af154dff462a804f4c5d6108457ea0d4606c339eb181ef5ff36b6e6c2573df39e6ad913352c945

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.dll

Filesize
1.1MB

MD5
626073e8dcf656ac4130e3283c51cbba

SHA1
7e3197e5792e34a67bfef9727ce1dd7dc151284c

SHA256
37c005a7789747b412d6c0a6a4c30d15732da3d857b4f94b744be1a67231b651

SHA512
eebdeef5e47aeadfeebdbab8625f4ec91e15c4c4e4db4be91ea41be4a3da1e1afeed305f6470e5d6b2a31c41cbfb5548b35a15fccd7896d3fde7cdf402d7a339

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\gmp-gmpopenh264\2.6.0\gmpopenh264.info

Filesize
116B

MD5
ae29912407dfadf0d683982d4fb57293

SHA1
0542053f5a6ce07dc206f69230109be4a5e25775

SHA256
fe7686a6281f0ab519c32c788ce0da0d01640425018dcffcfcb81105757f6fe6

SHA512
6f9083152c02f93a900cb69b1ce879e0c0d69453f1046280ca549a0301ae7925facdda6329f7ccb61726addee78ba2fffc5ba3491a185f139f3155716caf0a8d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\gmp-widevinecdm\4.10.2891.0\manifest.json

Filesize
1001B

MD5
32aeacedce82bafbcba8d1ade9e88d5a

SHA1
a9b4858d2ae0b6595705634fd024f7e076426a24

SHA256
4ed3c6389f6f7cd94db5cd0f870c34a296fc0de3b1e707fccf01645b455790ce

SHA512
67dfe5632188714ec87f3c79dbe217a0ae4dfb784f3fac63affd20fef8b8ef1978c28b3bf7955f3daaf3004ac5316b1ffa964683b0676841bab4274c325c6e2b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\gmp-widevinecdm\4.10.2891.0\widevinecdm.dll

Filesize
18.5MB

MD5
1b32d1ec35a7ead1671efc0782b7edf0

SHA1
8e3274b9f2938ff2252ed74779dd6322c601a0c8

SHA256
3ed0dec36754402707c2ae4fbfa887fe3089945f6f7c1a8a3e6c1e64ad1c2648

SHA512
ab452caa2a529b5bf3874c291f1ffb2a30d9ea43dae5df6a6995dde4bc3506648c749317f0d8e94c31214e62f18f855d933b6d0b6b44634b01e058d3c5fcb499

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs-1.js

Filesize
11KB

MD5
ffcd96d1b16f804c3f11b6963066b992

SHA1
0240ee0dd9a87e290759b2a04203a7029136504d

SHA256
5f4c41ac045846fe31f0fe072eb29f8a0f17be46c647ef7cfd02190e2570b1bd

SHA512
e4127abf45a119ae648c7e5d81bd2002f9d0ec6f4c80b263d68feabc352402076a4c73dbdb02372d27d03e065db52d8595eedc1ad01a00d53581e280e9127da1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs-1.js

Filesize
6KB

MD5
a21008a24517017479a67e693e17ce35

SHA1
7ebfb88a105f14d786b499bd4229da4c145043a0

SHA256
08d9acbb6519b9354d41987223a710e31a01cdc387658e2953aa7d93343f3672

SHA512
836304d74ce7e64b88c41ed4220186f5e0f5369af681cc02ba646e6815d36bb95365b87829f3012a78f17148ec85ef2207520f7c49bd65d230b940751254d4a4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs-1.js

Filesize
12KB

MD5
4df14c3131f394c0f449e6338a7eb0c3

SHA1
6a0aa2fb3729695920d260d986335dfa0eb0b4b9

SHA256
478205cd84f8979831b3a6977ac706b98a0a679f5186e93f97388027fd973dc9

SHA512
f197d3fabaa2661a01cda93ceef775c49de6f9f72bb04b175cffd810b98843687798d85ee99b68a692a1d12f2d98cf879543077afe306ca2ce6392dda39eaf1d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs-1.js

Filesize
9KB

MD5
0ed4408a0d32e3d0618733419dd8065b

SHA1
515667504215377a5ad52ba3d4dc928858d82871

SHA256
e3891e58e44e89c83eb4e9350aa559ba6ff1bade4b242b30628b846e725dfb02

SHA512
b48c52cc84008fd70bd7592fd58ed77eac8389c90a7170b13b8a2103c856e12ffc725ac95d27e0fb1d19ca020ed8e93be1ca42301014013bd6e917483cfbe36d

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs.js

Filesize
6KB

MD5
5befda02e51c3eda005ecc66df6260fe

SHA1
631b2b4fe2bd3bb60b5cc8d08ad028f6a5365cdb

SHA256
75798e351c22720fe5475670d317ad564be1c150f869abe86707f960b774ca53

SHA512
48b948e31e6ec6bcdbce8fff53af32ba78e639c86644d227c12726af5ffe01aceb68657d6ce41137ea6535a1e0411a8a83bfb2b9347d66a87eaa9068beb624d8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\prefs.js

Filesize
7KB

MD5
5504526accc99dfcdc87e933dbc62266

SHA1
9aaf1dd09b8146fc8f10557c8631300f194a6a79

SHA256
931e9d81aad95abbac09eb06bb9258228126809301f033797059c74a6d04261a

SHA512
8a6f436e27779970cea0cd6bdcfd6bc371b2e5c1a73d5ac2c44f68da49363ab1d12db65d442cdd733ec3859fff6a1ab1e6e81ff2b6e4518cbef04888860f0a54

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\sessionstore-backups\recovery.baklz4

Filesize
1KB

MD5
eebd089d48731c259d45d8334bd38c30

SHA1
bdddbddf0470b6b584a8a5aaa4fe0c9463a44e62

SHA256
e63b18c826e82be337169e533456c83c13d6076855c76d83a5f505dc4d61d22e

SHA512
d584ebdf9bf5eb2a367c819365373e76cca50fbfdb3c1361fdb69dca625800412f31b6effa462671d2f4dd752774ba1b81944d309336bcd626d220e6bd279776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
6c45375ea9d2bc3be672cac9d11a6e22

SHA1
0c3fafe71661e454a33aea7faa08f93c3f030f3f

SHA256
394b1ac49186703720a4c0f3e2018cfa01d2791a84c227380fb732592b649b41

SHA512
22465f4221c15e696fb2fed77ac1913666021ddde26d8c6f292b67a9a6beac6fbde5807d48af3f4a1ad9b1383eba2a818b657939be4db8eecd4c531f04fd7ee7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.5MB

MD5
7f22fce5be40860cec6e1be3101ad2e5

SHA1
79c7f6c8ef81c4e848e2312c0756d7c4532f4367

SHA256
70b9524329c3a673acaa2cdacf863b67864e027f43274d0315b93d58a0416a59

SHA512
ac18c5d64af2c93f4ddd488b7d8e363f7aa31467cd7e83c9d079c17b65bcb9173f70030b7ce086d31711025f2637339f8f2997bcf979d6e82d51b3c3b892e7d4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.5MB

MD5
5cdb960ba656da6c147eb64d589be7d3

SHA1
5ab8ba23e11c6607a2c64ad95db77496c16675f4

SHA256
896b9c45478cbe83c09da948e80548a28b0f4025a991006ae84091e5defb8251

SHA512
b334eed44594e55272204d48f9b71476026aa48d680fed50bf40c83a5ab0742b03c5090e1959d9f66f75cf5eccc20e0f2019ffe1fe8eac49bc7f6be4fa632b76

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\50jftte4.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
3.5MB

MD5
40555a4faa6ee6bfdadb0018a947f52f

SHA1
e18e19ce2fd63b8c4c570657000eea1195057f01

SHA256
cd1ea905568caad3dfdbf2ac5e4b981afd01a69852026a5b1be27c5f10a187ef

SHA512
bf8853d7670589053a1698363f762c355943197aed715bfd8dc48391475aeea8215679a4437c076c880f9d0cde7a29e10b7d126a0f93a4e01825e7bb68a269c1

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\DCRat.exe

Filesize
72KB

MD5
2c7d37e90dd8ab57d06dad5bc7956885

SHA1
da789c107c4c68b8250b6589e45e5a3cf7a9a143

SHA256
5ede5d774ab65f25357cf5a1fa5e354f6f2a9868651a0fa717485802b21b1939

SHA512
e74ae891771bfd9c6fcdfbe8e4f33f0d5f7c3457cd84b257500cdaf8fa8b16fe458a18db9b3a60591465982fc2871f4c3f2e7541c765f00a0516f805e7e9ca0f

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\background.cache

Filesize
30.7MB

MD5
e9a266112aaa41170223d6590ab6a5b3

SHA1
b2c3538e7451e5518f20ed22d78eea09d03511e9

SHA256
b8c2c3c96bedae7480969d9d8a0f6cc0f1d5ecea75d2faffcfdf8e0e35482102

SHA512
3adb757d7eecd5692d1077245c7db8f9a07e8c4bec646320ce501b0b406a546a98d0b9a71ee2cb48be9a677e5d918942c9b62f0ff5a3d81b554d7229b716ba97

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\BrowsersStealer_native_table.json

Filesize
646B

MD5
1636bd49096db0da8950830bb7623fc2

SHA1
33cc39b80f61310a538434e649638ffce1deb509

SHA256
48cff9a838321e3e94c09850e2a0066f983483e5392cf34f0bb8dee06243e239

SHA512
14cfd3db019e0e56b15121e4794290ea3cb576d3aa707b086be404c234593a1ab5a257fe70b7b29c786be7601136d7891536f7f22209e14aae9f8fb7dfefd76b

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\ClientsStealer_native_table.json

Filesize
553B

MD5
f7ea715546229414175cbc3af4edd19b

SHA1
fba5a0f8f02c988022dedba68dd6c13b4ddf7b16

SHA256
04f3b9197836b371bbe41b8a697d38279eefb0e05fb35b120f8f10d41ad56da7

SHA512
64d1559c6870c875d93a6b89fca6921754b74a4c59e16a4ec16931cebd079d38202f3533aed18d97747edd95a45623c62ae5f6feee884ecc437d2b8f17e78026

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\CryptoStealer_table.json

Filesize
446B

MD5
e69d33901ca6529a591a98f81664da41

SHA1
0c94aac3e2ac893ffad0090a1f233e411c7fd9fa

SHA256
c1a7a5a414823dae75a841b06ed22350ab0074dd53f94c5aceb2b7654199d1bd

SHA512
bcea9947002502d3c95e067fa0dbe8176fc9c230c1b542b0d6ab0a13f54c88a77d4bac744fd7862d7d3eb7a4e535cc9c800f88108fdcf75d49f1b2f98f8d5858

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\DomainsHighlighter_table.json

Filesize
334B

MD5
45bbe0574eb17da50ed046de225eb471

SHA1
de4b472e72b646862f4e905d83c754f8920fa8ab

SHA256
b961bef437da8148e48155b0afd5c832f419fd0584c2031e4bac711afcd7f30a

SHA512
43ed8651f296053302ffb52c7beec077a8ce9c8919300ef8067dc19d6190304a2c32330ab657cb336d52707d3155bdbe8aa3a305dfd7bca3a58f4e4946c5dec9

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\FileGrabber_table.json

Filesize
325B

MD5
25b6b283950d5a4cc9bfeb23f3216ef7

SHA1
7aa08acc053c6eb7cdfd8dab17bf18f0c8e1eb17

SHA256
523788f164bc16b35f38322fd24db68c1fb271b97f90f2702ca1ccea3d803082

SHA512
5fc3ee6e472923bb36c22d5d203b5365c46bf6a5de633697a7a25b9ed84c3c58e48f7b22fb2c79187525b941714ea3473aaf422452d20ad29d5954564590a2b4

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\Keylogger_native_table.json

Filesize
226B

MD5
dc775737035388a3f4e8710e2eaa534d

SHA1
7021f397a6aa0f05ae538e052213c3a70bc3e6e6

SHA256
78baf226b6baf5f0f5fbe0c25831e5d533a436ed497237c336c0aec6ec5e19c2

SHA512
223ab881e2360b0ef0f25bc46aaada8544f13e9f6bf049121c6905682000cf32f98fef51b51ecd1a467183022276cf8e665812198857ad64b9edbc97a23d20c0

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\design\PluginsLoader_native.json

Filesize
1KB

MD5
f95369232ea564572d22588b40e51f25

SHA1
a49d68690973e83c382e39ef6c962e37a1236751

SHA256
fc4c68781b2343805da72ff8f8cec9882a1d36d8f3cacaa8707391589f6be262

SHA512
e5a96f0caee17274096f7b4bd5bcfd8e85cc1c56c1cd3a5b93431736bf7bacbe1cd18cacba1f8689f0b7447cb26745e23845502596c2b42e901997f5619fca17

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IIlIllIIlIllllIIIlIIlllIIIIIlIlllIIIIllllllIlIIlllIlIlIlllIIIlIIllIIIIlIllIlIlIlIlIlIIlllIlllIIllIIllIlIlllIlIIlllIIIIll.jar

Filesize
688KB

MD5
6696368a09c7f8fed4ea92c4e5238cee

SHA1
f89c282e557d1207afd7158b82721c3d425736a7

SHA256
c25d7a7b8f0715729bccb817e345f0fdd668dd4799c8dab1a4db3d6a37e7e3e4

SHA512
0ab24f07f956e3cdcd9d09c3aa4677ff60b70d7a48e7179a02e4ff9c0d2c7a1fc51624c3c8a5d892644e9f36f84f7aaf4aa6d2c9e1c291c88b3cff7568d54f76

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IIllIIIIIlIlIIlIIIllIllllIIIlllIIIlIlIIlIlIllllIIlIIllIlIlIllIIIIIlIlllllllIIIIlIIlIIllIIIlIlIlllIIIIllllIllIIIIIIlIllII.jar

Filesize
1.5MB

MD5
9ea3f51be2154e9b797e575153310a19

SHA1
feaf787cd94bb60e8bfacad21b4346c358b55c0a

SHA256
97758e611a82fc721ab1a7d2542b3ec33b1124e03b4c4798720a4c3756470ed0

SHA512
a5cace6e7069909a2aa8bacbe5e8dca61ecb195f4696a7467a0d1ee0f7f6043afcb27c43c1e1b496cf14aa4dde9e2d61352145840bac3bcb996b0bf2c047db37

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IlIIIIllIIIIIIIIIllIlIllIIIlIIllIIlIIllIIlIlIIIIIIIIIIlllIIlIllIIIlIlIllIllIlIlIlIlIllIlIllIlllIIllIlIllIlIIlllIIIIIlIlI.jar

Filesize
16KB

MD5
b50e2c75f5f0e1094e997de8a2a2d0ca

SHA1
d789eb689c091536ea6a01764bada387841264cb

SHA256
cf4068ebb5ecd47adec92afba943aea4eb2fee40871330d064b69770cccb9e23

SHA512
57d8ac613805edada6aeba7b55417fd7d41c93913c56c4c2c1a8e8a28bbb7a05aade6e02b70a798a078dc3c747967da242c6922b342209874f3caf7312670cb0

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IlIlIIIIIIlIIIIIIllIlIIlIllIllIlIIIlIllllIlIlllIIlIIllIllIIlIlllIIIllllIlIllIIIIIIIIIlIIlIllIIllIIlIllIIIIlIIllIllllIlIl.jar

Filesize
2.3MB

MD5
6316f84bc78d40b138dab1adc978ca5d

SHA1
b12ea05331ad89a9b09937367ebc20421f17b9ff

SHA256
d637e3326f87a173abd5f51ac98906a3237b9e511d07d31d6aafcf43f33dac17

SHA512
1cdca01ed9c2bc607207c8c51f4b532f4153e94b3846308332eccae25f9c5fddf8279e3063f44a75dd43d696eab0f9f340f9bf2f3ec805ab0f2f1de5135a426c

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IllIIIIIIIlllIIIlIlIllIIIIIllIllIlIIlIllIlIIlIllIIlIlIlIlllllllIIlllllllIIlIIIlIlIlIIlIllllIlllIIllllIIlllllIllIIIlIlIlI.jar

Filesize
103KB

MD5
b47c87129ff035cbf60ad5fd15b9ce32

SHA1
8819ba0dbd3f9f2df2a3b18554d31386925dcabe

SHA256
c25b377d6776b3c6c538340cae263c4c3dea7c4f94961bbe323ff79c569fce3c

SHA512
d022b363dc6e4e183ae6ea44b5019d088bddf63b4f85ce4676775388c76df01e3e8a63a0ca03f0e4f1191c121a28393a5da47cd7dc05d84d12722f4835909cd6

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IllIIIIIIlIIIIIlIllIIIIlIlIIIIlIIllIIllIIlIlllIlIlIlIIIlllllIlllIllIIIlllllIlIlIlIlllIlIIllIlIIlIlIIllIlIIllIlIlIIIlIIIl.jar

Filesize
31KB

MD5
6c7ed18ba835a47b32bac14d83c90bc1

SHA1
6a8237ae3f6cccd788aa47b2ecc22f580e810a01

SHA256
7f2f1bbfad38be1382913af2b7c2622470fa3af976fbd1f386c189af8ad136fa

SHA512
9670ede560347dffbbb0761e2de817ddbc426daa0fd97a53b1fd3c8a031dd6d5c2b0c6cebb21d1dffd23b45e504895736634939f75c39c48d580542ccd7ea66c

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\IlllIIlllllIIllIIIlIIlIlIlIllllIlllIllllIIIIIlIllIIIIllIIlllIllIlIlIlIIIIllIllIIllllllIllIIlllIIIlIllllIlIllIIIIIIIIlIll.jar

Filesize
19KB

MD5
0a79304556a1289aa9e6213f574f3b08

SHA1
7ee3bde3b1777bf65d4f62ce33295556223a26cd

SHA256
434e57fffc7df0b725c1d95cabafdcdb83858ccb3e5e728a74d3cf33a0ca9c79

SHA512
1560703d0c162d73c99cef9e8ddc050362e45209cc8dea6a34a49e2b6f99aae462eae27ba026bdb29433952b6696896bb96998a0f6ac0a3c1dbbb2f6ebc26a7e

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\lIIIIIIllIllllllIIlllIlIIIIlIIllllIIIIIIIIllIIIIIlIIIIIIIlllIIIIIIlIIIlIlIlIlIlIllIllIlIllIlIlIIllIlIIIIlllIllIIllIIlIIl.jar

Filesize
12KB

MD5
3e5e8cccff7ff343cbfe22588e569256

SHA1
66756daa182672bff27e453eed585325d8cc2a7a

SHA256
0f26584763ef1c5ec07d1f310f0b6504bc17732f04e37f4eb101338803be0dc4

SHA512
8ea5f31e25c3c48ee21c51abe9146ee2a270d603788ec47176c16acac15dad608eef4fa8ca0f34a1bbc6475c29e348bd62b0328e73d2e1071aaa745818867522

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\lIIlIIlllIIIIIIlllIllIIIlIlIllIlllIlIllIllllIllIIIlIlIIIlIllIllIIlllIlllllIIIlIIlIIlIIIlIlllIIllIIIIlllIIIIlIIlllIlllllI.jar

Filesize
250KB

MD5
fe734f7ab030363362fe3d3ba5e8f913

SHA1
2e9d54e3b410557c51c3ea101d66efbb5266b80a

SHA256
03ead999502aefbf1380bd2e9c4a407acb7a92a7b2fe61f6995aba3fca85efd4

SHA512
303ecea5f3f1130f473cde0d78270090290b6f13311bf7459282257ac3097b2b6086db461183f2d8c97a9101372155bf59bbfa12a74925136d0a2a615b648b2a

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\lIlllIIlIIlllIIllIIIlIIIIIlIlIlIIIIlIllIIlllIlllIllIlllIlIlIlllIIllIIllIIIlIllIIIlllIlllllIlIlIIlIIIIIllllIlIllIIllIllII.jar

Filesize
40.9MB

MD5
f739c9d20c92b6e785ef649b0cd05060

SHA1
69f166eabb47ac8866bb0b79d3dca66e40f9613c

SHA256
5ef28b3d65988d2db2fb8fef8829f3ffc1e2ea08f2342a18c73da0bf435ff5d3

SHA512
706ef16b6a7d6ec177556f348d8030abe2a06289f0b34b84c8bb536d0aaf6d77680a1022eb977a7acfbf3968a5875a6ec2984a5aa40a15c271a7c1be80c0f82a

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\lIllllIllIlIIlIlIlllIIIllIIIIlIIllIllllIIlIIIIIlIIIlIIIIIIIIIIIIIIllIllIIlIlIlIlllllIlllllIIIIIIlIlIIIlIIllllIlIIIlIlllI.jar

Filesize
226KB

MD5
5134a2350f58890ffb9db0b40047195d

SHA1
751f548c85fa49f330cecbb1875893f971b33c4e

SHA256
2d43eb5ea9e133d2ee2405cc14f5ee08951b8361302fdd93494a3a997b508d32

SHA512
c3cdaf66a99e6336abc80ff23374f6b62ac95ab2ae874c9075805e91d849b18e3f620cc202b4978fc92b73d98de96089c8714b1dd096b2ae1958cfa085715f7a

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\lIlllllIIlIllIllllIIIIlIIlIIIIIllIlllIIlIIllIllIIIlIIlllIllIIlllIIIlllIllllllllllIlIIIlIIlIllIIllIlllIlIlIIIIIIlllllIIlI.jar

Filesize
16KB

MD5
fde38932b12fc063451af6613d4470cc

SHA1
bc08c114681a3afc05fb8c0470776c3eae2eefeb

SHA256
9967ea3c3d1aee8db5a723f714fba38d2fc26d8553435ab0e1d4e123cd211830

SHA512
0f211f81101ced5fff466f2aab0e6c807bb18b23bc4928fe664c60653c99fa81b34edf5835fcc3affb34b0df1fa61c73a621df41355e4d82131f94fcc0b0e839

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\llIIIlllIIIllIIIIllIllIIlIIIlIllIlIIIIlIlIlIIllIIIlIIIlIIlllIIlIlIIIlIllllIIIIlIllIllllIlllIIlIIIIllIlIlIIlIIIllllllllIl.jar

Filesize
549KB

MD5
55b846c68a6cbaa2344342d8d7f0c779

SHA1
cb82af503d6d515a9fac3ec6adfb5a1a36eb6e46

SHA256
bb3bde3c3729767432620b0e865dbc1b517132ce3dbfd69a817f2bc617ff031f

SHA512
16a04125f44c0844dc7b39b13aef6ce4006e0c97a8f2b3ca160e2f623f5e4a9f439862270cb4cd8be80a5766c69fda0ca454c50310e5a579abfdf976b4b030a8

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\llIlIlIIIIIIllIllIIllIIlIlIlIllIIlllllIIlIIIIlIIIIIllIlIlIIIlIlIllllIlIlllIIlllIllIIIlIllllIIIllllIlllllIIIIIIllIlIIlIIl.jar

Filesize
19KB

MD5
fc6a26acdce0acd2d56904e17bc79f0e

SHA1
2e63d25e9ac5ac594e6b66103b88a0b8228a4dbe

SHA256
2759150bc72303fe10e6dfab84087a77bafa22af97b4f4760f4466d96adca806

SHA512
3f74f96b9ebb51c5d2237585eba0a838a4f601a9af8260cbe2ee68b9c321fb7aaf90f91506df133f873952d9ca5064ceacbf39fef8bfa0457c6e7b716fe1223c

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\llIlIlIIlllIllIlllIlIIIlIIIIlllIIIllIllllIIIIIIIIlllIlIIlllIIllIIllIlIIIllIIIIlIIlIllllIlIlllIllIIIIlIIlllIlIlIllIIlIllI.jar

Filesize
50KB

MD5
d093f94c050d5900795de8149cb84817

SHA1
54058dda5c9e66a22074590072c8a48559bba1fb

SHA256
4bec0794a0d69debe2f955bf495ea7c0858ad84cb0d2d549cacb82e70c060cba

SHA512
3faaa415fba5745298981014d0042e8e01850fccaac22f92469765fd8c56b920da877ff3138a629242d9c52e270e7e2ce89e7c69f6902859f48ea0359842e2fb

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\lib\llIlIllIllIllIlIlllIlllIIIllllllIlIIlIllIlIlIlllIllIIIIIlllIIlIIlIllllIIIlllIllIIlIIIIIIlIlIIllIIIIlIlllIllIIlIlllIIIllI.jar

Filesize
262KB

MD5
cf99a6b63f45f7f20963e43b55766d26

SHA1
9e2f86dff86eb065fb6fcf776da8b148ebb21e60

SHA256
e29ee818b2e7ef9fb3ebae9a49a3d6613f18ea2b756a305eecf8a7fe083d1972

SHA512
af7302d350d45837e207dcc91bd95e5891b62f19c682a7443d65feeee0aa6f3d0040c9a67a990cd9a81dfc6b899ffabbb01b44bda830d5bb48332419e2b65930

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Audio_native.plg

Filesize
134B

MD5
8ac7b72bc99bf0963d72f1e6f5cb3daf

SHA1
bdb16c87ae2ec6e3a029f5317816a70ddade3857

SHA256
90aef04ca6ae7221a44b45e50d8a9a9e1bff6e4ed17c5883fe0c6560c8db5206

SHA512
3958443b7e73135b310db53bc7cd4da871ce3ddcce0fbad5c77405f36af38474e50ee3d4748bec2e7b1207b36b5a3695ab1006fc37071bb28ad8e32b59dab6bb

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Audio_native\configuration.json

Filesize
154B

MD5
27b29dfa53c8bdc9112efc58149ad8ca

SHA1
739e9d401e13aebb90f30af0c090a115ca10849d

SHA256
0e70b651580562952f265ad855607c9b118492aa4abaa52d995bc0b10c1ed603

SHA512
08bbee207c35880ce818b422af2f8847c6ba1ee0360bb947e141e8ae2a12c1e2fb0aaca0a63c99a705b01d7c482d2277d7740754195ae2ac69f0be39ec9ccb08

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Autorun_native.plg

Filesize
120B

MD5
a3a068663e768c251433ae27ff6b1267

SHA1
414e98bee4fdfefa632681cea326f75656fb1502

SHA256
6507b86f8289eb0649bdfac6303d7101c266731556c40b35944932519216b5c3

SHA512
da5c4a737896e6e2891e757a1dedad0a82d28c84a41c8299c1e225d85c02410ae9bfe53f2da8797d4d44aa61da42c94f39bf312c3c59014b5e51975e63e95121

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Autorun_native\configuration.json

Filesize
177B

MD5
25f49a2d7ccbbf6dc38aa096d300fb96

SHA1
0613a4747d39ded5a679f79dd5083da36a85dd3f

SHA256
355bd7c67cd14e4f2e687aef644eb33deb3b52b8502a6a9622c06067d8a5885c

SHA512
9a8485d9e564e0e9dd507f525fbe7fc80e2f9436e2371ccdb71b4cc99df5218d6889423e53f10cf73a26aa20c96ce48257a66bb1b60614541ac1d5190cba0069

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\BrowsersStealer_native.plg

Filesize
146B

MD5
c961b23e2ea7ae8b9ef0dbbf89858828

SHA1
4abf9cac5fd6b4921a46e14e7a4572a50b88c430

SHA256
b3ffa55519f1c9c57c7d712aff8e9c52b06c5b9dfab1fc6113a79b734ba5a211

SHA512
f818449a12c20132c28309cb6c7301847e8d27544966038915ee5d5dd2f391cf29a0a47c4f9da3ecfc126337bbf63fe82cd511b2887cc8dfa291718bf62e7643

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\BrowsersStealer_native\configuration.json

Filesize
164B

MD5
a6bf5267dc19edb590fe2f3f3b22181d

SHA1
939974f8abfc21d5130902e85a35e6be9a7c78d1

SHA256
86d09d372465eabb63483cf983455efcdfac168d40f401ea4699db05f0cf1d96

SHA512
2a10d9611abc6b26a9c2abd2312578adc75704159327c33ea4026ad0342b3dd2ddd2f809b7b1619704887797f7241a14b558c32e8d5532b1212cc0e424014703

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\CMD_native.plg

Filesize
128B

MD5
4629063bdef75a733472882f7d043118

SHA1
37c017a596e97d2cb8a854cb9dffa62ee151053e

SHA256
6a251d511466b148dffaa608afd752399eed02a79fc6e1c9ee305d1aec473781

SHA512
2fa246addeaf31f09c22cf9ebbbd852317167276832908f85d300dd0a1dcca2c962cd40f1c95fc085278e86bf8bcb2f40892f76e59c3e9a84ea7130ef81f9528

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\CMD_native\configuration.json

Filesize
152B

MD5
3df4e2d044af857fab8bdb9c46a565e4

SHA1
f5dbdeb6c1e8c5fd6a7019dc1c60bd197ec80db0

SHA256
676a72640659bd910f3a0764695a27f47648bb47a52c82d17672dbac2caba65d

SHA512
73dcabb1e4bb60b6f92052144b4d1fe06a5a095df9a6b82186fa7c3732869f4cb2d10668d2f3625e457b7b9dc27c884dc90d89e9f74bea32bfdfe5d943c5d127

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Chat_native.plg

Filesize
131B

MD5
784309ece3edf0be434916dbe3ef827e

SHA1
ac618954e4c98897b03508b2b5eb94704325ac75

SHA256
39b1a342bd729c5e7a9fc38485c1a34b223840b16c55da51dd6119b0b9859f64

SHA512
65cf0f23f8a5496eb57ef08cdfab5c1162c10cf18ee6bb7478a5e742a34794bff7d963cfdf5aa047657c1934dcc876fd7add217db9e9c511d61fd2f5b1edd8b0

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Chat_native\configuration.json

Filesize
153B

MD5
78fe0b20fb0683bc13739513cf826f2f

SHA1
2afa83e9ff6495260ccc27829e8539762c8de3ea

SHA256
2d5abb9269144f96a3126aa02ad5a5108989e83583f22acfcdbb1fb7319d5aa5

SHA512
9c1560e50723a09e1ab04cf922295bc7c180e1c35dae1089964ff94051b231af797897e3612ca5f24dd73247340e11ee4f20be506ab25afdf219e8fa67eb9bb1

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\ClientsStealer_native.plg

Filesize
143B

MD5
e8e671b4d9266af293efd3dc106b1a6d

SHA1
cef9ff0b5b23767a049062c1b18fbeeb60250f56

SHA256
3048fee32fd98c549f3568f14dd9985c776dfde3f6dfd4772c74f05a7212835e

SHA512
3e4f8e3afb018e2fee400b56ae7310a87b2ccd141fbb5d5f7c2a6e9b3f69d1a0a1bf12a3bb7c7633fca7215e4f8238f50d07fd60d7fb0cc0a14d6d14678653fa

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\ClientsStealer_native\configuration.json

Filesize
163B

MD5
d3b2e0627432012083215387f96d9ef9

SHA1
207ab0e6d4bac1a996a1ba327c5153527729cd0e

SHA256
cb9a59527f96f79a509b9c2ce18ed4dca46656f225add8148d81005f85e4b8c8

SHA512
a112539e8ff035cc558532f51a854cdfbb3ac65ca0819639129d337d3d2577c20234634b3bb6e09cc737a43a7c36f1c75756a6e87e26ede951052b3926b10d3f

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Code_native.plg

Filesize
131B

MD5
f085b0bbe5365f543baff07b40713274

SHA1
f16346d8a880ee61386af264107320b6f917cf62

SHA256
7bb29808fe64c6c36904aad6439b23291ce12c8cc45bcaa7be5942c7062e1fe8

SHA512
222c4dbdb3681a23b2ce94b88dc40213f60a1a48691b0253fbbc12d1114f8121080e8f07864de9915e35560f14700ec53200a304726559db39a0453e9a937c3c

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Code_native\configuration.json

Filesize
153B

MD5
64114564fd2ac6a6715f16ed470345b6

SHA1
ecabc2a7ddcb0230bec547c118a252a05a9780ec

SHA256
23b8f658205d40e7d04ef1a2089466de1bc80ab5a336b6953551f7ed29370c17

SHA512
267d396ae26d4de8c573b52fdeb2ec82977ba8918b1c14aadd53a2567c61f759bffea417bebe4e4ca9d8c70933ac95b3bb594383154d373e6cc78927f30d6272

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Common_native.plg

Filesize
137B

MD5
7a38e79f706f9169e4f842e7d58c60ac

SHA1
9eee0de07688701618d4bf60543816683a74dcf8

SHA256
deb95e89516c7cb405f20cd83e74b58b2b31f1ab3c062e2b3b4529618ed3b122

SHA512
4bf57bc8d4b8b34db49b18fb09c1c42a0406a3ca1fea4390a873af8bd2ebedd6d1d993d6921b76bc52ccf47a2428a2a20f7918691259683c18d6c4edcf5b1efd

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Common_native\configuration.json

Filesize
155B

MD5
95089808e2bc839604c455731996f8e0

SHA1
63528ba2da349a9412aa4ad6f9a657d3c6c4165a

SHA256
9798a0842677c687c4eb35d84a95ae34224e7bff0462a7361769e02360b01d2e

SHA512
195fb5dd62bebba1cb61f34bf87ac61b3c0931f302ecc85fa10e99932edea9f928f930564b8407b6b8ac6e3d5c5b6b709a9ad09ac047ceb967f7f88c4c90e037

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\CryptoStealer.plg

Filesize
172B

MD5
163fe7452399acb591716d660a84af43

SHA1
f893924a05ba156452dfcd2cef69787699e87fb3

SHA256
35a7642b16a055a987b5c0af6805b8ffbadf9dbec07f9633150e9aab2bfebee6

SHA512
f330dab2d54236475d8b3d7f8ca8cc2972dc45a351e8f0dd9830e80ee5252e1f96bb758e1004c8de310f7b49b5e807625d1bf609753e27950ee73be53c1ad0c6

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\CryptoStealer\configuration.json

Filesize
175B

MD5
0a5dfad2ffa3b0fffd63d201a17ba41d

SHA1
6d7498e0bc4a651e282a40fb6bd9aa859bddda88

SHA256
338dd48d443a28c1b9cac2b13dd27db41f72f8d0f32746e1bc00603f81acbf6b

SHA512
f61865a1361560aca9841a0dbf53ce9eb992d4c27f9cba16350aaf4c36c236a6f6215b0ba38a6cd66e402b3e5be13ecde61df82278a3a3addddc541f7d25f031

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\DomainsHighlighter.plg

Filesize
181B

MD5
1a0eb1ba9734e28f4e56cdc1e50d45b0

SHA1
94f1630048de700b5d6a05c599d27c11ac8d9c91

SHA256
a1fe11a8efe2f72024d20dbf33a718d17b607684c7b8d2a3d30420237bc4aac4

SHA512
fbe5a04268c2e28594904154352cd6b60f407956b5818a0d346879a9c1d7114a6430347657ae02963d4bb158d94de2b11745f6f150ca4249cf6e51ad0b90cf33

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\DomainsHighlighter\configuration.json

Filesize
185B

MD5
f807f991df3a924e3d840703cc69a0ed

SHA1
81459583af0d0e1376ef85c53039ea90d459d81b

SHA256
cec1d4f7f5c81dfb212234855f42fea02561e6b6580860074853ceee1cdf26ac

SHA512
449ae092e1bc8155fe5b4ab256c322933776e6da139723762098e8afd85dcd6d1ad8f9b666e642f5840ac7b948a1e14b93350c26c2af54eb30cf84b0f99fb6b8

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\FileGrabber.plg

Filesize
181B

MD5
67785737ebee5895b964f0cf0f9d7816

SHA1
7473fcec1ef769769a3d0b25abed0ee250cade32

SHA256
611cdd2b040f33e01126ed65b5bed7f81d86ab27362265a8ee41bf23956515b8

SHA512
3ead8ff131414437212807416504a765ad4b4d43e5ae2e34c931ea73eb0b55b22e00c3584b41723dec944231880d421ca48ee8e6cd3c5671e217add29d3b7092

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\FileGrabber\configuration.json

Filesize
171B

MD5
1eb10aa566dca3e370ccc7c614f74ed1

SHA1
093c11d185a7bddc00b6db83ebbcf4501ad879ca

SHA256
577f6fc8ecde7b244cb22db64cfa4849f3a1c577a98c9350cbaec863aa87621b

SHA512
abb609446a6b3abf52b2e5f172e8aa2e4195a6b341811c1e8779f1a42592151b1e60b64d57d53ce958ba1d9ebf8fc74490662186618d783121880798c5e456ca

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\FileManager_native.plg

Filesize
154B

MD5
8a1c44ece7e46eaca58e3ad2767f2fe3

SHA1
f70447ee75ed7d218654aaf0f085561209352db2

SHA256
88f3b5540e2ad220225894955e6cf05d4c46ece38c67b597e46f9ad3924f4fba

SHA512
4815f3464c53dc8a9b8f04dba10005b180809579af31c0f3681492b9d87ca4937c91719fe9296bbc19c149adaf4b84c4022af18cfc1e0b533122efffc39bdf09

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\FileManager_native\configuration.json

Filesize
160B

MD5
761e69e04cf0019bb57409cbeebec0bb

SHA1
4dfde249c9deca8dbc84162df71a9789d12eb87c

SHA256
f5ea910df747890070605afbdf0bc582001d7eace14187a4809b9c73feb10f3e

SHA512
4983b8f8243d4acb6cc03f44b585cf12c86b6bd34df3b176c44cff64d9757ba6278d221edb970d27aea5910a831743b9a94b08e3ebc554b7ebaaaaa383392e2a

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\ForceAdmin.plg

Filesize
191B

MD5
a49b7db6725658b29881173f748a93b6

SHA1
aed674294ba9f833e75194a990cc861a3e54da44

SHA256
0093ee4152a54954914e4eca70fabb7f0e4b0bf032edb5f44f7a25420322dd09

SHA512
dc0bbd216e5ebbd36c9b12e4092b2a9e84e7bb9b05a05f7934cef6ea66983c601cf8045b8f07155ed8fedfa570c93dafda67068f2adfc2cd46c2da397cf18db0

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\ForceAdmin\configuration.json

Filesize
152B

MD5
3feeeaa04e23d80c113eeea1e318f3ff

SHA1
a72ff5e15f500e7cda9694ee83b04c752c0422c4

SHA256
0086dd54110698ed0a2365dec397c968d1ca71b608bb0eb89e7de7746349e39b

SHA512
4a4399649066353ce6b19976b50f67a3b62bec4905afa776900522a7f55f4f050aa68ef76f4b72873447a0aa9e551e04d699d477ac8d5baf1ffe9e33a3d742ae

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Fun_native.plg

Filesize
128B

MD5
0bee4971d216e821978d17e011c12b77

SHA1
6174992174087a26d3956a9aa4a171b229e2128f

SHA256
a9c1ad17732a655b559ff069442c8c850a46ab5e29470e20588e52f75074311c

SHA512
661c1241b2da849a4509bfb62b16b50bfe8c94d5e769e65076de46420ae2e7c66c4dc7a883b4a232aba629fd2a4c59338f2e1578cd0a67dd55044d6d6ee51540

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\Fun_native\configuration.json

Filesize
152B

MD5
143816a3ed0fa2d30b0a80ce6c785de0

SHA1
a7068228cbfb78ddaa490000b1bb9f363176d592

SHA256
7585f3b80568c39c79e9dc7ee8e799e6d375f14e2e266751a4cfcc88aaf7676b

SHA512
c32c6b9ff9d91b8688eeb942c4c333b2bcad417dd3a3fcb1328240ee2e18b6e2bba44fb8dc9a463853ca9b290a90c1e739d34a1e775e86bab632d4398fd47a0a

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\plugins\HiddenRemoteDesktop_native.plg

Filesize
180B

MD5
5524b5d071453819ad18cf0d73a23ac6

SHA1
a6ba215d8fab4187e61630889cc2cee9b64167f3

SHA256
790bbd40fbe0e4c223ab96200c8f34489728c11256d6676fadaa237a0c4db46d

SHA512
55d958c781c708977fa0d7999abfc625cfb510b2c6c75aa4da51fcc42361d75914241e667cc7e178d8c519ff36c88f23ec404881100c844331d539e5f35e978c

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\DCRat\settings.ccdb

Filesize
2KB

MD5
f0a12e9ea186d85e43da75ea61891856

SHA1
4b6fb6df2c399d90f5975ef748317425f9504e9d

SHA256
21c40cca98b825279eb521efa45e08481f9df02b0192c9543eb4d915f9988b79

SHA512
2b58fc6038e1849374fb3da8fd32b96841767de1b8274253e391cb09570a5cd6c4b704a16c0a4c83ba8d45bf271fa89105127bb404e6e8f91b83afbab7899bc4

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\Patcher\Mono.Cecil.dll

Filesize
354KB

MD5
2f096535c228ab0d2082adfc01678481

SHA1
0e0dcb36aa56e7f99aa524cfb3c72e4918cc5b32

SHA256
c41bdb9ffd3c5f6e17d2382c1012d73703e035e3f1100245fdd4e08c8dc6eb5b

SHA512
9f54b9e85ef70afcb36569885de73bba704a8901c8ddbb5a35de6a1921d4d42f88026aea41ed77ec7a8041ee8a04efef817deda7dea0f29a716dab7a6ea7fd9e

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\Patcher\Newtonsoft.Json.dll

Filesize
695KB

MD5
195ffb7167db3219b217c4fd439eedd6

SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8

SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

Download Submit
C:\Users\Admin\Desktop\[CRACKED BY L1nc0In] NEW DCRat\Patcher\Patcher.exe

Filesize
1.3MB

MD5
8a0cff97f83483817fe61727ff3de7be

SHA1
85359a79acbd00872fce6c8905fe2d79388b7cb7

SHA256
60add3505ae3d6908981a0dedb8c26aa55916b9e8e7d833ab005a0a6f9792baa

SHA512
50c566e48e5ec4a9461e73dc38c8cff64747f5de3549cf453f77556ea3b220f33cd8eb69b62048a2f49c97c2cf574d645467caa1751eb1189c5b463779d0b417

Download Submit
memory/4472-365-0x0000000000400000-0x000000000041F000-memory.dmp

Filesize
124KB

Download
memory/5164-573-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-574-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-606-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-498-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-494-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-645-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-471-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-432-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5164-389-0x0000023374EE0000-0x0000023374EE1000-memory.dmp

Filesize
4KB

Download
memory/5536-515-0x00000000751B0000-0x0000000075961000-memory.dmp

Filesize
7.7MB

Download
memory/5536-361-0x0000000004FE0000-0x0000000005092000-memory.dmp

Filesize
712KB

Download
memory/5536-483-0x00000000751BE000-0x00000000751BF000-memory.dmp

Filesize
4KB

Download
memory/5536-357-0x00000000072C0000-0x0000000007320000-memory.dmp

Filesize
384KB

Download
memory/5536-1040-0x00000000057A0000-0x0000000005AF7000-memory.dmp

Filesize
3.3MB

Download
memory/5536-353-0x0000000002910000-0x0000000002911000-memory.dmp

Filesize
4KB

Download
memory/5536-352-0x00000000751B0000-0x0000000075961000-memory.dmp

Filesize
7.7MB

Download
memory/5536-351-0x00000000004C0000-0x0000000000646000-memory.dmp

Filesize
1.5MB

Download
memory/5536-350-0x00000000751BE000-0x00000000751BF000-memory.dmp

Filesize
4KB

Download
memory/5536-1039-0x0000000005770000-0x0000000005792000-memory.dmp

Filesize
136KB

Download