Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Windows Analysis Report
http://extension.femetrics.grammarly.io

Overview

General Information

Sample URL:http://extension.femetrics.grammarly.io
Analysis ID:1355830
Infos:

Detection

Xmrig
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for dropped file
Yara detected Xmrig cryptocurrency miner
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Drops PE files
Enables debug privileges
Enables security privileges
Found dropped PE file which has not been started or loaded
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 1464 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://extension.femetrics.grammarly.io/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5516 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5608 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • unMiner.2.1.1-beta-mfi.exe (PID: 3272 cmdline: "C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe" MD5: 2B7B005342300CC784A96196E3FBB6BE)
    • cmd.exe (PID: 3048 cmdline: cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq unMiner.exe" | find "unMiner.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 3572 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • tasklist.exe (PID: 7040 cmdline: tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq unMiner.exe" MD5: 0A4448B31CE7F83CB7691A2657F330F1)
      • find.exe (PID: 3268 cmdline: find "unMiner.exe" MD5: 15B158BC998EEF74CFDD27C44978AEA0)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\config.jsonJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
    C:\Users\user\AppData\Local\Programs\unMiner\resources\app.asarJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security

      Sigma Signatures

      No Sigma rule has matched

      Snort Signatures

      No Snort rule has matched

      Joe Sandbox Signatures

      • AV Detection
      • Phishing
      • Bitcoin Miner
      • Compliance
      • Spreading
      • Networking
      • System Summary
      • Persistence and Installation Behavior
      • Boot Survival
      • Hooking and other Techniques for Hiding and Protection
      • Malware Analysis System Evasion
      • Anti Debugging
      • HIPS / PFW / Operating System Protection Evasion

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Source: (copy)ReversingLabs: Detection: 37%
      Source: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.exeReversingLabs: Detection: 60%
      Source: https://extension.femetrics.grammarly.io/HTTP Parser: No favicon

      Bitcoin Miner

      barindex
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\config.json, type: DROPPED
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Programs\unMiner\resources\app.asar, type: DROPPED
      Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49728 version: TLS 1.0
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\LICENSE.electron.txt
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\license.txt
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49726 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49732 version: TLS 1.2
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\locales
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76
      Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49728 version: TLS 1.0
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
      Source: unknownTCP traffic detected without corresponding DNS query: 72.21.81.240
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: extension.femetrics.grammarly.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
      Source: unknownDNS traffic detected: queries for: extension.femetrics.grammarly.io
      Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
      Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
      Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49726 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49732 version: TLS 1.2
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_1464_668370273
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess token adjusted: Security
      Source: classification engineClassification label: mal56.mine.win@28/143@12/119
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeMutant created: \Sessions\1\BaseNamedObjects\cc26de49-8fc9-5329-89d2-b3bb0d5c487a
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3572:120:WilError_03
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nsj9E83.tmp
      Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process WHERE Caption = 'UNMINER.EXE'
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile read: C:\Users\desktop.ini
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
      Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://extension.femetrics.grammarly.io/
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5608 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: unknownProcess created: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe "C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe"
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5608 --field-trial-handle=2036,i,14074842353918080905,3626331192174403839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq unMiner.exe" | find "unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe find "unMiner.exe"
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq unMiner.exe" | find "unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe find "unMiner.exe"
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq unMiner.exe"
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.cfg
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\UAC.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsExec.dllJump to dropped file
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe.crdownloadJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\ffmpeg.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsis7z.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\resources\elevate.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\StdUtils.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\d3dcompiler_47.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3\nbminer.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\libEGL.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\System.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsDialogs.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\libGLESv2.dllJump to dropped file
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: (copy)Jump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\LICENSE.electron.txt
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile created: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\license.txt
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\ffmpeg.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\resources\elevate.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\d3dcompiler_47.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3\nbminer.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\libEGL.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\libGLESv2.dllJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.exeJump to dropped file
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile Volume queried: C:\Users\user\AppData\Local\Programs FullSizeInformation
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile Volume queried: C:\Users\user\AppData\Local\Programs FullSizeInformation
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\locales
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeFile opened: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess information queried: ProcessInformation
      Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: Debug
      Source: C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq unMiner.exe" | find "unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq unMiner.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe find "unMiner.exe"

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
      Valid Accounts1
      Windows Management Instrumentation      		1
      Registry Run Keys / Startup Folder      		11
      Process Injection      		11
      Masquerading      		OS Credential Dumping1
      Security Software Discovery      		Remote ServicesData from Local SystemExfiltration Over Other Network Medium2
      Encrypted Channel      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
      Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
      Registry Run Keys / Startup Folder      		11
      Process Injection      		LSASS Memory2
      Process Discovery      		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth2
      Non-Application Layer Protocol      		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
      Domain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account Manager2
      File and Directory Discovery      		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration3
      Application Layer Protocol      		Data Encrypted for ImpactDNS ServerEmail Addresses
      Local AccountsCronLogin HookLogin HookBinary PaddingNTDS3
      System Information Discovery      		Distributed Component Object ModelInput CaptureTraffic Duplication1
      Ingress Tool Transfer      		Data DestructionVirtual Private ServerEmployee Names

      Screenshots

      Download Video

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      http://extension.femetrics.grammarly.io0%Avira URL Cloudsafe

      Dropped Files

      SourceDetectionScannerLabelLink
      (copy)38%ReversingLabsWin32.Coinminer.Generic
      C:\Users\user\AppData\Local\Programs\unMiner\d3dcompiler_47.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Programs\unMiner\ffmpeg.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Programs\unMiner\libEGL.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Programs\unMiner\libGLESv2.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Programs\unMiner\resources\elevate.exe0%ReversingLabs
      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.exe61%ReversingLabsWin32.Trojan.Generic
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\StdUtils.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\System.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\UAC.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsDialogs.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsExec.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsis7z.dll0%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://extension.femetrics.grammarly.io/0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      accounts.google.com
      		172.217.2.205
      		truefalse
        		high
        www.google.com
        		142.250.217.228
        		truefalse
          		high
          extension.femetrics.grammarly.io
          		35.168.203.81
          		truefalse
            		unknown
            clients.l.google.com
            		142.250.217.174
            		truefalse
              		high
              unmineable.nyc3.cdn.digitaloceanspaces.com
              		104.18.12.192
              		truefalse
                		high
                clients2.google.com
                		unknown
                		unknownfalse
                  		high
                  cdn.unmineable.download
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://extension.femetrics.grammarly.io/false
                      		unknown
                      http://extension.femetrics.grammarly.io/false
                      • Avira URL Cloud: safe
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      142.250.189.142
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      1.1.1.1
                      		unknownAustralia
                      		13335CLOUDFLARENETUSfalse
                      192.178.50.46
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      100.24.131.104
                      		unknownUnited States
                      		14618AMAZON-AESUSfalse
                      142.250.217.228
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse
                      142.250.217.174
                      		clients.l.google.comUnited States
                      		15169GOOGLEUSfalse
                      239.255.255.250
                      		unknownReserved
                      		unknownunknownfalse
                      172.217.3.67
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      172.217.2.205
                      		accounts.google.comUnited States
                      		15169GOOGLEUSfalse
                      142.250.217.195
                      		unknownUnited States
                      		15169GOOGLEUSfalse
                      104.18.12.192
                      		unmineable.nyc3.cdn.digitaloceanspaces.comUnited States
                      		13335CLOUDFLARENETUSfalse
                      35.168.203.81
                      		extension.femetrics.grammarly.ioUnited States
                      		14618AMAZON-AESUSfalse

                      Private

                      IP
                      192.168.2.16
                      192.168.2.6
                      192.168.2.5

                      General Information

                      Joe Sandbox version:38.0.0 Ammolite
                      Analysis ID:1355830
                      Start date and time:2023-12-07 23:07:40 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                      Sample URL:http://extension.femetrics.grammarly.io
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:17
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:1
                      Technologies:
                      • EGA enabled
                      Analysis Mode:stream
                      Analysis stop reason:Timeout
                      Detection:MAL
                      Classification:mal56.mine.win@28/143@12/119
                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, conhost.exe
                      • Excluded IPs from analysis (whitelisted): 142.250.217.195, 34.104.35.123
                      • Excluded domains from analysis (whitelisted): edgedl.me.gvt1.com, clientservices.googleapis.com
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtQueryValueKey calls found.
                      • Skipping network analysis since amount of network traffic is too extensive
                      • VT rate limit hit for: http://extension.femetrics.grammarly.io

                      Created / dropped Files

                      (copy)

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                      Category:dropped
                      Size (bytes):108185833
                      Entropy (8bit):7.999964460249565
                      Encrypted:true
                      SSDEEP:
                      MD5:2B7B005342300CC784A96196E3FBB6BE
                      SHA1:C1B985A29ACE919F8354D6B90DB61CF59207D0EE
                      SHA-256:08291199BB0BFD92D1B5F4552DAFA3C1B3EDEBBDCABFEE3DDD97501A4F782727
                      SHA-512:7EB6D52C230A973F5BB7361D62F3BC5B072AA643231A21DF0D0FFFCAC1D1AF7772B23883F2AE830504AB47E7E2C381C72DB9E0494C2C9E62656018991AF94E62
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 38%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@...3............@..........................0#...........@...........................................".@:...........................................................................................................text...'f.......h.................. ..`.rdata...............l..............@..@.data...............................@....ndata...@...............................rsrc...@:...."..<..................@..@................................................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\LICENSE.electron.txt

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):1080
                      Entropy (8bit):5.162577504675273
                      Encrypted:false
                      SSDEEP:
                      MD5:5FB9B491D7F7A3E27CE8226C3217C24C
                      SHA1:8D89950E3EE0CE5E2F840128DF6A82330977DF70
                      SHA-256:13E4742CCFCF6F0542D6F262647D0758BEA838B202B83B4403544C12E3DFF395
                      SHA-512:C81A194F0FF02DBDE05CAD0177AA6A6A901653182D047FDC4092F1C769BFB92DE93A00DFED720AE3BB32178005C744E0FDAC4C4FF3223F17E18C38B2A9936450
                      Malicious:false
                      Reputation:low
                      Preview:Copyright (c) 2013-2020 GitHub Inc.....Permission is hereby granted, free of charge, to any person obtaining..a copy of this software and associated documentation files (the.."Software"), to deal in the Software without restriction, including..without limitation the rights to use, copy, modify, merge, publish,..distribute, sublicense, and/or sell copies of the Software, and to..permit persons to whom the Software is furnished to do so, subject to..the following conditions:....The above copyright notice and this permission notice shall be..included in all copies or substantial portions of the Software.....THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,..EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF..MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND..NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE..LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION..OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR

                      C:\Users\user\AppData\Local\Programs\unMiner\LICENSES.chromium.html

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:HTML document, ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):4867184
                      Entropy (8bit):4.857190037834736
                      Encrypted:false
                      SSDEEP:
                      MD5:87C025C61EABD6DB771C0279D880C6A7
                      SHA1:1D3797EDECDC7DDC87ECB5BA09D87E18933CC9EB
                      SHA-256:508FC2E843A8385CB8EF874520EA097E5DE752C3DBC040ED0525269CB05DBBC3
                      SHA-512:56B1DC52BA3A3B277A1FCC84B9989CBD446636FA8F518C48D366642B48E252BE9D86593027ECF5D1E00968CCCAFC4B9A8CD69178C0E8DA52C538C85012E63F19
                      Malicious:false
                      Reputation:low
                      Preview: Generated by licenses.py; do not edit. --><!doctype html>..<html>..<head>..<meta charset="utf-8">..<meta name="viewport" content="width=device-width">..<meta name="color-scheme" content="light dark">..<title>Credits</title>..<link rel="stylesheet" href="chrome://resources/css/text_defaults.css">..<style>..html {.. --google-blue-50: rgb(232, 240, 254);.. --google-blue-300: rgb(138, 180, 248);.. --google-blue-600: rgb(26, 115, 232);.. --google-blue-900: rgb(23, 78, 166);.. --google-grey-200: rgb(232, 234, 237);.. --google-grey-800: rgb(60, 64, 67);.. --google-grey-900: rgb(32, 33, 36);.... --interactive-color: var(--google-blue-600);.. --primary-color: var(--google-grey-900);.... --product-background: var(--google-blue-50);.. --product-text-color: var(--google-blue-900);.... background: white;..}....@media (prefers-color-scheme: dark) {.. html {.. --interactive-color: var(--google-blue-300);.. --primary-color: var(--google-grey-200);.... --product-background: v

                      C:\Users\user\AppData\Local\Programs\unMiner\chrome_100_percent.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):179639
                      Entropy (8bit):7.841443404595919
                      Encrypted:false
                      SSDEEP:
                      MD5:7C4728B2D58AFDD97C4549C96B9561CC
                      SHA1:1E0D251EEDD67E7021FC764B9188184617465C54
                      SHA-256:419CFCC6DC5F38B2E0C970EBD4FAD1EF55054579D5C0DB2521D7AE494996AAC3
                      SHA-512:82D0931E4D1CF38F88050980F518CDACDC981C382771B1732BFBE69F601074A0E7378E27A7470C7DEA4E287CB1617A5C038052908ED85134ABCD5B6591B4E7DF
                      Malicious:false
                      Reputation:low
                      Preview:..................P<....Q<....R<....S<....T<+...U<....V<....W<....X<....Y<...._<)...`<....b<. ..d<5!..e<."..l<.#..m<.,..n<.5...C=7...C^8...C.:...C.=...C.?..>D.C..?D.D..@DyF..AD.G..BD.H..CDoI..HD.J..ID....JDX....J-....J2....Jh....Je....J.....J....J:....J....J.....JD....J.....J.....JR....J.....J.....J.....J.....J.....JN....J.....J.....J.....J|....J.....J.....J.....J.....J.....J~....J`....J.....Jv....J.....J.....J.....J.....J.!...J."...Jm3...J.4...K.6...K38...K.8...K.9...KU:...K.:...K[;...K1<...K.=...K.=...K.>...K.?...K,A...K.C...K.F...K.J...K.O...K.P...KeQ...K:R...K.S...K.S...K.T...K.V...KwX...KVZ...K.....K....K.... Kk...!K...."Kw...$K...%K;...&K....'K....(K...)Ke...*K...+K....,KW...-K!....K.../K....0KT...1K....2K...3K....4KT...5K....6K....7Kx...:K.....Lo....L.....L.....Lh....L.....L1....L.....LH....L.....L....L6....L~....L.....L|....L.....L|....L.....L.....L.....L.....L-....L.....L.....Lv....L....L6....L....LX....L.....L.....Lo....L.....L(....L.....L....LS....L.....L.....Lz.

                      C:\Users\user\AppData\Local\Programs\unMiner\chrome_200_percent.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):319775
                      Entropy (8bit):7.925076338440845
                      Encrypted:false
                      SSDEEP:
                      MD5:6AF049AD6FD11EE90AD9DB31C4E02082
                      SHA1:5D2F9A59A74DC584B5DD78AEB6DE583E969E3EB7
                      SHA-256:EDECF8E1AC353BFDAE534E42507E5A59973CB4CAB76FBB1FF1A470363E725BC4
                      SHA-512:C7FA6E1A57861E62B9B4D615A988C98D13CDE8ABC23EAED7C36C2ECB86409DA4B65B1F579CA2F307E90EB4D08D14B07F7F41CCB8D8C165D6DE67C09C16009715
                      Malicious:false
                      Reputation:low
                      Preview:..................P<....Q<....R<....S<....T<....U<....V<.#..W<.(..X<.+..Y<R3.._<.7..`<.9..b<u;..d<.<..e<I@..l<.@..m<lU..n<.g...C.l...C.p...C.s...C.v...C.y..>D.}..?D.~..@DU...AD....BD....CDK...HD...ID....JD4....J.....J.....J.....J.....J>....Jw....J.....J.....J.....J.....J.....J.....JP....J.....J.....J.....J.!...JM,...J.0...J42...J/;...J.C...J.E...J.H...J.M...J+T...JCU...J$Z...J.]...J~a...JIg...JHh...J5k...J]n...J.q...J.t...JJ|...J.....J....J....K....K.....K....K....K.....K,....K....KV....K....KI....K....K.....K.....K.....K.....K.....K.....K.....KM....K.....K.....Kg....K.....K.....Kz....KB....K.....K.....K^....K}[...K.\...K.^.. Kk_..!K8..."K....$K0...%Ks...&K....'K....(K...)K....*Ke...+K[...,K~...-K.....K.../K....0K....1K...2K....3K....4K....5K...6K....7K?...:K.....L.....Lq....L.....L6....L.....L.....L.....LF....L.....L.....LX....L.....L.....L.....LM....L.....Lh....L.....L.....L0....L.....Lc....L.....Lt....L+....L.....LF....L.....L\....L.....L.....L.....L.....L.....Lu....L..

                      C:\Users\user\AppData\Local\Programs\unMiner\d3dcompiler_47.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):4481992
                      Entropy (8bit):6.374831048870993
                      Encrypted:false
                      SSDEEP:
                      MD5:FEA40E5B591127AE3B065389D058A445
                      SHA1:621FA52FB488271C25C10C646D67E7CE5F42D4F8
                      SHA-256:4B074A3976399DC735484F5D43D04B519B7BDEE8AC719D9AB8ED6BD4E6BE0345
                      SHA-512:D2412B701D89E2762C72DD99A48283D601DD4311E3731D690CC2AB6CCED20994FA67BF3FEA4920291FC407CD946E20BDC85836E6786766A1B98A86FEBAA0E3D9
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............i.\.i.\.i.\K2.].i.\K2.].i.\...].i.\..0\.i.\.i.\ m.\...].i.\...].i.\...].i.\...].i.\...]'i.\..^\.i.\..\\.i.\...].i.\Rich.i.\........................PE..d.....c..........." .....V3..t.......d&.......................................E.......D...`A..........................................A.x.....A......pD.@....`B......BD..!....D......>.T...................8.6.(...0.6.............`.6..............................text....U3......V3................. ..`.rdata.......p3......Z3.............@..@.data....#...0A.......A.............@....pdata.......`B.......A.............@..@.rsrc...@....pD.......C.............@..@.reloc.......D.......C.............@..B........................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\ffmpeg.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):2772480
                      Entropy (8bit):6.571701960916312
                      Encrypted:false
                      SSDEEP:
                      MD5:761ADC75DB5D404A49C96E8D49F5F72C
                      SHA1:716A8A994AF2A06B1F766E6A1364AFBC27FAFA8C
                      SHA-256:75A0592CDCBC5331DFB9310C68EE82C634685D5B2EDC6D214A0841D62C6FE51B
                      SHA-512:056307A08103A1A6DC1A2FECDA1E13727C65B30607258496CBA9560C53E04DD4B0AF22DECD7A3483FF44FE8AD7D706B2E81B5D3C859A484CB6BC1DE9DFFFED23
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....<_.........." ......"..8................................................<...........`..........................................(.......(.(.............;.,............`<.h5...(.....................0.(.(...`.'..............(.0............................text....."......."................. ..`.rdata.......0".......".............@..@.data...("...P)..B...,).............@....pdata..,.....;......n).............@..@.00cfg.......0<.......*.............@..@.tls.........@<.......*.............@..._RDATA.......P<.......*.............@..@.reloc..h5...`<..6....*.............@..B........................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\icudtl.dat

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):10505952
                      Entropy (8bit):6.222824620465196
                      Encrypted:false
                      SSDEEP:
                      MD5:3F019441588332AC8B79A3A3901A5449
                      SHA1:C8930E95B78DEEF5B7730102ACD39F03965D479A
                      SHA-256:594637E10B8F5C97157413528F0CBF5BC65B4AB9E79F5FA34FE268092655EC57
                      SHA-512:EE083AE5E93E70D5BBEBE36EC482AA75C47D908DF487A43DB2B55DDD6B55C291606649175CF7907D6AB64FC81EAD7275EC56E3193B631F8F78B10D2C775FD1A9
                      Malicious:false
                      Reputation:low
                      Preview:...'........CmnD........ Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html ./...|).......)..0....).......).......).......)..0....).......).......*.......*..@...,*......?*..`...R*......e*.. ...x*.......*.......*..`....*.......*..P....*.......*..p....*..P....+......#+..`...6+......I+......\+......o+..`....+.......+..@....+.......+.......+... ...+...!...+..`!...,...!...,..."..#,..P"..3,..0S..J,..pu..Z,......j,......,......,.. ....,...{&..,..p.&..,....&..-....&..-..P.&.6-...&.M-....&.d-..0.&.{-..`.&..-....(..-....(..-..p.)..-....*.....0]+.1...`.,.T.....-.k.....-.......-.....0.-.......-.......-......6.../..`#0.&/..`r0.?/....1.V/....1.r/....1../..0.1../...=1../...>1../..P`1../..@b1../....1../....1..0....2."0.. 92.70...]2.L0....2.a0..P.3.w0....3..0.. A3..0...A3..0...C3..0...C3..0..0D3..1....3..1....3.>1....3.S1..P.3.h1..0.3.}1...v4..1....4..1..P.4..1....4..1..0.4..1.. .4..2..p.4..2....5.,2..pV5.A2..@.5.V2....5.n2....5..2..

                      C:\Users\user\AppData\Local\Programs\unMiner\libEGL.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):379904
                      Entropy (8bit):6.270755866193165
                      Encrypted:false
                      SSDEEP:
                      MD5:BAEBC4ED339E7E98CED671DE7838E710
                      SHA1:84ECF23527228D91F9E738CA77D0D165CF54614D
                      SHA-256:F3418FE94C89490E2CE67C372AB31DE9336BF39C9598CE2C722D1FD250F1118E
                      SHA-512:C26B4536AEF52B753990D523297DCE4E4A25D59BBE1C23C665CD23462BC5EC85D0990F457FE8A205D4E8EA80926A37C9377A1F89E99E6E6480FC0CC70EA864F0
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....<_.........." ................h........................................`............`.........................................H...`.......(....@.. ........8...........P..<...d...........................(...P\...............................................text............................... ..`.rdata...`.......b..................@..@.data....K...........Z..............@....pdata...8.......:...x..............@..@.00cfg..............................@..@.tls......... ......................@..._RDATA.......0......................@..@.rsrc... ....@......................@..@.reloc..<....P......................@..B................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\libGLESv2.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):7863296
                      Entropy (8bit):6.243851211886988
                      Encrypted:false
                      SSDEEP:
                      MD5:345E4C29D1C751CA5683FF90EFE91CBF
                      SHA1:7FACC34E454B675472399C62BEE6A0F527DB42A5
                      SHA-256:D08EDBB774853BA5AC9E5590530BD16AFCC0492C27F2AEB9AC2EDF4B75977CF0
                      SHA-512:6EC9A7754485FCA279CD99DD73F407EAF720F3EDF05A3E6C105A624F0EF64BE0241ABC3E62113A5D14A6E4766CB462EE19B60017D86483FB6A5FECD5E6CD903A
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....<_.........." .....vQ...&.....hoN...................................................`...........................................m.#.....o.d.......p........................*....m.......................m.(.....l...............o.......m.@....................text...euQ......vQ................. ..`.rdata..d.....Q......zQ.............@..@.data.....e...p.......p.............@....pdata...............<t.............@..@.00cfg.......P........v.............@..@.tls.........`........v.............@..._RDATA.......p........v.............@..@.rsrc...p.............v.............@..@.reloc...*.......,....v.............@..B................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\am.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):136957
                      Entropy (8bit):5.053907616247068
                      Encrypted:false
                      SSDEEP:
                      MD5:E0807C2E3E92BFD46FA865A31D2B8C76
                      SHA1:A0D02B3F68156EEDAB2D3ED152BC78B274BEFD21
                      SHA-256:B5BBC673CB936F28CED393BBD714FE0C35E44529C95AF3C33681F7F64FB596D4
                      SHA-512:00DF945702BDE6EEEEC0C7D884BF3EED45677B1913810CD5AC78B27170297EB0D89C56ED7DF08010E2957864BA053C6E5C4F7D3C06E5F1E9F1139C196D7CA86C
                      Malicious:false
                      Reputation:low
                      Preview:........=...|.....}.....~......../...../...../...../....-/....>/....G/....\/....i/....o/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....30....R0....q0....}0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1....(1....;1....G1..!.W1..".Z1..T3x1..U3.1..V3.1..W3.1..\3/2..]3.2..e3.2..f3.2..h3.2..l3.2..m3.3..n3(3..p3.3..q3.3..r3.3..s3.4..t3.4..u3J4..v3.4..w3a5..x3.6..{3.6..|3.6..}3=7..~3S7...3}7...3]8...3m9...3.9...3.9...3.:...3.:...3.;...3.;...3.;...31<...3P>...3m?...3H@...3.@...3.@...3.A...3%A...38A...3QA...3.A...3#B...3dB...3.C...37C...3cC...3.C...3.D...3.D...3.E...3IE...3.E...3.E...3.E...3.E...3.E...3.F...37F...38F...3NF...3QF...3.F...3.F...32G...3OG...3.G...3.G...3.G...3.G...3.G...3)H...3.H...3.K...3.K...3.K...3.L...3.L...3,M...3\M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.N...3.N...3'N...33N...3<N...3EN...3WN...3mN...3zN...3.N...3.N...3.N...3.N...3+O...3WO...3qO...3.O

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ar.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):139253
                      Entropy (8bit):5.13361801839003
                      Encrypted:false
                      SSDEEP:
                      MD5:4C4590FFC76DC0A5D321C5D9A1A5FC57
                      SHA1:4DFFC5A448EEAFBFAC0E94DF0A9B97B851D4A830
                      SHA-256:BD06F1F0B8E3F389B084C9F542F9A743FF6B7470DEC398CD3BA6C5393E4B80C2
                      SHA-512:0B0D633191172A91ABC205407A9ABCF00FEFCAD30BE6AF600FE661DCEA3CC7C914B94D0A5E140AE38665B5B565B96887FD0648B21F846A340761304C4EA202A3
                      Malicious:false
                      Reputation:low
                      Preview:........;...|.....}.....~......../...../...../...../....)/....:/....C/....X/....e/....k/....z/...../...../...../...../...../...../...../...../...../...../...../...../.....0....;0....T0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1....,1....N1...._1....i1..!..1.."..1..T3.1..U3.1..V3.1..W3.1..\3=2..]3.2..e3.2..f3.2..h3.2..l3.2..m3.3..n3$3..p3.3..q3.3..r3.3..s3.3..t3.4..u3$4..v3N4..w3.4..x3.5..y3.6..z387..{3.8..|3)8..}3[8..~3p8...3.8...3U9...3T:...3j:...3.:...3.:...3s;...3.<...3.=...3==...3}=...3.A...3kC...3.E...3vE...3.E...3.E...3.E...3.E...3.E...3UF...3.F...3BG...3.G...3.H...3(H...3.H...3/I...3.I...3.J...3lJ...3.J...3.J...3.J...3.J...3.J...3.K...3.K...3TK...3UK...3nK...3.K...3.L...35L...3.L...3.L...3.M...3.M...3=M...3GM...3YM...3.M...3.N...3.V...3.V...3.V...3.W...3.W...3;X...3.X...3.X...3.X...3.X...3.X...3.X...3.X...3.X...3.X...3.X...3.Y...3.Y...3.Y...3 Y...3#Y...31Y...3?Y...3KY...3UY...3YY...3cY...3mY...3}Y...3.Y...3.Y...3.Y...3.Y...3.Y...3.Z...3.Z...3DZ...3`Z...3.Z

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\bg.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):149152
                      Entropy (8bit):4.859739269241121
                      Encrypted:false
                      SSDEEP:
                      MD5:C672C8C89A32F63BB254B356C3FF8467
                      SHA1:7E3CF36FA3079C344D475869BABFB2B29F044EF8
                      SHA-256:8CC7AF095DED268F395758EE41AB4192F50E1C1861C643A732938BFACD229E4D
                      SHA-512:B754605328025799FB9A8771E9B853BF4708BB24A2492A5E92B91E6DBD77EF2A5E796736A6A1792D9602E29E6E91D0F94F7AEEE7288C1778EC41056C453F1FCC
                      Malicious:false
                      Reputation:low
                      Preview:........J...|.....}../..~../.... /....%/....2/....8/....G/....X/....a/....v/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....'0....D0.....0.....0.....0.....0.....0.....1.....1.....1.....1.... 1....C1....M1....Y1....t1.....1.....1.....1..!..1.."..1..U3.1..V3-2..W3D2..\3.2..]3@3..e3X3..f3f3..h3.3..l3.3..m3.3..n3.3..p3n4..q3.4..r3.4..s3.5..t3.5..u3H5..v3.5..w3v6..x3,7..y3.8..z3.8..{3.9..|3.9..}3.:..~3A:...3r:...3];...3.<...3.<...3.<...3A=...3.>...3.>...3.>...3.>...3+?...3.@...3.A...3bB...3.B...3.C...3.C...38C...3JC...3rC...3.C...3gD...3.D...3{E...3.E...3.E...3;F...3.F...3|G...3.H...3hH...3.H...3.H...3.H...3.H...3"I...3MI...3.I...3.I...3.I...3.I...3.J...3OJ...3.J...3.K...3AK...3NK...3.K...3.K...3.K...3.K...3.L...3!O...3qO...3.O...3hP...3.P...31Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.R...3.R...3.R...3.R...3.R...3$R...3.R...3:R...3PR...3ZR...3jR...3vR...3.R...3.R...3.R...3.R...3.R...3.S...33S...3tS...3.S...3.S...3.T

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\bn.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):195947
                      Entropy (8bit):4.450515707334918
                      Encrypted:false
                      SSDEEP:
                      MD5:CFF3C9AD87CEF6970E2426CA73012935
                      SHA1:54DC00598B2ACDE263F6FF3DD1548620D1C5939F
                      SHA-256:CBD3376DD8D2021F35E597FAA06055AE91D430E10360E1F282B50ACB9F17820C
                      SHA-512:482FEBD00B673DEDFA5283606208A7BDAA4307BF86BF8F70DBA6C93B84D80C537C8DC80075D1F1DEA3BD1F5CDA98272F517FF79FF01E086582677C5B7103E3EC
                      Malicious:false
                      Reputation:low
                      Preview:........=...|.....}.....~......../...../...../...../...../....?/....H/....]/....j/....p/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...."0....M0....u0.....0.....0.....0.....1.....1.....1.....1....-1....N1....]1....u1.....1.....1.....1.....2..!.(2..T3+2..U3G2..V3y2..W3.2..\3.3..]3.3..e3.3..f3.3..h3.3..l3.4..m3-4..n3S4..p3.4..q3R5..r3.5..s3.5..t3.5..u3 6..v3.6..w3.7..x3.8..y3.:..z3.;..{3;<..|3f<..}3.<..~3.<...3>=...3.>...3.@...3.@...3.@...3kA...3.B...3.C...3.D...3&D...3.D...3.G...3.I...3.J...3.K...3.K...3.K...3.L...3!L...3PL...3.L...3.M...3#N...3-O...3JO...3.O...3.O...3.P...3DQ...3.R...3bR...3.R...3.R...3.R...3.R...3.S...3JS...3.S...3.S...3.S...3.T...3.T...3.T...3.T...3aU...3.U...3.U...3.U...3&V...3>V...3UV...3.V...3.W...3.]...3C]...3f]...3m^...3._...3p_...3._...3._...3/`...33`...3>`...3c`...3f`...3p`...3s`...3}`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.a...3.a...3.a...3Aa...3`a...3.a...3.a...3.a...3[b...3.b...3.b

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ca.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):96585
                      Entropy (8bit):5.433513998686472
                      Encrypted:false
                      SSDEEP:
                      MD5:D1C1E2A9809641EEF81E753F26F1EB69
                      SHA1:CC54CF4149EA5D934EA3A0B0CD89A5B9F7169F38
                      SHA-256:69B4BD559152DF6B45008E9E71AB7FFC3557DF06E01165227831506BA4A042F5
                      SHA-512:34038C093AB83D804D0B1084B9F7B30E79E733F80C7E8E097F590B886E770610DCCE1207A8FC56A2813894B6CA4E82F2CC7B88169EC6D352862EF5BD43C3A6A4
                      Malicious:false
                      Reputation:low
                      Preview:........G...|.....}../..~../...../...../....,/....2/....A/....R/....[/....p/....}/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....90....T0....r0....{0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1..!..1.."..1..T3/1..U371..V3N1..W3b1..\3.1..]3.1..e3.1..f3.2..h3.2..l3.2..m312..n3@2..p3.2..q3.2..r3.2..s3.2..t3.2..u3.2..v3 3..w3.3..x3.4..y3.4..z3(5..{3.5..|3.5..}3.6..~3.6...346...3.6...3.7...3.7...3.7...3.7...3.8...3.8...3.8...3.9...3&9...3C:...3.:...3:;...3.;...3.;...3.;...3.;...3.;...3.;...3.<...3`<...3.<...3.<...3.=...3.=...3g=...3.=...3.>...3x>...3.>...3.>...3.>...3.>...3.>...3.>...3.?...3-?...3B?...3C?...3X?...3[?...3.?...3.?...3.?...3.@...33@...39@...3`@...3e@...3s@...3.@...3.A...3.B...3.B...3.B...3EC...3.C...3.C...3.C...3#D...33D...37D...3BD...3JD...3MD...3XD...3[D...3eD...3hD...3vD...3zD...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3*E...3FE...3_E

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\cs.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):98511
                      Entropy (8bit):5.840895804153064
                      Encrypted:false
                      SSDEEP:
                      MD5:CEDBC097F6FC645A6023BA797CDFD0EA
                      SHA1:CDAD25175D737F079B7AC383EFAE7D4CE039EF20
                      SHA-256:3B747E1CBC29A0F2FA14F95F3DCB8ED970F198DC8D2A3B1D918485D51D6A97F1
                      SHA-512:2C1BCA725E5BBD2ECC1B53735956E218440ABEBFF1F63B4572E10256394B258E149ECF4F6F0642FEC2DA18B37711E574D2C9C04AF6F45E3CC0A3A74CF8762C92
                      Malicious:false
                      Reputation:low
                      Preview:........B...|.....}.....~../...../...../...."/....(/....7/....H/....Q/....f/....s/....y/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....)0....>0....K0....X0...._0....g0....n0....q0....r0....}0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3+1..W3B1..\3p1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.2..p3R2..q3q2..r3.2..s3.2..t3.2..u3.2..v3.2..w393..x3.3..y3.4..z3.4..{3.5..|3!5..}3O5..~3^5...3.5...3.6...3.6...3.6...3.6...3.7...3.7...3@8...3R8...3e8...3.8...3.:...3z;...3@<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3D=...3b=...3.=...3.=...3.=...34>...3.>...3.>...3.?...3A?...3n?...3v?...3~?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3%@...3h@...3~@...3.@...3.@...3.@...3.@...3.@...3.@...3vA...3.D...3.D...3.D...36E...3{E...3.E...3.E...3.F...3*F...3.F...39F...3AF...3DF...3NF...3QF...3[F...3^F...3lF...3pF...3uF...3wF...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.G...3.G...33G

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\da.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):89891
                      Entropy (8bit):5.45484819511075
                      Encrypted:false
                      SSDEEP:
                      MD5:96D8877DABF4C6E6BE2B34002F880053
                      SHA1:45D7C3D3BD5A6782F209F2C0808DE6FD2AA4FBC4
                      SHA-256:677A772B56DB2A2807C77DAFC1C15595B4E9F15CA8B1233677764804BDB5351A
                      SHA-512:80DBE627E9C44114C88159D870995362DF8F7D7C9708EC27CB940F250C91E43E1CA65D252E31D55C9E3DF7106D882AF6BD8043F7A41C688CB4092C2B3E25395B
                      Malicious:false
                      Reputation:low
                      Preview:........K...|../..}../..~../...."/....'/....4/....:/....I/....Z/....c/....x/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.... 0..../0....H0....O0....X0....^0....a0....h0....k0....l0....s0....~0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W3.1..\3E1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3.2..q3.2..r3<2..s3L2..t3R2..u3h2..v3.2..w3.2..x3J3..y3.3..z3%4..{3.4..|3.4..}3.4..~3.4...3.4...3h5...3.6...3.6...3(6...3S6...3.6...327...3;7...3J7...3d7...3.8...3.9...3.9...3.9...3.9...3.:...3.:...3.:...3.:...3S:...3.:...3.:...32;...3K;...3\;...3.;...3.;...3.<...3i<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3.=...3.=...3.=...3O=...3p=...3.=...3.=...3.=...3.=...3.=...3.>...3.>...3/>...3.>...3.@...3.@...3.@...36A...3}A...3.A...3.A...3.A...3.B...3.B...3.B...3.B...3.B...3(B...3+B...35B...38B...3FB...3JB...3NB...3PB...3TB...3[B...3eB...3mB...3uB...3{B...3}B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.C...3.C

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\de.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):96190
                      Entropy (8bit):5.48612377818556
                      Encrypted:false
                      SSDEEP:
                      MD5:66B905F68D1FC7ACF848C6B7F1245B46
                      SHA1:271E2DE4A422CAC4920E76D7C81BF15D30C09299
                      SHA-256:FDD2B392CE9DB11E31CFEFB44DED1C4793BAD7DA0DFB9A492FDD4AA309AA7704
                      SHA-512:57484DC7EB6F6AA2C42C16F62D4CBB24C7A00F7F0A483AB29F5B7932518A141B6F3F9AE5EF21C47D15C9EA0EB7869B7816B756964348ED72D461EE8A4DF70DE4
                      Malicious:false
                      Reputation:low
                      Preview:........6...|.....}.....~..................../...../...../....0/....9/....N/....[/....a/....p/....v/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.... 0....+0....70....G0....Q0....X0....[0....\0....e0....v0....}0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W3,1..\3n1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.2..n3.2..p3j2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3.3..x3.4..y3.4..z3k5..{3$6..|3;6..}3d6..~3u6...3.6...3&7...3.7...3.8...3"8...3I8...3.8...339...3:9...3E9...3f9...3.:...3.;...3.;...3.;...3.<...3.<...3(<...31<...3@<...3w<...3.<...3.<...3.=...3.=...3.=...3.=...32>...3.>...3.>...3.?...3@?...3K?...3P?...3T?...3l?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3M@...3d@...3.@...3.@...3.@...3.@...3.@...3.@...3QA...3.B...3.C...3$C...3.C...3.D...38D...3[D...3zD...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3.E...3.E...3.E...3 E...3,E...3BE...3NE...3cE...3.E...3.E...3.E...3.E

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\el.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):166838
                      Entropy (8bit):4.912216104069633
                      Encrypted:false
                      SSDEEP:
                      MD5:385CA017D7A6E02E2107155C19C479D5
                      SHA1:39522D8E8A192C5035770FBFE8348CCEA5DA35E5
                      SHA-256:DC7815E71C42A5C34C127BFA9FA7847D65B13B00A9D1FE610EE4750473C12D6D
                      SHA-512:A904C9132DA545B5417BB5EF9FF225CF80F2BC2E94BEBADCFD97ABB410D21853980BD1BDA83A41B6912B2B46C6176D440735CCF6E153F5F1D1FB8566EC6B8F1D
                      Malicious:false
                      Reputation:low
                      Preview:........?...|.....}.....~../...../...../...../...."/....1/....B/....K/....`/....m/....s/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...."0....\0.....0.....0.....0.....0.....1.....1.....1.... 1....!1....41....L1....T1....d1.....1.....1.....1.....1..!..1.."..1..T3.2..U3,2..V3w2..W3.2..\3.3..]3.3..e3.3..f3.3..h3.3..l3.4..m3.4..n3O4..p3.4..q355..r3[5..s3|5..t3.5..u3.5..v3M6..w3@7..x3.8..y3.9..z3.9..{3.;..|3D;..}3.;..~3.;...3.;...3.=...3.>...3.>...3.>...35?...30@...3.@...3.@...3.A...3_A...3TC...31D...36E...3.E...3.E...3.F...3 F...31F...3PF...3.F...3.G...3.G...3dH...3.H...3.H...3VI...3.J...3.J...3zK...3.K...3<L...3RL...3fL...3pL...3xL...3.L...3.L...3.L...3.L...3.M...3.M...3>M...3}M...3.N...36N...3pN...3.N...3.N...3.N...3.N...3!O...3.O...3.R...3.R...3.R...3.S...3OT...3.T...3.T...32U...3BU...3FU...3QU...3YU...3\U...3fU...3iU...3sU...3vU...3.U...3.U...3.U...3.U...3.U...3.U...3.U...3.U...3.V...3.V...3.V...3(V...32V...3@V...3gV...3.V...3.V...3.V...3.W...3=W

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\en-GB.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):80280
                      Entropy (8bit):5.513910407724555
                      Encrypted:false
                      SSDEEP:
                      MD5:7044E0963C16E098DA02975EF92E220F
                      SHA1:64DBC4C1980C7D7785A9CCB09A6C4F6AC775A7BF
                      SHA-256:ECE0EE82DB5B9C992657CDA4DE0E2B7E8386530F6F2F5D6281B0C208781795A5
                      SHA-512:445574C49535C94B799EE0B4B1052FA4235472307784EC15D1215EDD588496DB6F9F2C67B1790BFA8865D00B3D9A4C2BF2FAC3B913F909C296FAE2F53555D420
                      Malicious:false
                      Reputation:low
                      Preview:........J...|.....}../..~../.... /....%/....2/....8/....G/....X/....a/....v/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....'0....80....@0....H0....O0....T0....[0....^0...._0....d0....o0....s0....z0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.0..\331..]3b1..e3l1..f3q1..h3.1..l3.1..m3.1..n3.1..p3.1..q3.1..r3.2..s3.2..t3.2..u3$2..v3J2..w3.2..x3.2..y3\3..z3.3..{3!4..|304..}3U4..~3a4...3r4...3.4...3.5...3.5...3.5...3.5...3G6...3.6...3.6...3.6...3.6...3.7...3C8...3.8...3.8...3.9...3.9...3.9...3.9...3&9...3B9...3x9...3.9...3.9...3.:...3.:...3@:...3.:...3.:...3.;...3?;...3f;...3m;...3s;...3x;...3|;...3.;...3.;...3.;...3.;...3.;...3.;...3.;...3.<...3=<...3N<...3h<...3o<...3.<...3.<...3.<...3.<...3.=...3X>...3m>...3w>...3.>...3.?...31?...3R?...3o?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3.@...3.@...3!@...31@...3:@...3M@...3f@

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\en-US.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):81063
                      Entropy (8bit):5.501913250290776
                      Encrypted:false
                      SSDEEP:
                      MD5:98C8CFC3CB98AB34E06D4323B8BCB043
                      SHA1:2C0BDA072161530B710FA0A1DFC3C23926184AFE
                      SHA-256:35ADC5AEEEBFE440E295B88D2A4089360ADA33C353843B1F5438F4118501878B
                      SHA-512:25EDECA13B4A29F63BDC4F135EDA1B1B8C72F3A58315F57895950BDC15F56B2AF1ACA42AFFE397716F5965437ECE836F683265A33EC919B8B26056634612ED3C
                      Malicious:false
                      Reputation:low
                      Preview:........Q...|../..}../..~.&/...../....3/....@/....F/....U/....f/....o/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....&0....50....F0....N0....V0....]0....b0....i0....l0....m0....r0....}0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.1..\3A1..]3p1..e3y1..f3~1..h3.1..l3.1..m3.1..n3.1..p3.1..q3.2..r3.2..s3.2..t3"2..u312..v3S2..w3.2..x3.2..y3`3..z3.3..{3'4..|364..}3[4..~3g4...3|4...3.4...3.5...3.5...3.5...3.5...3K6...3.6...3.6...3.6...3.6...3.7...3s8...3.8...3.9...3<9...3B9...3L9...3S9...3^9...3z9...3.9...3.9...30:...3D:...3T:...3|:...3.:...3.;...3X;...3|;...3.;...3.;...3.;...3.;...3.;...3.;...3.;...3.;...3.;...3.<...3.<...3$<...3><...3z<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3S=...3.>...3.>...3.>...3,?...3d?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3.@...3.@...3.@...3!@...3#@...3(@...3,@...32@...3<@...3D@...3K@...3Q@...3W@...3a@...3i@...3q@...3|@...3.@...3.@...3.@...3.@

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\es-419.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):94235
                      Entropy (8bit):5.404604120906391
                      Encrypted:false
                      SSDEEP:
                      MD5:EC06A9386DB1ADE2FF2F3CACA4D3CBC2
                      SHA1:9144163F37A70012E884E5BDE5ED6257CE74AA3F
                      SHA-256:3FB32EAF5320878C7AD0E81CA5C47FAAAB6E5FC440A374F1287C7EA44C433D25
                      SHA-512:FE5194FC0171773FA7931F1353828AC040DD1619F6639761CF4FFC79DA61687EF71B40C6D04F949ABEE797C09EC2FF074E1A0DF894539AC48E3503519C320447
                      Malicious:false
                      Reputation:low
                      Preview:........H...|.....}../..~../...../....!/...../....4/....C/....T/....]/....r/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....80....O0....X0....a0....j0....p0....w0....z0....{0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V331..W3A1..\3l1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.2..n3.2..p3g2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3x3..x3.3..y3.4..z3.5..{3.5..|3.5..}3.5..~3.6...306...3.6...3.7...3.7...3.7...3.7...3m8...3.8...3.8...3.8...3.9...3.9...3r:...3.:...3V;...3z;...3.;...3.;...3.;...3.;...3.;...3.<...3G<...3.<...3.<...3.<...3.=...3{=...3.=...3(>...3S>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3#?...3A?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3v@...3.A...3.B...3+B...3.B...3.B...3.C...3pC...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.D...3.D...3.D...3.D...3.D...3.D...3'D...3/D...36D...3:D...3DD...3MD...3[D...3iD...3|D...3.D...3.D...3.D...3.D

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\es.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):96744
                      Entropy (8bit):5.371012944568548
                      Encrypted:false
                      SSDEEP:
                      MD5:E972E49238BDABE3DBCE17F8BFE85B4C
                      SHA1:3B5EBFA19A26644DB1A42DC3E6ACC1FE9137F45B
                      SHA-256:846FD2365C7C3BE372CEF43221ADEDAC3F92F5F8389C38C9218BD6E24E5C891B
                      SHA-512:165707B39070BB2CA7AF4F28ECBC82F795354B513F4F7AEC7A27FC846E22471C897AF651BB47734908A5DB6FD9907386046727E2D27345B70FE2FF9DE0E9D5D7
                      Malicious:false
                      Reputation:low
                      Preview:........K...|../..}../..~../...."/....'/....4/....:/....I/....Z/....c/....x/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....&0....@0....X0....a0....j0....s0....y0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..1..T3.1..U3(1..V3A1..W3O1..\3.1..]3.1..e3.1..f3.1..h3.2..l3.2..m3.2..n3=2..p3.2..q3.2..r3.2..s3.2..t3.2..u3.3..v323..w3.3..x3.4..y3.4..z3"5..{3.5..|3.5..}3.6..~3.6...3/6...3.6...3e7...3|7...3.7...3.7...3*8...3.8...3.8...3.8...3.8...3.9...3[:...3.:...3!;...3J;...3R;...3^;...3h;...3x;...3.;...3.;...3(<...3.<...3.<...3.<...3.=...3.=...3.=...3D>...3x>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.?...3.?...3.?...3!?...3F?...3i?...3.?...3.?...3.?...3.?...3.@...3.@...3!@...3F@...3.@...3.B...36B...3IB...3.B...3.C...3>C...3gC...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.D...3.D...3.D...3.D...3&D...30D...39D...3GD...3ZD...3fD...3.D...3.D...3.D...3.D

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\et.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):86125
                      Entropy (8bit):5.502332820543496
                      Encrypted:false
                      SSDEEP:
                      MD5:2EAA14DEA10EAD0CC4792F3C84CEA3CC
                      SHA1:533ECB9B83FF7B7A8C7E6985E273093E4DBEC122
                      SHA-256:9EA7FDA5984534D039BACC34AF3E45B2E2310B851633C6BD6E93457582726AE7
                      SHA-512:661C627D366642493BDE62126DC0855285D8F61155A26092FA0E2A937DA327B7BBB34D318BBE24F4856352F6D09FF1381DA28A0AEC7183BF796DF2540DA4E4E8
                      Malicious:false
                      Reputation:low
                      Preview:........Q...|../..}../..~.&/...../....3/....@/....F/....U/....f/....o/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....10....?0....U0....^0....h0....n0....s0....z0....}0....~0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3%1..W391..\3h1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3I2..q3o2..r3.2..s3.2..t3.2..u3.2..v3.2..w3/3..x3.3..y3.4..z3.4..{3.5..|3.5..}3@5..~3N5...3g5...3.5...3.6...3.6...3.6...3.6...3U7...3.7...3.7...3.7...3.8...3.8...3s9...3.9...3.:...3+:...33:...3?:...3F:...3X:...3|:...3.:...3.:...3B;...3b;...3t;...3.;...3.<...3D<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3.=...3.=...3&=...3)=...3[=...3.=...3.=...3.=...3.>...3.>...37>...3<>...3P>...3q>...3.>...3.@...39@...3G@...3.@...3.@...3.A...3*A...3LA...3\A...3`A...3kA...3sA...3vA...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3.B...3 B...32B...3FB...3WB

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\fa.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):133802
                      Entropy (8bit):5.213108023424941
                      Encrypted:false
                      SSDEEP:
                      MD5:1199257935EAF73C4CD20F7966322E23
                      SHA1:F6403D9B5A2AADC5550DAACA16AB28DBA5CF2B77
                      SHA-256:D586520D8962A11AABBBDD07F1CC0A1809E0D5567521CC48B155EA2D81D92693
                      SHA-512:6A180B58F686D1FFB559952710CB98CC3B18394D571C8B81AC8088E34C92EBCB91EABB460B03A33C25E985EAC0CF5EE9EBC7E7B9EC3B55034D15ABBAB9212AA6
                      Malicious:false
                      Reputation:low
                      Preview:......../...|.....}.....~........................../...../...."/....+/....@/....M/....S/....b/....h/....z/...../...../...../...../...../...../...../...../...../...../...../.....0....60....]0....n0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1....11....71..!.J1..".M1..T3k1..U3u1..V3.1..W3.1..\3.2..]3.2..e3.2..f3.2..h3.2..l3.2..m3.3..n3%3..p3.3..q3.3..r3.3..s3.4..t3.4..u3=4..v3.4..w3.5..x3]6..y3I7..z3%8..{3.9..|309..}3u9..~3.9...3.9...3.:...3.;...3.;...3#<...3w<...36=...3.>...3)>...3G>...3v>...3.@...3.A...3.B...3-C...3lC...3.C...3.C...3.C...3.C...3xD...3.D...3^E...3.E...3.E...3.E...3xF...3.F...3vG...3.G...3.H...3.H...3.H...3.H...3BH...3`H...3.H...3.H...3.H...3.H...3.H...3.I...3.I...3.I...3.I...3.J...34J...3@J...3RJ...3.J...3.K...3.N...3.O...3.O...3.O...3=P...3sP...3.P...3.P...3.P...3.P...3.P...3.Q...3.Q...3.Q...3.Q...3"Q...3%Q...33Q...3;Q...3CQ...3FQ...3PQ...3ZQ...3oQ...3yQ...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.Q...3.R...3IR...3nR...3.R...3.R...3.S...3#S...3(S

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\fi.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):88954
                      Entropy (8bit):5.4575178361839205
                      Encrypted:false
                      SSDEEP:
                      MD5:07B9FC9036F4324184D256B87D346F08
                      SHA1:B5B6B31D4D596EED74299B0B2A3EF28552C9DECC
                      SHA-256:9867D9AC5102F68F91E15F4A078C59FC786C77FFE396A1004E8D57B4B390258F
                      SHA-512:0756EB0EB9FA2A3057387D84A6395ABDEFEEBAFA4E5814F1250A75AC9A89DEE5AE540B4CAE07D64200AF9CC5BB501A42B7A36E316CF6F2A40FA99042B52B03F9
                      Malicious:false
                      Reputation:low
                      Preview:........>...|.....}.....~../...../...../...../.... /....//....@/....I/....^/....k/....q/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....#0....<0....E0....M0....T0....Y0....`0....c0....d0....k0....z0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.1..\3C1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3'2..q3L2..r3^2..s3o2..t3u2..u3.2..v3.2..w3'3..x3.3..y3.3..z3\4..{3.4..|3.4..}3.5..~3.5...3C5...3.5...3.6...3.6...3.6...3.6...3E7...3.7...3.7...3.7...3.7...3.8...3L9...3.9...3.9...3.:...3.:...3':...33:...3@:...3a:...3.:...3.:...3 ;...32;...3A;...3i;...3.;...3.;...3F<...3h<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3,=...3Q=...3.=...3.=...3.=...3.=...3.=...3.=...3.=...3#>...3~>...3.?...3.?...3.?...3e@...3.@...3.@...3.A...3&A...36A...3:A...3EA...3MA...3PA...3ZA...3]A...3gA...3jA...3xA...3|A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3'B...3>B...3QB...3uB

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\fil.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):98025
                      Entropy (8bit):5.224699801578404
                      Encrypted:false
                      SSDEEP:
                      MD5:AF93CF6DF1A3443B5505932A3EDB559F
                      SHA1:BF367FD719A40BDACA5FEEC299F4A53D68EA0977
                      SHA-256:7AD0DD92C24448BAAC45D9A60CC69704FFD01C384EFA59DCEBC205B7CCE5923E
                      SHA-512:602935DADA31F859825ACE0F5D2F591C81A4E35C6CDC62C6C45ADF3AF49942C1DDFA5140C33A36A86667F76BAE68A3B222BA59D975DC9AF98E2E7040B610B073
                      Malicious:false
                      Reputation:low
                      Preview:........F...|.....}../..~../...../...../....*/....0/....?/....P/....Y/....n/....{/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0..../0....K0....S0....[0....f0....k0....r0....u0....v0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V311..W3E1..\3~1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.2..p3^2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.2..w3W3..x3.3..y3A4..z3.4..{3A5..|3W5..}3.5..~3.5...3.5...3N6...3.7...3"7...3;7...3l7...3.7...3{8...3.8...3.8...3.8...3/:...3.:...3.;...3.;...3.<...3.<...3 <...3(<...37<...3]<...3.<...3.<...35=...3T=...3k=...3.=...3.>...3S>...3.>...3.>...3.?...3.?...3.?...3!?...3%?...3=?...3Y?...3n?...3o?...3.?...3.?...3.?...3.?...3.@...38@...3T@...3`@...3.@...3.@...3.@...3.@...37A...3cC...3.C...3.C...3.D...3WD...3.D...3.D...3.D...3.E...3.E...3.E...3.E...3.E...3%E...3(E...32E...35E...3CE...3GE...3KE...3ME...3SE...3XE...3aE...3jE...3rE...3yE...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.F...3+F

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\fr.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):104277
                      Entropy (8bit):5.397568828500247
                      Encrypted:false
                      SSDEEP:
                      MD5:9CB77752E686DA05DDC5F2EC8BC38B98
                      SHA1:809E1507777A20433D9C8FA3B371A0987EE31228
                      SHA-256:169E0E0C850F8DFB9C132BC4C6A8FB366D9C066749606B99CBE04561585EEFC6
                      SHA-512:98F18FAE5CC46F1DB621564966DE452411D433FCB2C2DB6E53B37982BEE5BCB119BCCF045878482F287DB0192B560D52F8EDC59973C8E318285244D4A6428F78
                      Malicious:false
                      Reputation:low
                      Preview:........C...|.....}.....~../...../...../....$/....*/....9/....J/....S/....h/....u/....{/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....%0....40....<0....D0....M0....S0....Z0....]0....^0....e0....x0....~0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W361..\3.1..]3.1..e3.1..f3.1..h3.1..l3.2..m3.2..n3-2..p3.2..q3.2..r3.2..s3.2..t3.2..u3.2..v3,3..w3.3..x3A4..y3.4..z3x5..{3#6..|3?6..}3e6..~3u6...3.6...3&7...3.7...3.8...3"8...3T8...3.8...3.9...3.9...3.9...3.9...3.;...3~<...3:=...3.=...3.=...3.=...3.=...3.=...3.>...3\>...3.>...3.>...3 ?...33?...3h?...3.?...3S@...3.@...3.@...3.A...3.A...3"A...3&A...3,A...3EA...3SA...3fA...3gA...3~A...3.A...3.A...3.A...3.B...35B...3RB...3`B...3.B...3.B...3.B...3.B...3GC...3.E...3.F...3.F...3.F...3.F...3+G...3eG...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.H...3.H...3.H...3.H...3!H...3)H...34H...3<H...3GH...3^H...3gH...3}H...3.H...3.H...3.H

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\gu.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):187286
                      Entropy (8bit):4.49640921264093
                      Encrypted:false
                      SSDEEP:
                      MD5:11BEB2CDC02D0EFC7DAA88296B5DAB12
                      SHA1:CEDA6551A7D3B20610AD9456183B66EA2C5EAD72
                      SHA-256:BE3FE425BE887F91FC96D4CE6DDD25AF09648FC0C1227765B323D19353FA2F2B
                      SHA-512:9CA3383127E3D52A75976F08337CA0C5D8865BD0923C79613B568C494D9BCA6E0862EC31CBB7A775B811CCD36EDB2F4B716B91645903841B9251BE4614D7A300
                      Malicious:false
                      Reputation:low
                      Preview:........@...|.....}.....~../...../...../...../....$/....3/....D/....M/....b/....o/....u/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....+0....\0.....0.....0.....0.....0.....1.....1....51....81....:1....Q1....r1....~1.....1.....1.....1.....2....62..!.L2..".O2..T3m2..U3.2..V3.2..W3.2..\3.3..]3=4..e3W4..f3`4..h3.4..l3.4..m3.4..n3.4..p3.5..q3.5..r3.5..s3&6..t396..u3u6..v3.6..w3.7..x3.8..y3.:..z3.;..{3D<..|3r<..}3.<..~3.<...37=...3.>...3=@...3Z@...3.@...3.A...3LB...3oC...3.C...3.C...3ID...3.G...3fI...3.J...3.K...3tK...3.K...3.K...3.K...3.K...35L...3.L...3FM...3MN...3wN...3.N...3.O...3.O...3.P...3tQ...3.Q...3.R...3-R...3OR...3^R...3jR...3.R...3.S...3kS...3lS...3.S...3.S...3.S...30T...3.T...3.T...3WU...3sU...3.U...3.U...3.V...3`V...39W...3.\...3.\...3.\...3.]...3.^...3.^...32_...3x_...3._...3._...3._...3._...3._...3._...3._...3._...3._...3._...3._...3._...3._...3.`...3"`...37`...3F`...3X`...3j`...3.`...3.`...3.`...3.`...3.`...3.`...3.a...3%a...3Ta...3.a

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\he.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):116937
                      Entropy (8bit):4.89071822577438
                      Encrypted:false
                      SSDEEP:
                      MD5:0EEFA37827C11109594B42B8DB162014
                      SHA1:B08DC15A27797CC76BB8FE3E80E96837B4A2658E
                      SHA-256:1CB73DBF4120771E3ECF89B16A7B99E15895B0D2F65ED16F6C95EB71767732D4
                      SHA-512:1A42AD92267AC3BFCA939F740E07FB74BFAF01B4115460A88B69E175729893FF9D4876361EA77D03ABF501A0E76CF72512198BC602B15E57FC474D39B6C6E8E7
                      Malicious:false
                      Reputation:low
                      Preview:........8...|.....}.....~............../...../...../....#/....4/....=/....R/...._/....e/....t/....z/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....(0....E0....M0....U0....]0....e0....l0....o0....p0....y0.....0.....0.....0.....0.....0.....0.....0..!..1.."..1..T3&1..U3.1..V3R1..W3g1..\3.1..]3.2..e3)2..f332..h3H2..l3P2..m3m2..n3.2..p3.2..q3.3..r323..s3K3..t3S3..u3}3..v3.3..w3L4..x3.4..y3.5..z3-6..{3.6..|3.6..}3(7..~397...3^7...3.8...3.8...3.9...3;9...3.9...3':...3.;...3%;...3A;...3q;...3.>...3+?...3W@...3.@...3.@...3.@...3.A...3.A...3%A...3LA...3.A...3.A...3NB...3.B...3.B...3.B...3VC...3.C...3.D...3:D...3xD...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3.E...3JE...3.E...3.E...3.F...3KF...3ZF...3.F...3.F...3.F...3.F...3.G...38K...3]K...3rK...3.L...3WL...3.L...3.L...3.M...3.M...3.M...3 M...3(M...3+M...35M...38M...3JM...3MM...3[M...3_M...3iM...3kM...3uM...3}M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.M...3.N...3.N...3&N...3@N...3cN...3.N

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\hi.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):192210
                      Entropy (8bit):4.469176426213678
                      Encrypted:false
                      SSDEEP:
                      MD5:FF949D6C6353F4DAC003ADF69CF32578
                      SHA1:6F04CDE63509BBD9A7CA539C3A31BA5354EFBC41
                      SHA-256:5A22E1ED3B115BBA14D471A817094535BF4B4E15E3EE885D72C125A6B2B9667F
                      SHA-512:AE278CFE22F6E43A417D4042109124CE3D486D9B917ECD77801178572E6F81F584D1B632EE8500887A706F6CF3A5F85730E5D59D9B269593728C753B0089B6A6
                      Malicious:false
                      Reputation:low
                      Preview:......../...|.....}.....~........................../...../...."/....+/....@/....M/....S/....b/....h/....z/...../...../...../...../...../...../...../...../...../...../...../...../....(0....J0....{0.....0.....0.....0.....0.....0.....0.....0.....1....51....A1....W1....|1.....1.....1..!..1.."..1..T3.1..U3.2..V3U2..W3.2..\3,3..]3.3..e3.4..f3.4..h3.4..l3D4..m3k4..n3.4..p3J5..q3.5..r3.5..s3.5..t3.6..u3R6..v3.6..w3.7..x3.8..y3.9..z3.:..{3.;..|3.<..}3I<..~3y<...3.<...3.=...3.?...3.?...3.?...3.@...3.A...3.B...3.C...3@C...3.C...3.F...3.G...3,I...3.I...3.I...3.J...3&J...38J...3WJ...3.J...3*L...3.L...3.M...3.M...3.M...3.N...3.N...3.O...3.P...3/Q...3.Q...3.Q...3.Q...3.Q...3.R...3QR...3.R...3.R...3.R...3.R...3.S...3.S...3.T...3.T...3.U...3dU...3.U...3.U...3.U...3.V...3.]...3.^...39^...3O_...3._...3F`...3.`...3.`...3.`...3.`...3.a...3.a...3.a...3'a...3*a...34a...37a...3Ea...3Ia...3Xa...3Za...3ia...3~a...3.a...3.a...3.a...3.a...3.a...3.a...3.a...3.b...3.b...38b...3`b...3.b...3.b...3!c...3Zc...3.c...3.d

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\hr.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):93919
                      Entropy (8bit):5.551298100337849
                      Encrypted:false
                      SSDEEP:
                      MD5:19C838F6901AB9F0EFFD711C5D1E658D
                      SHA1:67F0DECA16106337A6F0B89B73095BF9C3AA9EBD
                      SHA-256:E9152A4F30101BFD62829D227D4077E3FF478D052CA55BBB3847AC5A287B0749
                      SHA-512:EA7B66B05112A5FB3A6FAAD014430FCCAE8974C9876EFBF982408552D74643973209EFA8A76E810906A3BDDD9BB2696AF168254489D5DA6BC2BD2D30272A94A2
                      Malicious:false
                      Reputation:low
                      Preview:........L...|../..}../..~../....$/....)/....6/....</....K/....\/....e/....z/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....30....D0....O0....[0....`0....g0....n0....q0....r0....z0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3.1..W3:1..\3i1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.2..p3S2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.2..w3_3..x3.3..y334..z3.4..{3.5..|3"5..}3C5..~3P5...3d5...3.5...3.6...3.6...3.6...3.7...3{7...3<8...3P8...3\8...3{8...3x:...3i;...3;<...3}<...3.<...3.<...3.<...3.<...3.<...3.<...32=...3\=...3.=...3.=...3.=...3.>...3x>...3.>...3.?...3F?...3k?...3r?...3x?...3~?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...31@...3v@...3.@...3.@...3.@...3.@...3.@...3.@...3.A...3.A...3XD...3mD...3|D...3.D...32E...3]E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.F...3.F...3.F...3.F...3%F...3.F...35F...3>F...3FF...3LF...3PF...3UF...3_F...3hF...3pF...3.F...3.F...3.F...3.F...3.F...3.F

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\hu.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):100006
                      Entropy (8bit):5.6662331929404015
                      Encrypted:false
                      SSDEEP:
                      MD5:6788542B420ABBEB3ACDE7B5F1AB8859
                      SHA1:F2709A3A56950BD2C40EFE2A4167473322400F52
                      SHA-256:6C6C9BF010A869F149E7977EF109A6A41FDDFE07AC6ADF9E08870505105C8EDD
                      SHA-512:DE39573D3DAF213080F6A82D1C9959E535BEF464A16B6CF4587500DDBE8139DE2D42A43ED5D4871521B62E071632C100E68393432C5474A43DBF001552ED459D
                      Malicious:false
                      Reputation:low
                      Preview:........?...|.....}.....~../...../...../...../...."/....1/....B/....K/....`/....m/....s/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....&0....:0....G0....T0....d0....m0....t0....w0....x0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3 1..V361..W3L1..\3.1..]3.1..e3.1..f3.1..h3.2..l3.2..m3*2..n3:2..p3{2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3z3..x3.3..y3m4..z3.4..{3t5..|3.5..}3.5..~3.5...3.5...3{6...3G7...3Z7...3o7...3.7...388...3.8...3.8...3.8...3.8...3.9...3o:...3.:...3,;...3Y;...3_;...3v;...3.;...3.;...3.;...3.<...3@<...3.<...3.<...3.<...3)=...3.=...3.=...3b>...3.>...3.>...3.>...3.>...3.>...3.>...3.>...3.?...3&?...3'?...3;?...3>?...3.?...3.?...3.?...3.@...30@...37@...3f@...3r@...3.@...3.@...3.A...3.B...3.B...3.B...3DC...3.C...3.C...3.C...3.D...3+D...36D...3>D...3AD...3KD...3ND...3XD...3[D...3iD...3mD...3tD...3vD...3|D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3*E...3AE...3kE...3.E

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\id.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):86674
                      Entropy (8bit):5.380506600184875
                      Encrypted:false
                      SSDEEP:
                      MD5:76C25229C6D86A3CE05ADDE04BD1FBC4
                      SHA1:39EDAF1FFE4EBAF298032C89F6F57DFDD6D83D97
                      SHA-256:9293C5BCF8BCA245680ED7DDF6339440FD81DA23BDEF9950624D87411B0B3BFB
                      SHA-512:B521D1B1F4802328F049B73FB7D9ACDCB36ACBE952607A0F5888E0F54020783CD6395A50D504BBCEB535767A78D50EFE2B1B5246CC1C1FBC4471F1E005CC0BEA
                      Malicious:false
                      Reputation:low
                      Preview:........:...|.....}.....~......../...../...../...../....'/....8/....A/....V/....c/....i/....x/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0...."0....*0....20....70....>0....A0....B0....H0....T0....Z0....^0....s0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.0..\331..]3z1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3.1..q3.2..r3.2..s3)2..t302..u3K2..v3}2..w3.2..x3R3..y3.3..z3-4..{3.4..|3.4..}3.4..~3.4...3.5...3.5...3Z6...3i6...3{6...3.6...3.7...3x7...3.7...3.7...3.7...3.8...3.9...3.9...3.9...3.9...3.9...3.9...3.9...3.:...3#:...3e:...3.:...3.:...3.:...3.;...32;...3.;...3.;...3.<...3D<...3p<...3z<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...38=...3.=...3.=...3.=...3.=...3.=...3.=...3.=...3.>...3_>...3.?...3.?...3.?...3S@...3.@...3.@...3.@...3.@...3.A...3.A...3.A...3.A...3.A...3$A...3'A...31A...34A...3BA...3FA...3KA...3MA...3ZA...3aA...3kA...3rA...3xA...3}A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\it.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):93958
                      Entropy (8bit):5.313681335891397
                      Encrypted:false
                      SSDEEP:
                      MD5:34DA77963FAECE776C91E2829F185E3E
                      SHA1:81F61A803A107405458A4CA6654EC8599296600C
                      SHA-256:05AB584DF911EF1AB815326E35FD712F81DEFEB98F58A5B047D05A091380D120
                      SHA-512:1F87EA68563D175A3BF7F5F1F2022A94ABCE3B8CD6AB071F765214A752DF0EC71A50EC459E4AC6559ABE6C7E6419CA74FA38EE491EEFFF75D19E58D3076573B7
                      Malicious:false
                      Reputation:low
                      Preview:........G...|.....}../..~../...../...../....,/....2/....A/....R/....[/....p/....}/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....!0....&0....70....E0....P0....Z0....`0....g0....j0....k0....q0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3(1..W391..\3o1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.2..p3Q2..q3{2..r3.2..s3.2..t3.2..u3.2..v3.2..w3?3..x3.3..y3=4..{3.4..|3.4..}3.5..~3.5...3-5...3.5...3.6...3.6...3.6...3.6...3r7...3.7...3.7...3.7...3%8...3E9...3.9...3N:...3.:...3.:...3.:...3.:...3.:...3.;...3U;...3.;...3.;...3.<...3*<...3f<...3.<...3#=...3y=...3.=...3.=...3.=...3.=...3.=...3.=...3.>...3->...3@>...3A>...3O>...3R>...3s>...3.>...3.>...3.>...3.?...3.?...3-?...35?...3B?...3d?...3.?...3.A...3.A...3.A...34B...3yB...3.B...3.B...3.B...3.C...3.C...3.C...3.C...3"C...3,C...3/C...39C...3<C...3JC...3NC...3SC...3UC...3ZC...3^C...3dC...3pC...3xC...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.D...3.D...32D

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ja.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):113548
                      Entropy (8bit):5.845248838920681
                      Encrypted:false
                      SSDEEP:
                      MD5:79345CA050327AF6C5E4C9A1C2155763
                      SHA1:6E4F00EE0AD766494A89B0CD5F9DBDFA1D2E3489
                      SHA-256:B4FFAB3720A5CEFB61B0E3120076351794D40D29A234315BCBBFF141378C53A3
                      SHA-512:EBDD9C3A9B539507BA5C19535FE77DCE00B0AF1A9DA6CC42D5599FFB9A7A2D5B6653898C3A6A15A68100D08FF14414A9A8DF1C4AA8EF6C7869D05C01769382CB
                      Malicious:false
                      Reputation:low
                      Preview:............|.....}.....~....................................../...../...../....%/....7/....?/....D/....L/....W/...._/....n/....s/....{/...../...../...../...../...../...../...../...../.....0....#0....,0....20....;0....B0....E0....R0....e0....k0....q0....w0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W3.1..\3s1..]3.1..e3.1..f3.1..h3.1..l3.2..m3!2..n332..p3.2..q3.2..r3.2..s3.2..t3.2..u3.3..v3H3..w3.3..x3V4..y3.4..z3k5..{3.6..|3.6..}3R6..~3a6...3v6...3.7...3.7...3.7...3.8...3k8...3.9...3z9...3.9...3.9...3.9...3.:...3o;...3.;...3H<...3o<...3~<...3.<...3.<...3.<...3.<...3:=...3j=...3.=...3.>...3.>...37>...3.>...3.>...3S?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3J@...3K@...3]@...3`@...3.@...3.@...3 A...37A...3aA...3gA...3.A...3.A...3.A...3.A...3-B...3.C...3.D...31D...3.D...3*E...3iE...3.E...3.F...3.F...3.F...3.F...3'F...3*F...34F...37F...3AF...3DF...3PF...3TF...3]F...3_F...3qF...3wF...3zF...3}F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.G...3.G...3@G...3mG...3.G...3.G

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\kn.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):215358
                      Entropy (8bit):4.402537309642189
                      Encrypted:false
                      SSDEEP:
                      MD5:8A2BA5953188E93BCF9665B885AC1FE2
                      SHA1:7422DA273A75284B548735908C85BB9540BF7529
                      SHA-256:486833C8A47CA52CFC81EFBC55B008810539CD0D5B7D5DFD119FD3ABD50CFAE2
                      SHA-512:261AACE06F0CFF0C9E6677382A095BA4A655E6A3FF9C9291F2FD27172C22E670C4986FD72C138455A2F79D482D60258962A82A04EF47116B0485EE3B6888F2E1
                      Malicious:false
                      Reputation:low
                      Preview:........E...|.....}../..~../...../...../....(/...../....=/....N/....W/....l/....y/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....P0.....0.....0.....1.....1....@1....^1....v1....}1.....1.....1.....1.....1.....1.....1.....2....U2....y2.....2..!..2.."..2..T3.2..U3.2..V3,3..W3_3..\3<4..]3.4..e3.5..f3.5..h3;5..l3J5..m3|5..n3.5..p3K6..q3.6..r3.6..s3.7..t367..u3v7..v3.8..w3@9..x3D:..y3x;..z3.<..{3.=..|3.>..}3_>..~3.>...3.>...3.@...3.B...3.B...3.B...3.C...3.D...3,F...3.F...3.F...3.G...3.K...3.L...3.N...3.N...3-O...3mO...3.O...3.O...3+P...3.Q...3.Q...3.R...3.R...3&S...3.S...3.T...3~U...3bV...3.V...38W...3SW...3nW...3.W...3.W...3.W...3;X...3yX...3zX...3.X...3.X...3.X...3HY...3.Z...3&Z...3tZ...3.Z...3.Z...3.Z...3.[...3u[...3.\...3.b...3(c...3\c...3.d...3Ie...3.e...3&f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.f...3.g...3.g...3.g...3=g...3Og...3dg...3sg...3.g...3.g...3.g...3.g...3.g...33h...3Qh...3.h...3.h...33i

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ko.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):95815
                      Entropy (8bit):6.171443979779342
                      Encrypted:false
                      SSDEEP:
                      MD5:28C5A629A2B8CB342FD14D36DAF2698A
                      SHA1:7A832C6C84FC97C308B7C9EE8331A885FFCE872A
                      SHA-256:E2BE5A7D74470F268E76696489F0DFBC47A1BA68451F5113686C01C4DAD8D558
                      SHA-512:D48EB73CAE1EA0C989AE1E61F73D6900ABD7D7946CD1EDDEDD8273DEB00C015C5B898C2A84153EEBCE093FFA4A9692B33FFC96CFF732830978282AB999516554
                      Malicious:false
                      Reputation:low
                      Preview:............|.....}.....~................................................../...../....#/....5/....=/....B/....J/....U/....]/....l/....q/....x/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0.....0...."0....80....J0....W0....c0..!.j0..".m0..T3.0..U3.0..V3.0..W3.0..\3.1..]3l1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3#2..q3W2..r3g2..s3t2..t3z2..u3.2..v3.2..w3I3..x3.3..y3E4..z3.4..{3M5..|3d5..}3.5..~3.5...3.5...3Z6...3U7...3f7...3z7...3.7...318...3.8...3.8...3.8...3.8...3.9...3{:...3.;...3B;...3v;...3|;...3.;...3.;...3.;...3.;...3#<...3V<...3.<...3.<...3.<...3.=...3|=...3.=...3.>...3?>...3d>...3j>...3m>...3s>...3.>...3.>...3.>...3.>...3.>...3.>...3.?...32?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3[@...3.A...3.A...3.A...3bB...3.B...3.B...3+C...3]C...3mC...3qC...3|C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.D...3.D...3$D...34D...3KD...3aD...3rD...3.D...3.D...3.D

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\lt.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):102034
                      Entropy (8bit):5.644297004239583
                      Encrypted:false
                      SSDEEP:
                      MD5:0512E53767F8215D46D31C1E5C33AB24
                      SHA1:BCEDB4911651A140AF7578416E5312639DF1A330
                      SHA-256:724A0A5654B38DFDD15CECF37358E9938CFAAA294CFB125FA68426DDBC1F23BE
                      SHA-512:2E1FAA41517B45C7CF205B52E0D848B437779A0D70D65D19A302CDFD731645A0610558749406C17F81A115F6406D3BB24501E52FBB935F19B88776EFE3F43761
                      Malicious:false
                      Reputation:low
                      Preview:........D...|.....}../..~../...../...../....&/....,/....;/....L/....U/....j/....w/....}/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....'0....80....B0....M0....T0....]0....d0....g0....h0....r0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3*1..W3?1..\3x1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.2..n3.2..p3n2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3.3..x3.4..y3.4..z395..{3.5..|3.5..}3/6..~3G6...3o6...3.6...3.7...3.7...3.7...3.8...3.8...3.9...3.9...3.9...3.9...3.<...3M=...3b>...3.>...3.>...3.>...3.>...3.>...3.?...3Q?...3.?...3.?...30@...3_@...3v@...3.@...32A...3.A...3.A...3#B...3KB...3VB...3\B...3aB...3yB...3.B...3.B...3.B...3.B...3.B...3.B...3.C...3FC...3aC...3}C...3.C...3.C...3.C...3.C...3.C...3.D...3.H...3.H...3.H...3dI...3.I...3.I...3'J...3MJ...3]J...3aJ...3lJ...3tJ...3wJ...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.J...3.K...3.K...3 K...3+K...3>K...3[K...3vK...3.K

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\lv.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):100735
                      Entropy (8bit):5.656914051184624
                      Encrypted:false
                      SSDEEP:
                      MD5:073730434015FC8ED3310E6626E8E79B
                      SHA1:2373FBA01A251BEDE7C8F1F4912177E9BCB9A639
                      SHA-256:EF6BDACC2096C7C991829E3E7D6EBEFE0E7D82BBC74899C6C8560E63E3B2E102
                      SHA-512:5AEC316A6BAC1EE6FC8FB04608CF44A8789A4D9A3A9AAA14DC683CB1F11CD3BBAAA816DCF1A1ACFFA9B6BC0C8489C10D654ED5C9D2F71EE4480124FE9C231A38
                      Malicious:false
                      Reputation:low
                      Preview:........M...|../..}../..~../....&/....+/....8/....>/....M/....^/....g/....|/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0.....0....I0....e0....o0....z0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1..!..1.."..1..T321..U3;1..V3V1..W3v1..\3.1..]3.1..e3.2..f3.2..h3"2..l3+2..m3?2..n3N2..p3.2..q3.2..r3.2..s3.2..t3.2..u3.3..v3-3..w3.3..x3.4..y3.4..z3.5..{3.5..|3.5..}3.5..~3.5...3.6...3.6...3o7...3.7...3.7...3.7...3O8...3.9...3 9...319...3V9...3h;...3W<...3.=...3c=...3.=...3.=...3.=...3.=...3.=...3.=...3'>...3K>...3.>...3.>...3.>...3.?...3h?...3.?...3.?...3*@...3W@...3c@...3m@...3u@...3y@...3.@...3.@...3.@...3.@...3.@...3.@...3"A...3CA...3.A...3.A...3.A...3.A...3.A...3.A...3.B...30B...3.B...3.E...3.E...3.E...35F...3.F...3.F...3.F...3.G...3.G...3#G...3.G...36G...39G...3DG...3GG...3QG...3TG...3bG...3fG...3kG...3mG...3sG...3{G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.H...3 H...36H

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ml.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):226815
                      Entropy (8bit):4.412130518766917
                      Encrypted:false
                      SSDEEP:
                      MD5:E3505EF16E8EFA2977BA1EB5F678E0C9
                      SHA1:30365DC55395E29626C72970B56E9F856288C6ED
                      SHA-256:A4728315C0D770B602652A89B10C2DFF22FF8326D95C0CD40DBE5584716FF831
                      SHA-512:59929E9BB127F54A48B6DAABBD35FB63355E5C9A9F8A78E6DB9D14ECE786F2538EAC23EC27097DD1BFC6DB48C8E2D3147B29AFC1FF55F23C90E151BA79187A00
                      Malicious:false
                      Reputation:low
                      Preview:........B...|.....}.....~../...../...../...."/....(/....7/....H/....Q/....f/....s/....y/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....Y0.....0.....0.....1....71....U1.....1.....1.....1.....1.....1.....1.....2.....2....<2....]2.....2.....2.....2..!..2.."..2..T3,3..U3>3..V3.3..W3.3..\3g4..]3M5..e3l5..f3u5..h3.5..l3.5..m3.5..n306..p3.6..q357..r3f7..s3.7..t3.7..u3.8..v3.8..w3.9..x3.:..y34<..z3z=..{3.>..|31?..}3.?..~3.?...3/@...3.A...3.C...3.D...3MD...3.D...3<F...3MG...3.G...3.G...34H...3.K...3.L...3.L...3.M...3.N...34N...3YN...3tN...3.N...3"O...34P...3.P...3.Q...3.Q...3_R...3.R...3.S...3.T...3nU...3.U...3zV...3.V...3.V...3.V...3.W...3[W...3.W...3.W...3.W...3.W...3.X...3oX...34Y...3cY...3.Y...3.Y...3QZ...3|Z...3.Z...3.Z...3.[...3._...3._...3._...36a...3.a...3ob...3.b...3Mc...3]c...3ac...3lc...3tc...3wc...3.c...3.c...3.c...3.c...3.c...3.c...3.c...3.c...3.c...3.c...3.c...3.d...3.d...33d...3Hd...3Zd...3.d...3.d...3.d...3.d...3.e...3Be...3.e...3.e...33f

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\mr.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):184438
                      Entropy (8bit):4.489837045622688
                      Encrypted:false
                      SSDEEP:
                      MD5:D539F46E83560AC792D2F7977FBD040F
                      SHA1:97B3873CA527AAA27C23465785FE0812DA5B76B5
                      SHA-256:566D4F74A590FC549EEF861103EE8B26544625FA578D899F3D937F8751FB40DA
                      SHA-512:31ADE1C41446FF267226D820F8E0869CC12C0354C6253395ACB14AF17DD84E84C3D8D844E87BE49635DBD0DE5FBA816E2306F4131F9E5AD9167793B82584B666
                      Malicious:false
                      Reputation:low
                      Preview:........5...|.....}.....~..................../...../...../...../....7/....L/....Y/...._/....n/....t/...../...../...../...../...../...../...../...../...../...../...../...../.....0....%0....M0.....0.....0.....0.....0.....0.....1.....1.....1.... 1....=1....L1....[1.....1.....1.....1.....2..!.!2..".$2..T3B2..U3[2..V3.2..W3.2..\3G3..]3.3..e3.3..f3.3..h3!4..l3:4..m3m4..n3.4..p3i5..q3.5..r3.5..s3#6..t3?6..u3.6..v3.6..w3.7..x3.8..y3.:..z3.;..{33<..|3a<..}3.<..~3.<...31=...3.>...3_@...3v@...3.@...34A...3.B...3vC...3.C...3.C...3GD...3.F...3.G...3.H...3.I...3mI...3.I...3.I...3.I...3.I...3@J...3.J...3\K...3RL...3.L...3.L...3KM...37N...3.N...3.O...34P...3.P...3.P...3.P...3.P...3.P...35Q...3}Q...3.Q...3.Q...3.Q...3.Q...3(R...3_R...3.R...3.S...3jS...3.S...3.S...3.S...3.S...39T...3.T...3.X...3hX...3.X...3zY...3.Z...3~Z...3.Z...3,[...3<[...3@[...3K[...3S[...3V[...3`[...3c[...3m[...3p[...3~[...3.[...3.[...3.[...3.[...3.[...3.[...3.[...3.[...3.[...3.\...3 \...32\...3D\...3`\...3|\...3.\...3.\...39]...3}]

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ms.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):88659
                      Entropy (8bit):5.288469801592935
                      Encrypted:false
                      SSDEEP:
                      MD5:2E131E4D953C2037C3E9F5F10E25509C
                      SHA1:5F8656B265905357E4BB6241C5B04F82B0A2BBC2
                      SHA-256:C4297715D360A622853ED74C501D976F01DBBE2ED111001B51A4CD2B06342E73
                      SHA-512:788A2BEE1DD211848ABC770F7DD6A40ADD0FA6C39D584B866EEA44E1248A95B8EB8AC5EED9A700FF2377693EECFE8DC86DCD01883ADC4658A434D0BAE561E930
                      Malicious:false
                      Reputation:low
                      Preview:........:...|.....}.....~......../...../...../...../....'/....8/....A/....V/....c/....i/....x/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....10....;0....F0....N0....S0....Z0....]0....^0....d0....p0....w0....~0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W3.1..\3S1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p352..q3P2..r3\2..s3d2..t3k2..u3.2..v3.2..w3.3..x3v3..y3.3..z3Y4..{3.4..|3.4..}3.5..~3.5...325...3.5...3c6...3r6...3.6...3.6...3.7...3t7...3.7...3.7...3.7...3.8...3,9...3.9...3.9...3.9...3.9...3.:...3.:...3.:...38:...3.:...3.:...3.:...3.;...3.;...3K;...3.;...3.;...3D<...3f<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...37=...3.=...3.=...3.=...3.=...3.=...3.=...3.=...3.>...3V>...3.@...3.@...3'@...3.@...3.@...3.@...3#A...3HA...3XA...3\A...3gA...3lA...3oA...3yA...3|A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3.B...3-B...3=B...3fB...3.B

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\nb.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):87348
                      Entropy (8bit):5.430755677193579
                      Encrypted:false
                      SSDEEP:
                      MD5:53F6E6ACD52940331635DCE809B89209
                      SHA1:2C5B6404D23AC519113AC396224D60152FD123F9
                      SHA-256:80AD0A99ED803CEDBE09EF7A1ADBDAF6213D3B8144F1ECEE6731FAC807AFEA95
                      SHA-512:AAA9FEA908DA212E71ACCA6E8913CE455321AE832B9157CAF79835D6B2D83AD90C09C7A9102CCD549B11C780D803AB022AA3A5792AE8CD8DBAC082E1FF5E4745
                      Malicious:false
                      Reputation:low
                      Preview:........A...|.....}.....~../...../...../.... /....&/....5/....F/....O/....d/....q/....w/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....-0....40....<0....G0....K0....R0....U0....V0....]0....h0....o0....s0....~0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.0..\361..]3z1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3.2..q3*2..r3:2..s3J2..t3P2..u3e2..v3.2..w3.3..x3o3..y3.3..z3A4..{3.4..|3.4..}3.4..~3.4...3.5...3w5...3.6...3!6...316...3]6...3.6...3'7...377...3D7...3`7...3N8...3.8...329...3w9...3.9...3.9...3.9...3.9...3.9...3.9...3":...3M:...3.:...3.:...3.:...31;...3.;...3.;...3#<...3N<...3}<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3'=...3i=...3{=...3.=...3.=...3.=...3.=...3.=...3.=...3;>...3.?...3.?...3.?...3;@...3.@...3.@...3.@...3.@...3.A...3.A...3.A...3 A...3#A...3-A...30A...3:A...3=A...3KA...3OA...3SA...3UA...3bA...3iA...3nA...3yA...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3.B...3,B

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\nl.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):91367
                      Entropy (8bit):5.389304409979987
                      Encrypted:false
                      SSDEEP:
                      MD5:A1839E47651D2EA73B78AB070DF1B65F
                      SHA1:F3A4CC1925A03E21C1608675F59390C61E949F61
                      SHA-256:055AD215ED2DFD666C9C7CB1973DE34B450018A322368872AC64B09753B7B4FB
                      SHA-512:9E13729600318C0CD05A2344A156EEDD737D0377DA3F7B11E27F1596ED6CA9B55C746CF77F9A8BBA08BFF5E8DB31E6C72B805729B1C6B7D08FE3DE31B2CF178D
                      Malicious:false
                      Reputation:low
                      Preview:........F...|.....}../..~../...../...../....*/....0/....?/....P/....Y/....n/....{/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....)0....=0....J0....W0....a0....h0....o0....r0....s0....}0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3.1..W3)1..\3V1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3*2..q3H2..r3V2..s3d2..t3j2..u3.2..v3.2..w3.3..x3{3..y3.3..z3X4..{3.4..|3.4..}3.5..~3.5...335...3.5...3d6...3s6...3.6...3.6...3!7...3.7...3.7...3.7...3.7...3.8...3V9...3.9...3.:...3/:...38:...3G:...3O:...3^:...3.:...3.:...3.:...3w;...3.;...3.;...3.;...3-<...3t<...3.<...3.<...3.=...3%=...30=...35=...39=...3Q=...3k=...3}=...3~=...3.=...3.=...3.=...3.=...3.>...31>...3U>...3\>...3x>...3.>...3.>...3.>...3.?...3.@...3.@...3.@...3UA...3.A...3.A...3.A...3.B...3.B...3.B...3!B...3)B...3,B...36B...39B...3CB...3FB...3TB...3XB...3[B...3]B...3bB...3hB...3nB...3yB...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.C

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\pl.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):98745
                      Entropy (8bit):5.758827694897057
                      Encrypted:false
                      SSDEEP:
                      MD5:5A024FCD41E374D4F4C88945A48319C9
                      SHA1:8E739583779B394B20D06CD18E96942BB80C8B80
                      SHA-256:4C76D0B1711F09360E59CA23BD8D1A708F25A76FF89EDA1D3733123959F6F1DF
                      SHA-512:0FFC3230B8DC36126DD4623AC1B05AA4B72090E56DE84CC0FC66AB9D4C876FFB859A2AAD9E23C5FAA943DCE48F10299970A3EB88B71D82D60CF9D8E01579EA28
                      Malicious:false
                      Reputation:low
                      Preview:........I...|.....}../..~../...../....#/....0/....6/....E/....V/...._/....t/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....!0....60....A0....M0....W0....^0....e0....h0....i0....p0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..U3.0..V3.1..W3.1..\3N1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p382..q3Y2..r3h2..s3z2..t3.2..u3.2..v3.2..w3B3..x3.3..y3"4..z3.4..{3+5..|3L5..}3.5..~3.5...3.5...3.6...3.6...3.6...3.6...3)7...3.7...3I8...3Y8...3f8...3.8...3d:...3R;...3.<...3A<...3h<...3n<...3}<...3.<...3.<...3.<...3.<...3 =...3.=...3.=...3.=...3.=...3.>...3{>...3.>...3.>...3.?...3.?...3'?...3/?...32?...3E?...3`?...3z?...3{?...3.?...3.?...3.?...3.?...3.@...3+@...3F@...3O@...3q@...3w@...3.@...3.@...3&A...3.D...3)D...3<D...3.D...3.D...3(E...3RE...3pE...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.E...3.F...3.F...3.F...3"F...30F...3=F...3SF...3tF...3.F...3.F

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\pt-BR.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):93645
                      Entropy (8bit):5.452021540556636
                      Encrypted:false
                      SSDEEP:
                      MD5:933D5CCFA8FBBA5C4D8A9357D1B40DD4
                      SHA1:FF939ABFED429B05EA726A057B16B7A3836B4815
                      SHA-256:998F46D19EA91B97D988F810488BABA970B038E85D481FFDF94B1E7EBC105DAE
                      SHA-512:7198A73C3373D5BCBC4A2F13F9EBF8B543CAF74FE45539BFD0E53CB5506D9754EEECB01329B21822D0E7027FFCD3E82BCFFE7302498CA05CB011F1792991EB1E
                      Malicious:false
                      Reputation:low
                      Preview:........I...|.....}../..~../...../....#/....0/....6/....E/....V/...._/....t/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....-0....E0....Z0....c0....l0....u0....{0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3&1..W331..\3e1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p382..q3Z2..r3g2..s3y2..t3.2..u3.2..v3.2..w3C3..x3.3..y354..z3.4..{3;5..|3U5..}3x5..~3.5...3.5...3D6...3.7...3.7...3B7...3n7...3.7...3i8...3p8...3|8...3.8...3,:...3.:...3.;...3.;...3.<...3.<...3"<...3,<...3;<...3^<...3.<...3.<...35=...3G=...3\=...3.=...3.=...3B>...3.>...3.>...3.>...3.?...3.?...3.?...3!?...3;?...3L?...3M?...3^?...3a?...3.?...3.?...3.?...3.@...3(@...32@...3O@...3U@...3b@...3.@...3.@...3.C...3 C...32C...3.C...3.C...3.D...3GD...3eD...3uD...3yD...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3.E...3.E...3*E...3AE...3aE...3tE...3.E...3.E

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\pt-PT.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):94309
                      Entropy (8bit):5.438421214849187
                      Encrypted:false
                      SSDEEP:
                      MD5:0FE3CCAFE2CDA501F336B1A39661C727
                      SHA1:B291866AD49E19A3485692FF091EAADB00CAD2D4
                      SHA-256:987468D1BA3997ECA987B675832B40C35A1BD2BF00C136FB577990BB3F060D4B
                      SHA-512:F91939FB2C82E1D3A5C222D5FB949B842A4E212B5F8FE9EAC2CB49AFDCE16725100622A58D7BD70FDD545F753846BD78E24836FF71DA233EBD635200F4D420A1
                      Malicious:false
                      Reputation:low
                      Preview:........K...|../..}../..~../...."/....'/....4/....:/....I/....Z/....c/....x/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....'0....B0....T0....]0....f0....o0....u0....|0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V361..W3C1..\3z1..]3.1..e3.1..f3.1..h3.1..l3.2..m3.2..n3,2..p3r2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3.3..x3.3..y3.4..z3.4..{3.5..|3.5..}3.5..~3.5...3.5...3.6...3r7...3.7...3.7...3.7...3Y8...3.8...3.8...3.8...3.9...35:...3.:...3<;...3~;...3.;...3.;...3.;...3.;...3.;...3.<...3_<...3.<...3.<...3 =...30=...3p=...3.=...3.>...3h>...3.>...3.>...3.>...3.>...3.>...3.>...3.?...3(?...39?...3:?...3K?...3N?...3~?...3.?...3.@...3.@...3C@...3M@...3j@...3p@...3}@...3.@...3.A...3.B...3.B...3.B...3iC...3.C...3.C...3.D...3'D...37D...3;D...3FD...3ND...3QD...3[D...3^D...3hD...3kD...3yD...3}D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.D...3.E...3&E...3=E...3UE

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ro.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):96749
                      Entropy (8bit):5.47633886091091
                      Encrypted:false
                      SSDEEP:
                      MD5:E42D70AEDAD0404D377A1144A746C1EC
                      SHA1:23713E36B25408BAB0AF026FD1AE6363F16908DB
                      SHA-256:3253886E358DAD6B082AE777B195C4D66BFC0AA012BB1D36A537C1E60404ACCC
                      SHA-512:B5685ECE6F574438781FF61686735E2067AA4F17C800FA24C5617B48E0D3D928DDCF0AEF84CE5D1343CF6980AB2C95E5F89F9C0FC4FCEE2ADCBA45BBF7A8BC7A
                      Malicious:false
                      Reputation:low
                      Preview:........L...|../..}../..~../....$/....)/....6/....</....K/....\/....e/....z/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0..../0....A0....M0....Y0....f0....n0....u0....x0....y0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V3+1..W3<1..\3d1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.2..p3N2..q3o2..r3.2..s3.2..t3.2..u3.2..v3.2..w3]3..x3.3..y3=4..z3.4..{3-5..|3A5..}3j5..~3z5...3.5...3.6...3.6...3.6...3.6...3.7...3.7...3.8...3$8...358...3U8...3.9...3q:...3.:...3@;...3d;...3r;...3z;...3.;...3.;...3.;...3+<...3.<...3.<...3.<...3.<...3C=...3.=...3.=...3.>...33>...3>>...3C>...3E>...3[>...3u>...3.>...3.>...3.>...3.>...3.>...3.>...3!?...39?...3O?...3V?...3u?...3~?...3.?...3.?...3+@...3OB...3jB...3}B...3.B...3;C...3iC...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.C...3.D...3.D...3.D...3.D...3.D...3.D...3"D...3(D...3.D...35D...3<D...3GD...3PD...3WD...3bD...3tD...3.D...3.D...3.D...3.D...3.D

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ru.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):152481
                      Entropy (8bit):5.017436518499033
                      Encrypted:false
                      SSDEEP:
                      MD5:F35F4268E3866EE7EE6933AF7B52CB5F
                      SHA1:D96666FB0706673FB7B0A0B09229EBBE9E32051D
                      SHA-256:AEADE0CD3AA98B386A65F8964E99DE93A77B0557AE60B1983288A58501327B6E
                      SHA-512:B900E1C2CE659E2A81891A524C303E712F3483FED45DE1812EA4A7DABE1DA798E64A187D5582493B8474559908ED95666D1653481C9B4EBD0D49085C76EE3680
                      Malicious:false
                      Reputation:low
                      Preview:......../...|.....}.....~........................../...../...."/....+/....@/....M/....S/....b/....h/....z/...../...../...../...../...../...../...../...../...../...../...../...../.....0....60....]0....m0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....1....:1....K1....W1..!.p1..".s1..T3.1..U3.1..V3.1..W3.1..\3I2..]3.2..e3.2..f3.3..h3.3..l3/3..m3M3..n3j3..p3.3..q3.4..r3,4..s3<4..t3H4..u3y4..v3.4..w3.5..x3f6..y317..z3.7..{3.8..|3.8..}3*9..~3D9...3.9...3v:...3.;...3.;...3.;...3E<...3!=...3h>...3u>...3.>...3.>...3.B...39D...3.E...3.F...3<F...3QF...3vF...3.F...3.F...3dG...3.G...3DH...3kH...3.H...3.H...3pI...3.I...3jJ...3.J...3.J...3.K...3.K...3!K...3IK...3uK...3.K...3.K...3.K...3.K...3.L...3VL...3.L...3.L...3.L...3.M...3-M...3<M...3.M...3fN...3.U...3>U...3YU...3.U...3@V...3pV...3.V...3.V...3.V...3.V...3.V...3.V...3.V...3.W...3.W...3.W...3.W...3(W...3,W...36W...38W...3@W...3JW...3TW...3jW...3vW...3.W...3.W...3.W...3.W...3.W...3.X...36X...3mX...3.X...3.X...3.X...3cY...3.Y...3.Y

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\sk.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):99941
                      Entropy (8bit):5.806554150093923
                      Encrypted:false
                      SSDEEP:
                      MD5:64BE97B7A539CFD2BA9C59DADE5EA6D3
                      SHA1:D92FE720788C87B56E85342706DFA9DC137C754F
                      SHA-256:3E8A82A8960712126FB354D9DD2E275D5D7FC86E4D5E11B597D1245C43EDBF87
                      SHA-512:9EE3926D5BDA01EB650E6FC5E58D8C07DD885600738F25E9EDA16062A23A69CA5DC44B16477F76CC30F066466CF9D81618BC1248045E0D31F0A96DB8F601F913
                      Malicious:false
                      Reputation:low
                      Preview:........O...|../..}../..~."/....*/....//....</....B/....Q/....b/....k/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0....$0....>0....S0....a0....o0....w0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..1..T3.1..U3+1..V3W1..W3k1..\3.1..]3.1..e3.1..f3.2..h3.2..l3.2..m3,2..n3:2..p3.2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.3..w3.3..x3.3..y3x4..z3.4..{3b5..|3w5..}3.5..~3.5...3.5...3Z6...3.7...3*7...3?7...3v7...3.7...3.8...3.8...3.8...3.8...3.:...3.;...3.<...3.<...3.=...3.=...3!=...3*=...3;=...3h=...3.=...3.=...3Y>...3r>...3.>...3.>...3.?...3P?...3.?...3.?...3.@...3.@...3.@...3.@...3.@...3,@...3C@...3\@...3]@...3r@...3u@...3.@...3.@...3'A...3=A...3UA...3^A...3~A...3.A...3.A...3.A...3?B...3.E...3.E...3.F...3.F...3.F...3.G...3JG...3|G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.H...3.H...3.H...3.H...3"H...3>H...3LH...3YH...3mH...3.H...3.H

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\sl.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):95506
                      Entropy (8bit):5.505127555787819
                      Encrypted:false
                      SSDEEP:
                      MD5:266974DACB264201783D524BAAA7D604
                      SHA1:D7901ECA2DA22FA813FCA2B04E7225682F8B7F52
                      SHA-256:621C3C23B737DBCF9C0A607DF80F1177713B0D9B6E7C4943B46F80CCFE97919E
                      SHA-512:BFF3350A879D4E6E81908733BDECD80CD46BA89225806CDB7C33FF578C5BB7226F6006336A4FEE3A7DB7F6F3FBD86F8CF95A908ADEC12826418F4253EBC741EB
                      Malicious:false
                      Reputation:low
                      Preview:........:...|.....}.....~......../...../...../...../....'/....8/....A/....V/....c/....i/....x/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....'0....10....90....?0....D0....K0....N0....O0....W0....b0....g0....m0....w0.....0.....0.....0..!..0.."..0..U3.0..V3.0..W3.1..\301..]3y1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3.2..q3@2..r3T2..s3f2..t3n2..u3.2..v3.2..w3.3..x3.3..y3.4..z3w4..{3.4..|3.5..}335..~3B5...3V5...3.5...3Y6...3k6...3.6...3.6...357...3.8...3)8...388...3T8...3.;...3.;...3.<...3)=...3J=...3S=...3_=...3i=...3|=...3.=...3.=...3.>...3\>...3m>...3.>...3.>...3.?...3P?...3.?...3.?...3.?...3.?...3.?...3.?...3.?...3.@...3!@...33@...34@...3F@...3I@...3r@...3.@...3.@...3.A...3.A...3!A...3AA...3FA...3SA...3zA...3.B...3.E...3.E...3.E...3%F...3mF...3.F...3.F...3.F...3.G...3.G...3.G...3.G...3.G...3)G...3,G...36G...39G...3GG...3KG...3RG...3TG...3\G...3dG...3lG...3uG...3|G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.G...3.H...3.H...34H...3PH

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\sr.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):143431
                      Entropy (8bit):4.961202463556463
                      Encrypted:false
                      SSDEEP:
                      MD5:3623088C6C26D0EE7DAF5DE310357DF0
                      SHA1:0E782A1AC1E3399AD5894A17DEAD4BC3AB61E84D
                      SHA-256:F85B40F343BBAC003F0415479B495DCA7BD9DE035F217D9612F9B6CC52A3C0A9
                      SHA-512:02C7FC0188FE8F4C37F8B4EF28CB9ABA6132B48181F6DBEA060B88156B9EA6742390B51E61688DC721AF0E3E7595DC8FF74B603FA543F41B3B818A74ED990BCC
                      Malicious:false
                      Reputation:low
                      Preview:........N...|../..}../..~. /....(/....-/....:/....@/....O/....`/....i/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....A0....f0.....0.....0.....0.....0.....0.....1.....1.....1.....1.....1....01....:1....J1....c1.....1.....1.....1..!..1.."..1..T3.1..U3.2..V392..W3P2..\3.2..]3,3..e3<3..f3J3..h3j3..l3x3..m3.3..n3.3..p3H4..q3.4..r3.4..s3.4..t3.4..u3 5..v3d5..w3"6..x3.6..y3y7..z3.8..{3.8..|3.9..}3:9..~3S9...3y9...38:...3C;...3\;...3.;...3.;...3.<...3.=...3.=...3.=...3->...3VA...3.B...3.C...3jD...3.D...3.D...3.D...3.D...3.D...3,E...3.E...3.E...3.F...3.F...3.F...3.G...3.G...3)H...3.H...3.H...3'I...35I...3GI...3QI...3]I...3.I...3.I...3.I...3.I...3.I...3.I...3AJ...3.J...3.J...3.J...3$K...31K...3`K...3lK...3~K...3.K...3.L...3`Q...3.Q...3.Q...3hR...3.R...3.S...3vS...3.S...3.S...3.S...3.S...3.S...3.S...3.S...3.S...3.S...3.T...3.T...3.T...3 T...3"T...3.T...3:T...3DT...3NT...3ZT...3fT...3vT...3.T...3.T...3.T...3.T...3.T...3.U...3JU...3tU...3.U

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\sv.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):87436
                      Entropy (8bit):5.530739418154172
                      Encrypted:false
                      SSDEEP:
                      MD5:CECAC975DA8212331485D7BF5392BDA2
                      SHA1:3605151B5F62C1E37AB0CEE5DAFFF74582A3C6DA
                      SHA-256:DA35273A00B1450A1E8845120ABC88ED78DC60CC6BA697F36B510D5BF5C4FB12
                      SHA-512:5B1961A5EF243A012B83085EB86E4223A1664064EFDDD15F9843EA689171D199B6AA410A521E639DDF0BE0C857A2464BBBFA3EAA120A4C9BAB84292111DA347C
                      Malicious:false
                      Reputation:low
                      Preview:........B...|.....}.....~../...../...../...."/....(/....7/....H/....Q/....f/....s/....y/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....#0....70....?0....G0....R0....X0...._0....b0....c0....k0....v0....|0.....0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.0..W3.0..\3:1..]3~1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3.2..q3/2..r3A2..s3M2..t3R2..u3p2..v3.2..w3.3..x3d3..y3.3..z3G4..{3.4..|3.4..}3.5..~3.5...325...3.5...3[6...3m6...3|6...3.6...3!7...3x7...3.7...3.7...3.7...3.8...3.9...3.9...3.9...3.9...3.:...3.:...3.:...3.:...3F:...3.:...3.:...3.;...3*;...3:;...3`;...3.;...3.;...3A<...3h<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3.=...36=...3^=...3.=...3.=...3.=...3.=...3.=...3.>...3.>...3<>...3.>...3.?...3.?...3.@...3m@...3.@...3.@...3.A...3.A...3>A...3BA...3MA...3UA...3XA...3bA...3eA...3oA...3rA...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3(B

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\sw.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):88707
                      Entropy (8bit):5.383674064254301
                      Encrypted:false
                      SSDEEP:
                      MD5:44197239C6617BAAFD86115F3232972B
                      SHA1:8C64C72E1F85409090B3B5D114F503E03DC6E4A2
                      SHA-256:3602D998BE0F2738290660E4316B96042D8C303775B23B6907A8B7D50F4D7ED7
                      SHA-512:BB63BB94B4FA6A5D786C35BB8E1DD2E2759FC4E961A51542AB753EB321108255D476C74732489969E6E6F6153F0E117FA42713938065711BBF0BD5520BF2A816
                      Malicious:false
                      Reputation:low
                      Preview:........6...|.....}.....~..................../...../...../....0/....9/....N/....[/....a/....p/....v/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....,0....30....80....?0....D0....K0....N0....O0....V0....b0....l0....q0.....0.....0.....0.....0..!..0.."..0..T3.0..U3.0..V3.1..W3.1..\3X1..]3.1..e3.1..f3.1..h3.1..l3.1..m3.1..n3.1..p3F2..q3x2..r3.2..s3.2..t3.2..u3.2..v3.2..w3K3..x3.3..y3L4..z3.4..{3Y5..|3p5..}3.5..~3.5...3.5...3j6...3,7...3?7...3Q7...3.7...3.7...3Y8...3j8...3}8...3.8...3.9...36:...3.:...3.:...3.:...3.;...3.;...3!;...3+;...3K;...3.;...3.;...3.<...3<<...3P<...3~<...3.<...3'=...3s=...3.=...3.=...3.=...3.=...3.=...3.=...3.>...3.>...3.>...3->...30>...3^>...3~>...3.>...3.>...3.>...3.>...3.?...3(?...39?...3V?...3.?...3.@...3.A...3.A...3oA...3.A...3.A...3%B...3RB...3bB...3fB...3qB...3wB...3zB...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.C...3.C...3!C...3:C...3OC...3bC...3.C

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\ta.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):221307
                      Entropy (8bit):4.222048314405936
                      Encrypted:false
                      SSDEEP:
                      MD5:4BE68E04BE286100AC901D77503D2B9E
                      SHA1:AAA714BAA581899B1DCBB37F58793C2E37BE6FF5
                      SHA-256:83BD8B194F8917503ABEC85A8C5CAF247B0FF7A0E71976CB6D0ECD5FC8602F0D
                      SHA-512:C3794ED039CA867AAFA24A28D4734023A4133F3A826EC223F14EC40097A151361FFCF9BEEB4DB81AE5D42CDD9CDF6F242ED6C338DEC34AA3E76F9AACDDE526BA
                      Malicious:false
                      Reputation:low
                      Preview:........<...|.....}.....~......../...../...../...../....+/....</....E/....Z/....g/....m/....|/...../...../...../...../...../...../...../...../...../...../...../...../...../....,0....l0.....0.....1....%1....C1....X1....d1....k1....n1....o1.....1.....1.....1.....2..../2....x2.....2.....2..!..2.."..2..T3.2..U3.3..V3A3..W3n3..\3.4..]3.4..e3.5..f3.5..h3B5..l3N5..m3.5..n3.5..p3v6..q3.6..r3.7..s3<7..t3W7..u3.7..v3C8..w3.9..x3.:..y3/<..z3j=..{3.>..|3*?..}3.?..~3.?...3I@...3.A...3.C...3.C...3;D...3.D...3?F...3AG...3.G...3.G...3dH...3.J...3+L...39M...39N...3.N...3.N...3.N...3.N...3.O...3.O...3]P...3.P...3.Q...3.Q...3jR...3.R...3.T...3.T...3.U...3DV...3.V...3.V...3.V...3.V...3.W...3NW...3.W...3.W...3.W...3.W...3.X...3hX...3.X...3.Y...3.Y...33Z...3^Z...3.Z...3.Z...3.[...3s[...3r\...3.`...3.`...3.a...3Jb...3.b...3`c...3.c...3.d...3+d...3/d...3:d...3Bd...3Ed...3Od...3Rd...3\d...3_d...3td...3xd...3.d...3.d...3.d...3.d...3.d...3.d...3.d...3.e...3.e...3%e...3Ie...3je...3.e...3.e...3.e...3.f...34f...3rf

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\te.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):205471
                      Entropy (8bit):4.4254008506382565
                      Encrypted:false
                      SSDEEP:
                      MD5:646FCD54839F059F45F5021E65A1BF8D
                      SHA1:D62948E65BC5894DB48D5941A2E5396E6D4F848F
                      SHA-256:992AE39F2D4E12446D63641163C2A2E50CFF039A22EEB7E1D10E4F3FB990ED86
                      SHA-512:004C58867ECCC90A1A99354211C06E9CBCDE55BB4BF1D5126D3AD8FA7FC3A9B091CF357D7AA935B4E139B8ADECD0D32CC8F22169C9B20321FB7BBC76613714DB
                      Malicious:false
                      Reputation:low
                      Preview:........L...|../..}../..~../....$/....)/....6/....</....K/....\/....e/....z/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../....'0....[0.....0.....0.....1....91....`1.....1.....1.....1.....1.....1.....1.....1.....1.....2....E2.....2.....2.....2..!..2.."..2..T3.3..U3-3..V3.3..W3.3..\3a4..]3.5..e3N5..f3Z5..h3.5..l3.5..m3.5..n3.6..p3.6..q307..r3k7..s3.7..t3.7..u3.8..v3}8..w3.9..x3.:..y3.;..z3.<..{3N>..|3.>..}3.>..~3.>...3X?...3.A...3.C...3'C...3}C...3.C...3QE...3+F...3gF...3.F...3.G...3BI...3-J...3.K...3.K...39L...3UL...3.L...3.L...3.L...3;M...3.N...3.N...3.O...3.O...3*P...3.P...3yQ...32R...3.S...3RS...3.S...3.S...3.S...3.S...3.T...3TT...3.T...3.T...3.T...31U...34U...3.U...3.U...3.V...3.V...3!W...3CW...3.W...3.W...3.W...31X...3.Y...3^\...3.\...3.\...3.]...3.^...3.^...3`_...3._...3._...3._...3.`...32`...35`...3?`...3B`...3L`...3O`...3x`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.`...3.a...3.a...3"a...3Ma...3ka...3.a...3.a...3.a...3.a...38b...3.b

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\th.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):178071
                      Entropy (8bit):4.499530269714375
                      Encrypted:false
                      SSDEEP:
                      MD5:14B118E1EC52CACA0E8F5503A18FB697
                      SHA1:CB8EF4B772BFC4CA1E1287399C04B6F94A9C95B8
                      SHA-256:01DA858D02F039D9AEBADF2C8D3C2726FBEB2715B5A38C46DCEE91D186D4014F
                      SHA-512:5E9B3B71AE91FEE69946841C71A08449D0073B7501852CC157F2B628478E31DD991877C692E97C079E93989B00E575671807ADF04AE0F069705306B1369B905E
                      Malicious:false
                      Reputation:low
                      Preview:........#...|.....}.....~................................/...../...../....+/....1/....@/....F/....X/....`/....e/....m/....x/...../...../...../...../...../...../...../...../...../....F0....j0.....0.....0.....0.....0.....0.....0.....0.....1....!1....31....f1.....1.....1.....1..!..1.."..1..T3.1..U3.2..V3O2..W3p2..\3.2..]3.3..e3.3..f3.3..h3.4..l3.4..m3D4..n3b4..p3.5..q3J5..r3w5..s3.5..t3.5..u3.5..v3+6..w3)7..x3N8..y3.9..z3.:..{3;<..|3e<..}3.<..~3.<...3.=...3N>...3.?...3.@...3>@...3.@...3.A...3DB...3iB...3.B...3.B...3ZE...3XF...3(G...3.G...3.G...3.H...3.H...36H...3QH...3.H...3!I...3rI...3`J...3.J...3.J...3.J...3.K...3cL...3.M...3TM...3.M...3.M...3.M...3.M...3.N...3_N...3.N...3.N...3.N...3.N...3.N...3.N...3sO...3.O...3.O...3.O...3>P...3MP...3aP...3.P...31Q...3.T...3.T...3.T...3.U...3.V...3.W...3yW...3.W...3.W...3.W...3.W...3.W...3.X...3.X...3.X...3.X...3.X...3)X...3-X...39X...3;X...3DX...3YX...3kX...3wX...3.X...3.X...3.X...3.X...3.X...3.X...3.Y...3"Y...37Y...3aY...3.Y...3.Y...3.Y...3QZ...3.Z

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\tr.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):91944
                      Entropy (8bit):5.6497652484010406
                      Encrypted:false
                      SSDEEP:
                      MD5:B5ADE2BF06460F13F80A213126DAD442
                      SHA1:A4747244957F18BE1E4E8E3A19F5A2BF4E348614
                      SHA-256:7FB57CA2EF966D68DCB887A5C4A69CD2EC084A86909B39B5C020D503B1F1D926
                      SHA-512:BC7E381F608F110966C4C894CDCD0A839883311FD93D98D658D2ED44552763B95E29E90A39A6FACCBCB8FDB026CC10CEF00F6893C4A8BED2229749D3CCA52511
                      Malicious:false
                      Reputation:low
                      Preview:........D...|.....}../..~../...../...../....&/....,/....;/....L/....U/....j/....w/....}/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....#0....90....S0....k0....r0....}0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..0.."..0..T3.1..U3.1..V361..W3G1..\3.1..]3.1..e3.1..f3.2..h3.2..l3.2..m3'2..n342..p3y2..q3.2..r3.2..s3.2..t3.2..u3.2..v3.2..w3y3..x3.3..z3]4..{3.4..|3.4..}3.5..~3$5...3=5...3.5...3.6...3.6...3.6...3.6...3e7...3.7...3.7...3.7...3.8...3L9...3.9...3.:...3Z:...3y:...3.:...3.:...3.:...3.:...3.:...3.;...3;;...3.;...3.;...3.;...3.<...3p<...3.<...3.=...33=...3\=...3b=...3j=...3l=...3p=...3.=...3.=...3.=...3.=...3.=...3.=...3.=...3.>...3e>...3|>...3.>...3.>...3.>...3.>...3.>...3.?...3V?...3.@...3.@...3.@...3kA...3.A...3.A...3.B...3<B...3LB...3PB...3[B...3cB...3fB...3pB...3sB...3}B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.B...3.C...3%C...33C...3TC...3yC...3.C

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\uk.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):153087
                      Entropy (8bit):5.049429314319333
                      Encrypted:false
                      SSDEEP:
                      MD5:790B68AE686C649E6CF87B0BEACF025C
                      SHA1:DADC03E4CECADBA6E7653299007B8456FF2A9CD5
                      SHA-256:5AEE02B568A167FFF78E33EBE72342142C94ABB68022867F33F0B4C549633A2E
                      SHA-512:922CD908591E72B328CA36AE511283EEA30407B981584C0E04ACD21698651B49AB919B8EE8E70B06CB0FE6169818257220678CBD8A00919A00AAB00E2FC0FE4E
                      Malicious:false
                      Reputation:low
                      Preview:........A...|.....}.....~../...../...../.... /....&/....5/....F/....O/....d/....q/....w/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....:0....e0.....0.....0.....0.....0.....0.....0.....0.....0.....1.....1....'1....91....M1....}1.....1.....1..!..1.."..1..T3.1..U3.1..V3.2..W3*2..\3.2..]3.3..e3(3..f363..h3S3..l3c3..m3.3..n3.3..p3"4..q3l4..r3.4..s3.4..t3.4..v3.4..w3.5..x3J6..y3(7..z3.7..{3.8..|3.9..}3Z9..~3{9...3.9...3.:...3.;...3.;...3.<...3m<...3==...3.>...3.>...3.?...3C?...3lC...3lE...3.F...3CG...3qG...3.G...3.G...3.G...3.G...3.H...3.H...3.H...3.I...3.I...3.I...3BJ...3.J...3`K...3.K...3+L...3.L...3.L...3.L...3.L...3.L...3.M...3BM...3CM...3^M...3aM...3.M...3.M...3cN...3.N...3.N...3.N...3.N...3.O...3 O...3nO...3nP...3.V...3.V...3.V...3.W...30X...3.X...3.X...3.X...3.Y...3.Y...3.Y...3!Y...3$Y...3.Y...31Y...3;Y...3>Y...3LY...3PY...3\Y...3^Y...3yY...3.Y...3.Y...3.Y...3.Y...3.Y...3.Y...3.Y...3.Y...3.Z...3+Z...3BZ...3eZ...3xZ...3.Z...3.Z...3.Z...3.[

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\vi.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):108193
                      Entropy (8bit):5.831549920388877
                      Encrypted:false
                      SSDEEP:
                      MD5:D5FB1A9C8C7ADFC77FA9D70D4CEC8246
                      SHA1:6DA77430658D3D4FE8501717CB77A1EF647781C0
                      SHA-256:3D94581673E34D169692107E41065765D44FE53A76FBC0F3BB39E3AC566D24D8
                      SHA-512:961ED9267E1AD0952EAF7047E230ABED5EAF0313D11D7FE299C158A2959A6E514BE8C4127C10504CEBCAC8B94171B0E9FDE324F3D7E0C58376E295A254472152
                      Malicious:false
                      Reputation:low
                      Preview:........4...|.....}.....~..................../...../...../....,/....5/....J/....W/....]/....l/....r/...../...../...../...../...../...../...../...../...../...../...../...../...../.....0....40....S0....\0....e0....q0....w0....~0.....0.....0.....0.....0.....0.....0.....0.....0.....0.....0..!..1.."..1..T3(1..U341..V3V1..W3f1..\3.1..]312..e3B2..f3R2..h3j2..l3n2..m3y2..n3.2..p3.2..q3(3..r373..s3G3..t3K3..u3b3..v3.3..w3'4..x3.4..y3K5..z3.5..{3o6..|3.6..}3.6..~3.6...3.6...3.7...3{8...3.8...3.8...3.8...3g9...3.9...3.9...3.9...3.:...3Q;...3.;...3c<...3.<...3.<...3.<...3.<...3.<...3.<...3'=...3~=...3.=...3">...33>...3N>...3u>...3.>...3d?...3.?...3.?...3.@...3(@...31@...37@...3;@...3U@...3.@...3.@...3.@...3.@...3.@...3.@...3.@...3OA...3hA...3.A...3.A...3.A...3.A...3.A...3.B...3XB...3gD...3.D...3.D...3IE...3.E...3.E...3.F...38F...3HF...3LF...3WF...3aF...3dF...3nF...3qF...3{F...3~F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.F...3.G...3)G...36G...3PG...3yG...3.G...3.G

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\zh-CN.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):80895
                      Entropy (8bit):6.73073895408233
                      Encrypted:false
                      SSDEEP:
                      MD5:D228304AFAC4B33FDE47F5EDF246D289
                      SHA1:07F0743D8CD94030904928CA155CD5CE12CA5D29
                      SHA-256:5379065EDBC64B510DA18C813BBAE85B571DA268CC6E4FCF0037160B496BB340
                      SHA-512:1D2B93FEE66053B997580F96FB28DB2A5CA2D5B763438B5A91150DCA01E746524E64A016F5E0BA898268CC2CCE4AB5123047FD4EAC039B1FF0608C5C30BE5CB4
                      Malicious:false
                      Reputation:low
                      Preview:............|.....}.....~................................................../.... /....&/....8/....@/....H/....S/....[/....j/....o/....w/....~/...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0.....0.....0....+0....?0....H0....N0..!.Z0..".]0..T3.0..U3.0..V3.0..W3.0..\3.0..]381..e3J1..f3S1..h3e1..l3k1..m3z1..n3.1..p3.1..q3.1..r3.2..s3.2..t3 2..u3/2..v3V2..w3.2..x3P3..y3.3..z3b4..{3.5..|3.5..}355..~3A5...3S5...3.5...3.6...3.6...3.6...3.6...3>7...3.7...3.7...3.7...3.7...3.8...3(9...3}9...3.9...3.9...3.9...3.9...3.9...3.9...3%:...3q:...3.:...3.:...3.;...3$;...3_;...3.;...3.<...3Z<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3.=...3.=...3.=...3_=...3y=...3.=...3.=...3.=...3.=...3.>...3.>...3+>...3@>...3.>...3+@...3H@...3T@...3.@...3.@...3.A...3FA...3kA...3{A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3.B...3.B...3.B...3#B...3,B...3;B...3PB...3_B...3tB...3.B...3.B...3.B

                      C:\Users\user\AppData\Local\Programs\unMiner\locales\zh-TW.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):80963
                      Entropy (8bit):6.722765072470102
                      Encrypted:false
                      SSDEEP:
                      MD5:500F2452A7F9C783423CD9E4A25BE0DA
                      SHA1:AA7E6661CB36C5D204A91A29B75F719A88721BFB
                      SHA-256:61D8670992226D20EDDF980A0E042863D9535556962515D1F91DEE54BDCE5750
                      SHA-512:B49AB5E330B10BB31B55A63F3C2A6997222F17CB63692E1C36A4F184C36DE048D9DE132D234C0674B3A2DDA106B6C0490779A5E8AE994185B1A2CAF238182779
                      Malicious:false
                      Reputation:low
                      Preview:............|.....}.....~............................................/...../....(/...../....=/....C/....U/....]/....b/....j/....r/....y/...../...../...../...../...../...../...../...../...../...../...../...../...../...../...../.....0.....0.....0....$0....00....D0....M0....S0..!.\0.."._0..T3.0..U3.0..V3.0..W3.0..\3.1..]3@1..e3R1..f3X1..h3d1..l3j1..m3.1..n3.1..p3.1..q3.2..r3.2..s3+2..t312..u3C2..v3d2..w3.2..x3U3..y3.3..z3R4..{3.4..|3.4..}3.5..~3(5...375...3.5...3e6...3v6...3.6...3.6...3.7...3.7...3.7...3.7...3.7...3.8...3.8...3R9...3.9...3.9...3.9...3.9...3.9...3.9...3.9...3.:...3O:...3.:...3.:...3.:...3.;...3^;...3.;...3.;...3.<...3E<...3K<...3Q<...3T<...3W<...3o<...3.<...3.<...3.<...3.<...3.<...3.<...3.=...3F=...3Z=...3i=...3u=...3.=...3.=...3.=...3.=...3.>...3.?...3.?...3.?...39@...3{@...3.@...3.@...3.@...3.A...3.A...3.A...3 A...3#A...3-A...30A...3:A...3=A...3IA...3MA...3VA...3ZA...3]A...3cA...3jA...3pA...3xA...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.A...3.B...3'B

                      C:\Users\user\AppData\Local\Programs\unMiner\resources.pak

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):4803373
                      Entropy (8bit):7.828831298444349
                      Encrypted:false
                      SSDEEP:
                      MD5:D9022282A7FBF3AA354559AB6A9C7926
                      SHA1:FF1F2B77D80848BC1A51E48C21A033EB57D8776C
                      SHA-256:DDC85D749B19CBABAE11A0B8F7114DAF75900179A2147280DD0F9F8FAEE7D65C
                      SHA-512:6B9AB157CF8E10D8A79EA2AD4E247210FE2A7FD75DAB086EB55951D4E028AF3060E1F42175BE936C6B093ABC2C3071C0FD1C45AFEE3C567A79E1B722FE5F5D97
                      Malicious:false
                      Reputation:low
                      Preview:............x.....z.."....%"....*".. ..%...(.,...(.M...(.Q...(5R...(.X...(.x...(.....(G... (....!(m..."(....#(....$(.5..%(.8..&(Z<..'(gN..((.P..)(BX..*(...+(....,(O...-(....(<...O(....P(K...Q(R...R(....S(x...T(....U(j...V(Z...W(....X( ...Y(...Z(....[(....\(U...](./..^(.K.._(.h..`(.k..a(.{..b(f...h(....i(....j(...k(...l(F...m(....n(d,..o(%M..p(.i..q(.s..r(ey..s(c...t(....u(....v(....w(i...x($ ..y(+...z(....{(.@..|(.r..}(....~(.....(....(E....(.....(.....(.....(R....(1....(.....(h....(.....(.....(Y....(.....(s....(.....)o....).....0Vz...0K....0.... 0C...!0....*00%..+0.+..,0.5..-0.7...0.>../0.U..00.]..10ua..20Qd..30Df..40(i..50.j..60@o..70vw..806z..90....:0...;0&....<....<.~...<.....<m....<E....<.3...<.;...<.B...<.H...<.I...<.N...<FT.. <.[..!<#s.."<:...,<Y]..-<.`...<:e../<.h..0<.j..1<dt..2<.}..3<...4<P...5<r&..6<.(..7<G*..8<.,..9<....:<5/..;<93..<<x:..=<.G..><7J..?<.M...=.Q...=|R...=:S...=HT...=LV...=.W...=eZ...=.[...=n]...=o^...=.`...=.a...=.b...=re..,=.q..-=....JB....TBOP..UB.Y

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\app.asar

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):20696735
                      Entropy (8bit):5.815455499379398
                      Encrypted:false
                      SSDEEP:
                      MD5:A0FAAB7F9B06EC871480211B9D22CCC7
                      SHA1:DB47FD6CBED23FAD1294B515678E8C94A39A5FB1
                      SHA-256:9D398A2146D77DBEC012724BBD0E0393E25A6E807D379061DE61BE856BC53970
                      SHA-512:2FEFCFEC7BEFCA1CB671032BF818FB9ABA090086774AF92A1E66EE8A0B065E6310BA20C02B3D0EF108C4BA43F9747F0A21000B94FBC48179968B998C682D4A02
                      Malicious:true
                      Yara Hits:
                      • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\Users\user\AppData\Local\Programs\unMiner\resources\app.asar, Author: Joe Security
                      Reputation:low
                      Preview:.....E...E...E..{"files":{"package.json":{"size":665,"offset":"0"},"dist":{"files":{"electron":{"files":{"index.html":{"size":409,"offset":"665"},"main.js":{"size":41737,"offset":"1074"},"renderer.js":{"size":587003,"offset":"42811"},"static":{"files":{"icon.ico":{"size":4213,"offset":"629814"},"icon.png":{"size":21840,"offset":"634027"},"ws.js":{"size":806,"offset":"655867"}}},"imgs":{"files":{"fa-brands-400--webfonts.svg":{"size":733939,"offset":"656673"},"fa-regular-400--webfonts.svg":{"size":145520,"offset":"1390612"},"fa-solid-900--webfonts.svg":{"size":919140,"offset":"1536132"}}},"fonts":{"files":{"fa-brands-400--webfonts.eot":{"size":134622,"offset":"2455272"},"fa-brands-400--webfonts.ttf":{"size":134316,"offset":"2589894"},"fa-brands-400--webfonts.woff":{"size":90672,"offset":"2724210"},"fa-brands-400--webfonts.woff2":{"size":77400,"offset":"2814882"},"fa-regular-400--webfonts.eot":{"size":34350,"offset":"2892282"},"fa-regular-400--webfonts.ttf":{"size":34052,"offset":"2926632

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\elevate.exe

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (console) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):107520
                      Entropy (8bit):6.442687067441468
                      Encrypted:false
                      SSDEEP:
                      MD5:792B92C8AD13C46F27C7CED0810694DF
                      SHA1:D8D449B92DE20A57DF722DF46435BA4553ECC802
                      SHA-256:9B1FBF0C11C520AE714AF8AA9AF12CFD48503EEDECD7398D8992EE94D1B4DC37
                      SHA-512:6C247254DC18ED81213A978CCE2E321D6692848C64307097D2C43432A42F4F4F6D3CF22FB92610DFA8B7B16A5F1D94E9017CF64F88F2D08E79C0FE71A9121E40
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B..O..............h.......j.q.....k.....e......e......e.......zR........._...h......h.f.............h......Rich....................PE..L......W............................l........0....@.......................................@....................................P.......x.......................T.......p...............................@............0..$............................text............................... ..`.rdata...k...0...l..................@..@.data...............................@....gfids..............................@..@.rsrc...x...........................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3\modify_tdr_delay.reg

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:Windows Registry text (Win2K or above)
                      Category:dropped
                      Size (bytes):152
                      Entropy (8bit):5.223074080667074
                      Encrypted:false
                      SSDEEP:
                      MD5:4D139158C7569970D1BA4DFDBF0C8E7A
                      SHA1:48A18311361ED6214B6CE03C394DC77193F11743
                      SHA-256:B2AB6EAD5FEFB66FF3C6BD0DD75158E6C1DF2E12599738D8D9A837980F1BCEE5
                      SHA-512:8356FE1973B23606749B3CFC66CB84A1A62DA381FC48725C5F84E3ED9F9F50EB46A03912DABC3C6DB4354505DFACB72B6EB660F493A65CB47453D68F5D0A9436
                      Malicious:false
                      Reputation:low
                      Preview:Windows Registry Editor Version 5.00....[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GraphicsDrivers].."TdrDelay"=dword:4.."TdrDdiDelay"=dword:4

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3\nbminer.exe

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):11974704
                      Entropy (8bit):6.457909959161181
                      Encrypted:false
                      SSDEEP:
                      MD5:4F8200E37144BBFA2F95C6E67F8AD99E
                      SHA1:FF1989568D7CDD0A007C9F3DCEDD23E887DEBB3E
                      SHA-256:1BB8192143BA2A3600C50F687D64D89115ABFC04C9772DDECBB4752DCE9DEEAE
                      SHA-512:E99A646EA9CFA35A81A9A62B3FC583FE98970DFBA8CCB310B78573F104363A5AD8D52AE2B0961F0D494A6293423646847497FD1B2BB417CDD4BE13897307AA26
                      Malicious:true
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.....c..........#.......]..<d..............@...................................#>.... ..........................................3b.V....b.......................0(....................................%.(...................0..p............................text...8.]......................... ..`.rdata....^..0].....................@..@.data....V..........................@....pdata......p......................@..@.qtmetadj.... ......................@..P.p8e......9..0...................... ..`./?l.........0......................@....eH*.....u...P...v..................`..h.rsrc..............................@..@........................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\NBMiner_Win_42.3\nbminer.exe.sha256

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):79
                      Entropy (8bit):4.211407571170912
                      Encrypted:false
                      SSDEEP:
                      MD5:5C5832CDF2D58C6CFEACC8C5C160F21C
                      SHA1:EA37B9C97EB814756FC941A4A0E01348FF73FA75
                      SHA-256:3B20BAD5F5762D92667316337A68B9ECED07C1352BC7FF32BF1C02900CBBA4F3
                      SHA-512:1176ED196FB986E290B74197BFE47B6801E0A9F3628D023341FA27570A573C92AB49670F67D93029C9C22DCBDD94746C83F7E0EF3CD61DD592E2AE2FC6D293B5
                      Malicious:false
                      Reputation:low
                      Preview:bb3af0c03e6b0833fa268d98e5a8b19e78fb108a830b58b2ade50c57e9fc9bed nbminer.exe..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\license.txt

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):5844
                      Entropy (8bit):5.200791802852847
                      Encrypted:false
                      SSDEEP:
                      MD5:DE38C0740E1802E937E8DBE923114B02
                      SHA1:EF8477B6538EE83D2655EBA87AD9695F3EBE14F1
                      SHA-256:5347B07268CCAE1806B53F4B6AC7F0A3B0B326C8D75FA0C157A4EF3091E33C84
                      SHA-512:A8B6BD58F563D928FEC2813013EE78238F3A0F327DC41BDC84E3A7F3F80C9DEE7F418F8E4ADAFD7EF7B6A2035321A560837877FD5E8E3CA27544C5AE1AAE230A
                      Malicious:false
                      Reputation:low
                      Preview:lolMiner License Agreement ..Copyright (c) 2021 Lolliedieb....1. Subject to the terms of this Agreement, you are granted a revocable, non-exclusive, non-transferable, limited and worldwide license to use this software for the internal use only.....2. You may not sell, transfer, rent, assign, lease, loan, sublicense, lend, resell, redistribute or otherwise share this software. ..Further, you shall not modify, make derivative works based upon, recreate, generate, disassemble, decompile, reverse engineer, reverse assemble, ..reverse compile or otherwise attempt to derive the human-readable form of the source code of any parts of this software.....3. As an exception to point 2 the software may be redistributed for use in mining operation systems if and only if the redistribution contains the original executable and kernel files without modification.....4. You may not cancel, reduce, change, remove, block, or redirect built-in developer fee in any way....5. THE SOFTWARE IS PROVIDED "AS IS",

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.cfg

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):873
                      Entropy (8bit):3.713938103776698
                      Encrypted:false
                      SSDEEP:
                      MD5:A97FCCC15D42F0B3CBCE1A1DF1D98944
                      SHA1:EBEC2D3F23422F6579A8459ED9DB2BE4D310E8D7
                      SHA-256:57DB9AB8DFDEB7BF6D2E585837A42ADA4B800B9FD29E3F72CFC196C8F3F9E425
                      SHA-512:E5B4E292DB80369F1A06C5CA2B6D25A1578D25C61948837AD4BC8A27C9AC6E8008E0D9F04F3A93CED01D4B9238EE427AB341641C5E90E5A26CF325CADF95EA34
                      Malicious:false
                      Reputation:low
                      Preview:..#..# lolMiner 1.0 configuration..# uncomment a line (remove the starting "#") to set an option in this file..# The available options are the same as in the command line..# See readme.txt to get a list of available options ..#....################################################################################..# Required Options..################################################################################....# algo=<the algorithm to mine>..# pool=<example address>:<example port>..# user=<your wallet address or pool user name>....################################################################################..# Comfort functions..################################################################################....# apiport=<the port to open api>..# shortstats=<interval between the short statiscics>..# longstats=<interval between the verbose statiscics>....

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\lolMiner_1.76\lolMiner.exe

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32+ executable (console) x86-64, for MS Windows
                      Category:dropped
                      Size (bytes):8091288
                      Entropy (8bit):7.999962516507925
                      Encrypted:true
                      SSDEEP:
                      MD5:055EAEC478C4A8490041B8FA3DB1119D
                      SHA1:F0ED5C7D10DAAEC6F8866E307538E169A2FE6C5E
                      SHA-256:2D4ADB8E894B22D6C60C3877995BA5E9845EC6005FC95382C395396EB84B1E73
                      SHA-512:AE9CEAD17495531C98CCA0D174648C24916AA8BDA451AD9BAAD4A5979D6FFA6EB69BFCF11122E02E11FC69F889FA147EEEE738A0A6B8A4B837187E5305C524D7
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 61%
                      Reputation:low
                      Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$............b...b...b.......b......$b....F..b.......b.......b.......b.......b...b...b..Y....`..h....b.......b...b...c..5....b..5....b..5.D..b..5....b..Rich.b..........................PE..d...SP[d.........."......P{......@....u..P.....@..............................u.....S.{...`..................................................u.t.....u.......q.<....Z{.....P.u.$...........................p.u.(.....u.8...........................................UPX0.....@..............................UPX1.....P{..P...P{.................@....rsrc.........u......T{.............@..............................................................................................................................................................................................................................................................................................................4.02.UPX!.$..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\SHA256SUMS

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):757
                      Entropy (8bit):4.722130461589226
                      Encrypted:false
                      SSDEEP:
                      MD5:CA2F225F752B25E41C585891FF4C382C
                      SHA1:06F8DDAA0DD958081744B5537A9109DF344C7D95
                      SHA-256:F6EC697E2397BF2C55A31F268AB51577700B8FA51F075EEF2237FC8F39785455
                      SHA-512:C69C3893FD65A244445160173C0EAEB4A077498B61A76022BD519E3A1D586D886F0D6C8CDB2AA0020F17B8E4A21D856A420094918F382E0A05B02F276074B4FA
                      Malicious:false
                      Reputation:low
                      Preview:11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5 *WinRing0x64.sys..235a64e3520b1c2c27763122b303f78aee8d7c083dfd9f1eb936cd5174383609 *benchmark_10M.cmd..d7747e7a3c782009f4ceb6e9c106115876386853929563b509da5258e3968d15 *benchmark_1M.cmd..2b03943244871ca75e44513e4d20470b8f3e0f209d185395de82b447022437ec *config.json..0cb636ec3c530eb9162a3388b559b558a4dd9ac1600682c2190fd30acf2bf731 *pool_mine_example.cmd..810614290bdb14d2ddf10f65f8adc988a8272764f2a9e2c378e52fad162da344 *rtm_ghostrider_example.cmd..93b709c451e31bdf7febb89bae9786e7d137554365071f0264311ec36e9ed612 *solo_mine_example.cmd..9554e811347798d784bbe0ed5fa212e95dc8783a34cbc298454805f0988cb577 *start.cmd..8e1c569508baacd7803f80728c03ed1d6ab098a1576c6470420e7a3af84c489c *xmrig.exe..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\benchmark_10M.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:DOS batch file, ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):65
                      Entropy (8bit):4.780382336825371
                      Encrypted:false
                      SSDEEP:
                      MD5:F134F32623706671F4612B2357001759
                      SHA1:27A8F932017E8EF7FD0851C4548780484A03ECE9
                      SHA-256:2A1B9C38A05B5D63F115E8B3B0F419B324EEE36D262E745D0C50BE425DA6140B
                      SHA-512:E71E6011335655D7717C043FAFA1B2BD3FA1F8E1FCA44511131DF34CD4013328AFFAFCDE5FD67BD5633BF0A0C46C73624EA3697722A102F3E06B35DDD29706D7
                      Malicious:false
                      Reputation:low
                      Preview:@echo off..cd /d "%~dp0"..xmrig.exe --bench=10M --submit..pause..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\benchmark_1M.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:DOS batch file, ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):64
                      Entropy (8bit):4.7698585007312415
                      Encrypted:false
                      SSDEEP:
                      MD5:E32F1DB638F6986B041F1607D94E7634
                      SHA1:9B3BFB94C5C64C481C460008D210858F7E768482
                      SHA-256:6C8233DB1EB92CA8BD7D8B442B2B3DABE6E7DA5B1DACE2D1B81C248F96CB99E4
                      SHA-512:760CEC4771366777CA02EC2FF94EA02D3039C648266BCF31B686FC1C81454364F2C03B6541105202C0D6683778882EE1FD0F2677BF5B7BB1886A5E2747487974
                      Malicious:false
                      Reputation:low
                      Preview:@echo off..cd /d "%~dp0"..xmrig.exe --bench=1M --submit..pause..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\config.json

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:JSON data
                      Category:dropped
                      Size (bytes):2450
                      Entropy (8bit):4.059270436145162
                      Encrypted:false
                      SSDEEP:
                      MD5:206205B0B3EF5D149AE6C8170E923AD7
                      SHA1:4D873D5C16839BABAFB678D968805BD0375CB0CC
                      SHA-256:6352EF24745983D0225F8BE6B24CB2A606C1F67BD25E7C0A0E2C10FADFFD5BC5
                      SHA-512:C81EC46441748B5D6A4DD8A38FFDFE180D78C5186119FC93F4035A497E04BC500C4AECEB4C169F55247FF4D538779673FBD2C46130D64C4E023B1FD015DA8606
                      Malicious:true
                      Yara Hits:
                      • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\config.json, Author: Joe Security
                      Reputation:low
                      Preview:{.. "api": {.. "id": null,.. "worker-id": null.. },.. "http": {.. "enabled": false,.. "host": "127.0.0.1",.. "port": 0,.. "access-token": null,.. "restricted": true.. },.. "autosave": true,.. "background": false,.. "colors": true,.. "title": true,.. "randomx": {.. "init": -1,.. "init-avx2": -1,.. "mode": "auto",.. "1gb-pages": false,.. "rdmsr": true,.. "wrmsr": true,.. "cache_qos": false,.. "numa": true,.. "scratchpad_prefetch_mode": 1.. },.. "cpu": {.. "enabled": true,.. "huge-pages": true,.. "huge-pages-jit": false,.. "hw-aes": null,.. "priority": null,.. "memory-pool": false,.. "yield": true,.. "max-threads-hint": 100,.. "asm": true,.. "argon2-impl": null,.. "cn/0": false,.. "cn-lite/0": false.. },.. "opencl": {.. "enabled": false,.. "cac

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\pool_mine_example.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):1051
                      Entropy (8bit):4.98639610714284
                      Encrypted:false
                      SSDEEP:
                      MD5:C1400AD6B844593311BBD7EB038F676B
                      SHA1:A185E85AE4530159DE662B99E90A728555C46A65
                      SHA-256:DADEE8CFAFD2CE3EDED7D7D5D45F29DC9EEEBF908B1848F84AC8346510C2D9BA
                      SHA-512:58BDF93905F57102DC7921CBA40E1DCD2F2853B77F61A0BEDF7E3159CB6A7586ECC20E475AEE82AC0FA794FB137DE7CD952F34431E1CC77F56F131EA3C7A053A
                      Malicious:false
                      Reputation:low
                      Preview::: Example batch file for mining Monero at a pool..::..:: Format:..::.xmrig.exe -o <pool address>:<pool port> -u <pool username/wallet> -p <pool password>..::..:: Fields:..::.pool address..The host name of the pool stratum or its IP address, for example pool.hashvault.pro..::.pool port ..The port of the pool's stratum to connect to, for example 3333. Check your pool's getting started page...::.pool username/wallet .For most pools, this is the wallet address you want to mine to. Some pools require a username..::.pool password ..For most pools this can be just 'x'. For pools using usernames, you may need to provide a password as configured on the pool...::..:: List of Monero mining pools:..::.https://miningpoolstats.stream/monero..::..:: Choose pools outside of top 5 to help Monero network be more decentralized!..:: Smaller pools also often have smaller fees/payout limits.....cd /d "%~dp0"..xmrig.exe -o pool.hashvault.pro:3333 -u 48edfHu7V9Z84YzzMa6fUueoELZ9ZRXq9VetWzYGzKt52XU5xvqgzYnDK9

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\rtm_ghostrider_example.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):1243
                      Entropy (8bit):4.623862661072998
                      Encrypted:false
                      SSDEEP:
                      MD5:7B7F3DE15E2F10B13C298DBA6CBA433F
                      SHA1:44212C67D255FBC1191514DF8B766D7BFFF19256
                      SHA-256:DD526EABD38B8EE95ACFC2C4BD6247B3E1B57E4666CDDA37C3B051355BB8C996
                      SHA-512:5BC657B6268B1F56EA8EC74C43E104D3F4A38DA548670B6A636B29DB9C1476260BEB2FD8B8D2DF9CC2F1BE3807BABF9FF5C2B734FC8400739134244656E2077C
                      Malicious:false
                      Reputation:low
                      Preview::: Example batch file for mining Raptoreum at a pool..::..:: Format:..:: xmrig.exe -a gr -o <pool address>:<pool port> -u <pool username/wallet> -p <pool password>..::..:: Fields:..:: pool address The host name of the pool stratum or its IP address, for example raptoreumemporium.com..:: pool port The port of the pool's stratum to connect to, for example 3333. Check your pool's getting started page...:: pool username/wallet For most pools, this is the wallet address you want to mine to. Some pools require a username..:: pool password For most pools this can be just 'x'. For pools using usernames, you may need to provide a password as configured on the pool...::..:: List of Raptoreum mining pools:..:: https://miningpoolstats.stream/raptoreum..::..:: Choose pools outside of top 5 to help Raptoreum network be more decentralized!..:: Smaller pools also often have smaller fees/payout limits.....cd /d "%~dp0"..:: Use this com

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\solo_mine_example.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):836
                      Entropy (8bit):5.131577332175798
                      Encrypted:false
                      SSDEEP:
                      MD5:861D185A8EEC6CB0E062657DB39A7FA2
                      SHA1:6F206DB38BDECF79D9EAF22F194D19FD6A6BC055
                      SHA-256:49547A83DC45D37E106CFE5BA447E262021222D15E9876E66F17AE02C65DD964
                      SHA-512:FD496430FD1A7B4F85BBE96C49A75FC68C89232394EC57CCEE68718829DD76DC0B0AFCAF7EF1C19197C3AB4D5C08D7F7E87049FAB1EBA51E3F0AF39E2BB25894
                      Malicious:false
                      Reputation:low
                      Preview::: Example batch file for mining Monero solo..::..:: Format:..::.xmrig.exe -o <node address>:<node port> -a rx/0 -u <wallet address> --daemon..::..:: Fields:..::.node address..The host name of your monerod node or its IP address. It can also be a public node with RPC enabled, for example node.xmr.to..::.node port ..The RPC port of your monerod node to connect to, usually 18081...::.wallet address..Check your Monero CLI or GUI wallet to see your wallet's address...::..:: Mining solo is the best way to help Monero network be more decentralized!..:: But you will only get a payout when you find a block which can take more than a year for a single low-end PC.....cd /d "%~dp0"..xmrig.exe -o node.xmr.to:18081 -a rx/0 -u 48edfHu7V9Z84YzzMa6fUueoELZ9ZRXq9VetWzYGzKt52XU5xvqgzYnDK9URnRoJMk1j8nLwEVsaSWJ4fhdUyZijBGUicoD --daemon..pause..

                      C:\Users\user\AppData\Local\Programs\unMiner\resources\miners\win32\xmrig-6.19.2\start.cmd

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:DOS batch file, ASCII text, with CRLF line terminators
                      Category:dropped
                      Size (bytes):29
                      Entropy (8bit):4.0472990984266435
                      Encrypted:false
                      SSDEEP:
                      MD5:6EB783BC229F92D0F8285500928AC8A1
                      SHA1:C2740B6E8A535176E3DF92C0417EF1A4D5E1BC46
                      SHA-256:9554E811347798D784BBE0ED5FA212E95DC8783A34CBC298454805F0988CB577
                      SHA-512:F9019E39E93F627873A9DEF844F4F8BCE8CC49F0B757181BD2C06B30D24B75332FFC921D073F2C2481794A5CF0D507564E265E5E40585E090105B882873B1575
                      Malicious:false
                      Reputation:low
                      Preview:@echo off..xmrig.exe..pause..

                      C:\Users\user\AppData\Local\Programs\unMiner\snapshot_blob.bin

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):50595
                      Entropy (8bit):7.986406226119553
                      Encrypted:false
                      SSDEEP:
                      MD5:DB6712BFC11F0E01FF835798A78F79EC
                      SHA1:F84398E9CECF2A55B54D73E11BBA355ADC3DBB41
                      SHA-256:5B0E35938698CAAEE67DA1EE74BEC19FC2F9A14F32FB470DA9CF66B5745353F0
                      SHA-512:9FD24DB53A10AD0D59504EB2BA12FBAF3A6E0B011E1398A1BF73F2D9FD7BAFC2B2B0B533ABA621CB908E048D59E2A2A5B023AEC3ED2CD213DD3CA1EE4246741F
                      Malicious:false
                      Reputation:low
                      Preview:.........m.c8.3.110.13-electron.0............................................^..........@....}|T.?<.....J0`..&..`...D.L0c.$@P...0.h...%Tl...#.XQ..5VZ.5^.b..+**.X...$^...@......L29do......y.5..g..^g..~9oX.lM.X,O..OK..V..r,`.|Jho..!.,A..+.}.m.$..{.....*...F..4.9...q..k^=........j....W8......*.....gHM[.....w..k.O.|....'...f..............^.0>...V...Ozy.f......2_.h|.(u..I..&H..^.d|...Ojv.f.3D.z....3.e]1.f...k.!'..-MS..w*..t../'d.z..r......ty.Eu.....".._h..T{..k^..?T.z..$.T._.I....d.....\Z.<.....X...0.,=H/........o.%.............S.E.^"..h../.!.R .. ..`...X...`2....`:...Z...`1T@...2...`%..w.j........#.(<.O...,<.[.%x.....x.>...1|....|...;P..).R....@..C...@.....T [.\..)0Q.<...(P .@..%..*0G.2.".D..)P......hT`.....(..*...X..Z..)..z.6(.Q.N.6).Y.-.t).M....P.[....R`..=..S`....8..Q..+pB.E.....|*.*$.0D.a*.....H..U.Ua...U.S!_....*..P.B..sT(S!.BT....*,Q.A.F.V..B...*.R.].5*.Ua...*.Wa...U.Ta...U.B...T.....U....v...>...pP..*.U..'TP.`....>+.VH...+..B..2.0...V..8+L.B...P`..

                      C:\Users\user\AppData\Local\Programs\unMiner\v8_context_snapshot.bin

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:data
                      Category:dropped
                      Size (bytes):170894
                      Entropy (8bit):7.9953556669505765
                      Encrypted:true
                      SSDEEP:
                      MD5:24A8CCB59D71F491E0CA72FC2B113955
                      SHA1:3715F364C55B8D8B2BB0CE9FE3328D00095A6CAE
                      SHA-256:9BB627F1C7C1E085F599A5E89A0481954B81D97024C7BBE0217B400369E63342
                      SHA-512:0796D96C11295FFF12A39556494BCAC580C69839A8833390F8B3E4E339E7A0BA25267FE8FE1DB9C5F489D325EFBFFE455B9CA3BF3A3FE55184AE630B9D77CFFB
                      Malicious:false
                      Reputation:low
                      Preview:............8.3.110.13-electron.0...........................................g8...s......H$......p/...}.M..?>.a.9s..9...B(B.Ef...0..E...9.9g..a\...\.CQ).[.p.KQ.E.n.E..(..F.w...k..^{.....^.......>...>k}..$...4)).u$L..~......=).......5....o......k~.+.|.*I;....o.9..d............+.g..<..\..O2@.3.......|...^S....N:...........Dv..|..%.Q..=....'LI.....n..t{..}!5k.T..q.O.Y...?...8..sN.7..._~s..M.d ./...d.3;E..v..E2....Kd........<....w..,...xw2+.RF...u...*#.....kd.Z.^FL|Ne.n...2..;S..Az..~.P..V..uZ./JII.5.....d....<d2...c&7.].......I....$mO.?4.r6M...$..c....5c.(...........`..=...A..._.:...f...I.-....nr:............_............~..'........B....B..'4.......B'..p..K..}..B.0D..<(..J.r!$T.qa.0Y.&<*<.<)........I....+...:.M._.;.{...G.'.~.3...+........pM0.....f.l&.i.<&..I.2.MMB....$.5..LBg...$.0..&!.$.3..MB.I.j.F..Q&!`.D..4..&a.IH..j.0.$L7.3M.l..I.o....%&.y...$.4....5&a.I.h.6...&a.I.i.v...&.I8d....c&.I8m...s&.I.d....?L..,...4.`3.N..1...B.Yhj.Z...f..Y.`.:..n

                      C:\Users\user\AppData\Local\Programs\unMiner\vk_swiftshader_icd.json

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:JSON data
                      Category:dropped
                      Size (bytes):106
                      Entropy (8bit):4.724752649036734
                      Encrypted:false
                      SSDEEP:
                      MD5:8642DD3A87E2DE6E991FAE08458E302B
                      SHA1:9C06735C31CEC00600FD763A92F8112D085BD12A
                      SHA-256:32D83FF113FEF532A9F97E0D2831F8656628AB1C99E9060F0332B1532839AFD9
                      SHA-512:F5D37D1B45B006161E4CEFEEBBA1E33AF879A3A51D16EE3FF8C3968C0C36BBAFAE379BF9124C13310B77774C9CBB4FA53114E83F5B48B5314132736E5BB4496F
                      Malicious:false
                      Reputation:low
                      Preview:{"file_format_version": "1.0.0", "ICD": {"library_path": ".\\vk_swiftshader.dll", "api_version": "1.0.5"}}

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\StdUtils.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):102400
                      Entropy (8bit):6.729923587623207
                      Encrypted:false
                      SSDEEP:
                      MD5:C6A6E03F77C313B267498515488C5740
                      SHA1:3D49FC2784B9450962ED6B82B46E9C3C957D7C15
                      SHA-256:B72E9013A6204E9F01076DC38DABBF30870D44DFC66962ADBF73619D4331601E
                      SHA-512:9870C5879F7B72836805088079AD5BBAFCB59FC3D9127F2160D4EC3D6E88D3CC8EBE5A9F5D20A4720FE6407C1336EF10F33B2B9621BC587E930D4CBACF337803
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........q....C...C...C...C...C...C...C...C...C...C...C...C...C.[.C...C.[.C...C.[.C...C.[.C...CRich...C........................PE..L...I..[...........!.....*...b...............@.......................................+....@..........................}..d....t..........X............................................................................@...............................text....).......*.................. ..`.rdata..TC...@...D..................@..@.data...l............r..............@....rsrc...X............x..............@..@.reloc..j............~..............@..B................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\System.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):12288
                      Entropy (8bit):5.719859767584478
                      Encrypted:false
                      SSDEEP:
                      MD5:0D7AD4F45DC6F5AA87F606D0331C6901
                      SHA1:48DF0911F0484CBE2A8CDD5362140B63C41EE457
                      SHA-256:3EB38AE99653A7DBC724132EE240F6E5C4AF4BFE7C01D31D23FAF373F9F2EACA
                      SHA-512:C07DE7308CB54205E8BD703001A7FE4FD7796C9AC1B4BB330C77C872BF712B093645F40B80CE7127531FE6746A5B66E18EA073AB6A644934ABED9BB64126FEA9
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L....~.\...........!....."...........).......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\UAC.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):14848
                      Entropy (8bit):5.715583967305762
                      Encrypted:false
                      SSDEEP:
                      MD5:ADB29E6B186DAA765DC750128649B63D
                      SHA1:160CBDC4CB0AC2C142D361DF138C537AA7E708C9
                      SHA-256:2F7F8FC05DC4FD0D5CDA501B47E4433357E887BBFED7292C028D99C73B52DC08
                      SHA-512:B28ADCCCF0C33660FECD6F95F28F11F793DC9988582187617B4C113FB4E6FDAD4CF7694CD8C0300A477E63536456894D119741A940DDA09B7DF3FF0087A7EADA
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........#.?NB.lNB.lNB.li..lEB.lNB.l.B.li..lMB.li..lOB.li..lOB.li..lOB.lRichNB.l................PE..L...@.dU...........!.....,...........).......@...............................p.......................................;..<....3..x....P.......................`..........................................................\............................text....+.......,.................. ..`.data...d....@.......0..............@....rsrc........P.......2..............@..@.reloc.......`.......4..............@..B........................................................................................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\app-64.7z

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:7-zip archive data, version 0.4
                      Category:dropped
                      Size (bytes):107640228
                      Entropy (8bit):7.999969333905636
                      Encrypted:true
                      SSDEEP:
                      MD5:CC44AB818B695DA6E90371E37C33CD6D
                      SHA1:6F394D937C60DFB169DA6D5153F1476C747771C0
                      SHA-256:FB2CA150B7566382E1310FDB1440C27A29398425FE31D7058C7CB6B111ECFD1F
                      SHA-512:B28A89805E6F92F1AE7A21E4A5AA44B0F223A0D65C9295F5F12993FD13F5A51747FD3BAE738D8F6366941E062C7D5918CAEA2411CF9A1ECDB9090942351D2957
                      Malicious:false
                      Reputation:low
                      Preview:7z..'.....!._uj.....%................]...6.....a.....{.[.h..G..._+...+]....[h.[..3 fm...f..?%W..g........g..........8U.d..p.S....58.O...=.G.hN...:..*..s...L...1.R.5...b..........s........q.4.^.0..*.*.......IE..\d........}...../..T`..A.....U.o../...m..Yg......o....g..4MNZN*.'..L.".l....4.........4....&g...h.84..k...8&b......R.S..ww7.{.(r...xX.........O.%(.G..x..-[Q.=.`^?K3.+v.....,..Q.x^.&..GV&.B.y..e..0......UtN..]....Y.._..U.....^l..P.......N[.s.v........uH.[)sz.EtD3..@....P...W.Frf.a.p...Z..0.....gs..8..*j..M..i>....;LH.Z.......I..?.;.~.!.... ....9..X+r.~.H.............P{.T*..,.8&.....%..N...4M.....$.r.A...u..4,:M-.Kh.H..P..1.v:o.......(X ~dB..(...!.........j;...d..u.|C.e.z@.../.x$...Q_9.)..|q4..|.-JJ..rhsT..^F.............RY6_..K.6..(...5.m...Ha....1;..)..r.ec...l....e.$s..(&z.W.f.~..x.l.~....,....u.V...w.gH.T.Cy.l.c..4.mK..+.k.N.{x.....2ts ....1.n.F..0,a..V5.....@....%(J..?...G.Q....Vr.=s...Xm...N2. +FS{...y...#K.5...%.\..*.

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\modern-wizard.bmp

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154490, resolution 11808 x 11808 px/m, cbSize 154544, bits offset 54
                      Category:dropped
                      Size (bytes):154544
                      Entropy (8bit):2.3258352355662457
                      Encrypted:false
                      SSDEEP:
                      MD5:52FF52EEE3B944B862C11C268A02C196
                      SHA1:8D041966E6FBA10AA5E10CE5DC1DC5175F11B2FE
                      SHA-256:2079F7A3EBA60E0D9EE827A7208AA052A71B384873B641DE5E299AEB8E733109
                      SHA-512:2861AE5A06F8413810947C08994F4C0DA54A1ACEE8C4DF72CD8B03A9503B26E5512809F8D70FD584239B04A651E7329A701BF7DDCEE2DEC2C2E14D05AE74F220
                      Malicious:false
                      Reputation:low
                      Preview:BM.[......6...(.......:...........z[.. ... ............x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..x..

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsDialogs.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):9728
                      Entropy (8bit):5.1559889224761974
                      Encrypted:false
                      SSDEEP:
                      MD5:466179E1C8EE8A1FF5E4427DBB6C4A01
                      SHA1:EB607467009074278E4BD50C7EAB400E95AE48F7
                      SHA-256:1E40211AF65923C2F4FD02CE021458A7745D28E2F383835E3015E96575632172
                      SHA-512:7508A29C722D45297BFB090C8EB49BD1560EF7D4B35413F16A8AED62D3B1030A93D001A09DE98C2B9FEA9ACF062DC99A7278786F4ECE222E7436B261D14CA817
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..c8O`08O`08O`08Oa0.O`0.@=05O`0llP0=O`0.If09O`0.od09O`0Rich8O`0........PE..L....~.\...........!.........0......g........0............................................@..........................6..k....0.......p...............................................................................0...............................text............................... ..`.rdata..{....0......................@..@.data...h!...@......................@....rsrc........p....... ..............@..@.reloc..~............"..............@..B................................................................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsExec.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):6656
                      Entropy (8bit):5.155286976455086
                      Encrypted:false
                      SSDEEP:
                      MD5:EC0504E6B8A11D5AAD43B296BEEB84B2
                      SHA1:91B5CE085130C8C7194D66B2439EC9E1C206497C
                      SHA-256:5D9CEB1CE5F35AEA5F9E5A0C0EDEEEC04DFEFE0C77890C80C70E98209B58B962
                      SHA-512:3F918F1B47E8A919CBE51EB17DC30ACC8CFC18E743A1BAE5B787D0DB7D26038DC1210BE98BF5BA3BE8D6ED896DBBD7AC3D13E66454A98B2A38C7E69DAD30BB57
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................,..................Rich...........PE..L....~.\...........!......................... ...............................P............@..........................$..l.... ..P............................@....................................................... ...............................text............................... ..`.rdata..L.... ......................@..@.data........0......................@....reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Local\Temp\nspA0C6.tmp\nsis7z.dll

                      Download File
                      Process:C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe
                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Category:dropped
                      Size (bytes):434176
                      Entropy (8bit):6.584811966667578
                      Encrypted:false
                      SSDEEP:
                      MD5:80E44CE4895304C6A3A831310FBF8CD0
                      SHA1:36BD49AE21C460BE5753A904B4501F1ABCA53508
                      SHA-256:B393F05E8FF919EF071181050E1873C9A776E1A0AE8329AEFFF7007D0CADF592
                      SHA-512:C8BA7B1F9113EAD23E993E74A48C4427AE3562C1F6D9910B2BBE6806C9107CF7D94BC7D204613E4743D0CD869E00DAFD4FB54AAD1E8ADB69C553F3B9E5BC64DF
                      Malicious:true
                      Antivirus:
                      • Antivirus: ReversingLabs, Detection: 0%
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......L.6a..X2..X2..X2m.[3..X2m.]3..X2Z.]3+.X2Z.\3..X2Z.[3..X2m.\3..X2m.Y3..X2..Y2..X2..\3#.X2..]3..X2..X3..X2...2..X2...2..X2..Z3..X2Rich..X2........PE..L.....\...........!......................... ...............................@............@..........................6.......7..d................................E.....................................@............ ...............................text............................... ..`.rdata..8"... ...$..................@..@.data........P... ...6..............@....rsrc................V..............@..@.reloc...E.......F...Z..............@..B........................................................................................................................................................................................................................................................................................

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 7 21:08:16 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2673
                      Entropy (8bit):3.9831164742249414
                      Encrypted:false
                      SSDEEP:
                      MD5:278DC61EF51DB66523828EF1AE1CAF08
                      SHA1:682C58D010FC1069EC4D3B44758FA7317ECDB164
                      SHA-256:A33DCA6DC9F867B2791E1AF95A471A3050158F619F8A41E710C580FB6989A4E8
                      SHA-512:74B0BEA2C35CC8BD6485F822DA1255FE0747B1ED28F9ABA637287B328F2BE70A9B3E5D48ACD022D9848E65CDD14E7BEA57CEC401BC575B0E797855EF2662A2FD
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,........Y)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 7 21:08:16 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2675
                      Entropy (8bit):4.000402336222858
                      Encrypted:false
                      SSDEEP:
                      MD5:FDC52673F4A18D8BAF91C0D75DF66B6C
                      SHA1:B2BF3B5A4129A600A53B9EC93124C43063004C17
                      SHA-256:EDC115B95A5AD3C61C657F9EA401F7364252E3D576EC8D7F383C1368F222971B
                      SHA-512:A9E6E62ED1BB0AC8A56917AF5CAB0B93D57968EA739D14E530EE04EE292690EB18EB1AF5A1E6ACFC63C83029051D5EE0529BD99F62CC91E8DFF084E0DC022A2A
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,....y..Y)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2689
                      Entropy (8bit):4.005600449123922
                      Encrypted:false
                      SSDEEP:
                      MD5:92856C76245693FC205060B7D32969D8
                      SHA1:9865B47644ECE4522743C01D0DC968E87F70C162
                      SHA-256:D74E021132B9C412E6D8A71E76877D81A7AD0460B765C74E1BDFC35BACB8D624
                      SHA-512:EB139B7AFBBB9287808252DE5E6A7491447BCCCAC5458CB99610965C24B6105B431E0EA24C19E3244F8B58EFB8C21624F8154E144DE7F381C88186320501B492
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 7 21:08:15 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.996616374893323
                      Encrypted:false
                      SSDEEP:
                      MD5:AE95E2B0DC9ACBC599D43ADEA59C850A
                      SHA1:C054A3ADE9D8EC9A8FF81E0AAE47D2477AD914E2
                      SHA-256:FE96E6D31833A22743702D65D2AFD3FDD24D941D1FBD70D7399CAE940E1C904E
                      SHA-512:23446F37912B5492F0B01EB3C47D28FB3A7B8D8C08D5AC19B96BB11086BE4252DF6E04FC54AD6D1EE48C425822A97FC546F5141D31C96A00177B4245EC05A45F
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,.......Y)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 7 21:08:16 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2677
                      Entropy (8bit):3.9883960503329035
                      Encrypted:false
                      SSDEEP:
                      MD5:37B78AB9AAFB386F20FA4789143803A4
                      SHA1:3F3DE239204F71EFA8D573115C31D733B750CACF
                      SHA-256:FAD075848635C13931922E2C5FE0FED7F1F24D5BF498BD8AFD34B00EA32837BB
                      SHA-512:49DAE606899810ADF093374CFDA3428D9898E8AC215078F40869D358DE8DA67AA0AE7EB473B430C2DA6D01C16C60B6C8F6D9EBA138C09E09409522B2BDE5BB31
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,........Y)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 7 21:08:15 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                      Category:dropped
                      Size (bytes):2679
                      Entropy (8bit):3.9969322783745573
                      Encrypted:false
                      SSDEEP:
                      MD5:7B8C873C8A3AAE899ACE65C58E7FD395
                      SHA1:668565FB9E1CC72C2CC5A732C7C7D97D807DE6BC
                      SHA-256:9FA1A2E574A16E178B03643E580D8B8E159182CF73D4B845E2F38D781E41115B
                      SHA-512:CADC3688360F8FA7EF508ACD27932A8EC7848253147E9E58505F749455215A3B8CA9B1342AF7E244AAEB1A051940983C70EAB9C1A32C19FB3BF19919CA530E9B
                      Malicious:false
                      Reputation:low
                      Preview:L..................F.@.. ...$+.,........Y)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.W......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.W......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.W............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.W.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Y.DZ.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                      C:\Users\user\Downloads\unMiner.2.1.1-beta-mfi.exe.crdownload

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                      Category:dropped
                      Size (bytes):108185833
                      Entropy (8bit):7.999964460249565
                      Encrypted:true
                      SSDEEP:
                      MD5:2B7B005342300CC784A96196E3FBB6BE
                      SHA1:C1B985A29ACE919F8354D6B90DB61CF59207D0EE
                      SHA-256:08291199BB0BFD92D1B5F4552DAFA3C1B3EDEBBDCABFEE3DDD97501A4F782727
                      SHA-512:7EB6D52C230A973F5BB7361D62F3BC5B072AA643231A21DF0D0FFFCAC1D1AF7772B23883F2AE830504AB47E7E2C381C72DB9E0494C2C9E62656018991AF94E62
                      Malicious:true
                      Reputation:low
                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@...3............@..........................0#...........@...........................................".@:...........................................................................................................text...'f.......h.................. ..`.rdata...............l..............@..@.data...............................@....ndata...@...............................rsrc...@:...."..<..................@..@................................................................................................................................................................................................................................................................................................................................................

                      Chrome Cache Entry: 153

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3
                      Category:downloaded
                      Size (bytes):1089
                      Entropy (8bit):7.403666224671174
                      Encrypted:false
                      SSDEEP:
                      MD5:F0537D4B725D762A12DE16C2417BB908
                      SHA1:3CAB6471D910B0AC7F980BD60AE35EA59EF8C875
                      SHA-256:7ADF19B97F1AD0A3D0E17828321D067F6709D710CD9F9BE31B9AD81388E2DEAC
                      SHA-512:C625A7B32C05D50D3EF759A11EB131DE17A64D92B0FCE69C231A83702D70E05E40A4E86FC463DD3A767FD81985428B99B4D974036C9EBEFFDE3B2ADCDE0D135E
                      Malicious:false
                      Reputation:low
                      URL:https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSm0ciShTqqvrpHsif2eA091aLNgavLmZ3M1FN0RM4&s=10
                      Preview:......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.@.."......................................7...........................!Q..12Baq"3A....7u....#RS.........................................................?..iJP)JP)JP)JPu4.^...[.BL....S.....k..6}z..-.nj.\.8[c.p...G....Sv%..f....][N.MQv..........RH*l.8.=.AQL..../9n.....w.p<5'.3W.....}5~.?s......T=j.R..~."d.....Q.Nx....F...y...}..y............DD........(+..@'......m...%..<..Z.V..p..,...t..d[l...iGZ..]*..2.Br............e..ME2..nDD.[.\.K~j....1^JlWaJv,....T...}G......|1.-..~4..(K.A+J.I..;..W`...6.`gM.{..h.....@.c8.. y.A3b_..o...U..Sy../..,0...D.........q.Wg:..j.3M.....Z....y>.JNG..v5F./z.].U......tMn...s.pPj.G.`~a.............L.._.X.(.....I.e.s..^.0.u8`..r<U#..W.~..T...:.iS..*i.:.b....Vx'<.*..W[}..........:Z!i..!x#..RG..G...]..M.Y...'-..w.I..9.....CDF.31..6..+(.......D.`.v...F......p

                      Chrome Cache Entry: 154

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):145
                      Entropy (8bit):4.7371009429466575
                      Encrypted:false
                      SSDEEP:
                      MD5:AB263C5A8E4CE52960FAD220463654CD
                      SHA1:92033D36DF5A5C9AD42360FF4947B91692779A96
                      SHA-256:4DA0111A8BE2E93BE829F7E90825FE7DB58EECF9DFDA21020FBED9E4D04D78C5
                      SHA-512:EF2DC40BFA2A2D616DD5F70EDD7C7CB6AA0A39B7E9A7DAAA5974866436E85875AEE1C512B117ABAF9C1625659A25C010920CA4AE196E024007C44619783A81E2
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcdn.unmineable.do&oit=3&cp=25&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://cdn.unmineable.do",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 155

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (733)
                      Category:downloaded
                      Size (bytes):738
                      Entropy (8bit):5.185470781843369
                      Encrypted:false
                      SSDEEP:
                      MD5:72A7C76FA024CA0BFC6A623138BF1F2C
                      SHA1:971D65C4D70E05099CE49AFBAB68C12625D3AEC5
                      SHA-256:22BCF866640284AAD59784D74E3786200CBF71CE07B4BACFED34326A70262F85
                      SHA-512:EF3C7E3B23604D092925F723EE186303531399A7D7FC54D373CEA560CA03C7F2ABA4CC0E3C471E6C0134AB79114DFC9DF6991FE501CD8FA45A0547C0DB796232
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fc&oit=3&cp=9&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://c",["https://clever.com/in/hcps","https://chat.openai.com","https://canva.com","https //csusa-fl.powerschool/public","https //chat.openai.com login","https //conjuguemos.com live","https //create.roblox.com/dashboard/creations passes","https //calendly.com login","https //create.kahoot.it join","https //clever.com login"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[802,801,800,602,601,600,553,552,551,550],"google:suggestsubtypes":[[44],[44],[44,10],[512],[512,433,131],[512],[512,433],[512],[512],[512]],"google:suggesttype":["NAVIGATION","NAVIGATION","NAVIGATION","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 156

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (1638)
                      Category:downloaded
                      Size (bytes):1643
                      Entropy (8bit):5.846333836489116
                      Encrypted:false
                      SSDEEP:
                      MD5:4368A967C743980462D4B75D927C8FD9
                      SHA1:0DDE7C547BF85CF348539526FB624633AC584006
                      SHA-256:A894EC173306E22BFA6F0C695A44833F0134E41A8D8B44984F5328A61D3048F7
                      SHA-512:3F9F82FEA70CBAB7C20421A399D1E07E1F1849B6479DFC1CEC2A99AA147176B534ED1F7EB59802B8D15DF0BF94D83C7AEF132E05CDE94CF44C2D7468220EB05F
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=h&oit=1&cp=1&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["h",["home depot","home depot","hotmail","hanukkah","hulu","hurricane tracker","hbo","hanukkah 2023","hbo max","harbor freight"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{},{"google:entityinfo":"CgkvbS8wMXpqMXQSGEhvbWUgaW1wcm92ZW1lbnQgY29tcGFueTJkaHR0cHM6Ly9lbmNyeXB0ZWQtdGJuMC5nc3RhdGljLmNvbS9pbWFnZXM/cT10Ym46QU5kOUdjUVNlWVNGVlN0cGxZaURhWDNYc1dJd0ZfVkMtVld6TXJkcVdZbWJCMGsmcz0xMDoOVGhlIEhvbWUgRGVwb3RKByNhMzQxMDRSOWdzX3NzcD1lSnpqNHRUUDFUY3dyTW95TEZGZ05HQjBZUERpeXNqUFRWVklTUzNJTHdFQVlUQUhsQXAX"},{},{},{},{},{"google:entityinfo":"CggvbS8wM21kdBIYQ2FibGUgdGVsZXZpc2lvbiBjb21wYW55MmRodHRwczovL2VuY3J5cHRlZC10Ym4wLmdzdGF0aWMuY29tL2ltYWdlcz9xPXRibjpBTmQ5R2NTbTBjaVNoVHFxdnJwSHNpZjJlQTA5MWFMTmdhdkxtWjNNMUZOMFJNNCZzPTEwOgNIQk9KByM0MjQyNDJSLmdzX3NzcD1lSnpqNHREUDFUY3d6azBwVVdBMFlIUmc4R0xPU01vSEFDOFBCSjRwFw\u003d\u003d"},{},{},{"google:entityinfo":"CgkvbS8wN242cWsSDlJldGFpbCBjb21wYW55MmRodHRwczovL2VuY3J5cHRlZC10Ym4wLmdzdGF0aWMuY29t

                      Chrome Cache Entry: 157

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (778)
                      Category:downloaded
                      Size (bytes):783
                      Entropy (8bit):5.118204248071369
                      Encrypted:false
                      SSDEEP:
                      MD5:077AC8EE814AB09C080DA81AA679AE8C
                      SHA1:0048CB5645AEE2F23FB0C54CE15838641BFFD1C1
                      SHA-256:B394A1570BCCBA1E34A8F9BD39B81640530DC4AEE02B36D3DBBE7F0A2AE1F928
                      SHA-512:4EE5CAAD9545007C15F80F8F77E6BFF4452D28BB2AADFCDF6CC4177FEDE1E545C936EF526D82CAA6C2C2D7DEE0D14061E3D31D41B30084969CBABE5E568369B4
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["",["colorado football recruiting","clash of clans town hall 16","mortgage interest rates","pearl harbor survivors","where to watch game awards 2023","def leppard journey 2024 tour dates","gail lewis walmart","football week 14"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                      Chrome Cache Entry: 158

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (682)
                      Category:downloaded
                      Size (bytes):687
                      Entropy (8bit):5.193456260344898
                      Encrypted:false
                      SSDEEP:
                      MD5:ACA9642156C854342DFCA6CEDE5D7812
                      SHA1:6BEAC2FD982A4053E10CD5AD4CB22AD68766AA3F
                      SHA-256:31664A37BA03BB38675D6CC7FD0269DF89B5A7E54756AA434F0AFE319088680B
                      SHA-512:CDAA4457BFC45214DE7D7B5AC262FD88E828023D2B300971F2F5036676601A684802C9FB4C8FC74C6AEB09570F40B0387EAE592199B92B82D3B86F91BD6E5953
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https&oit=1&cp=5&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https",["https","https //quizlet.com live","https //www.facebook.com login","https //kahoot..com","https //csusa-fl.powerschool/public","https //kahoot.com join","https //www.myflfamilies.com login","https://www.google.com","https://www.facebook.com","https://www.youtube.com"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[1300,600,554,553,552,551,550,402,401,400],"google:suggestsubtypes":[[512,433,131],[512],[512,433,131],[512],[512],[512],[512],[44],[44],[44]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","NAVIGATION","NAVIGATION","NAVIGATION"],"google:verbatimrelevance":1300}]

                      Chrome Cache Entry: 159

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):19
                      Entropy (8bit):3.6818808028034042
                      Encrypted:false
                      SSDEEP:
                      MD5:595E88012A6521AAE3E12CBEBE76EB9E
                      SHA1:DA3968197E7BF67AA45A77515B52BA2710C5FC34
                      SHA-256:B16E15764B8BC06C5C3F9F19BC8B99FA48E7894AA5A6CCDAD65DA49BBF564793
                      SHA-512:FD13C580D15CC5E8B87D97EAD633209930E00E85C113C776088E246B47F140EFE99BDF6AB02070677445DB65410F7E62EC23C71182F9F78E9D0E1B9F7FDA0DC3
                      Malicious:false
                      Reputation:low
                      URL:https://extension.femetrics.grammarly.io/
                      Preview:404 page not found.

                      Chrome Cache Entry: 160

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (492)
                      Category:downloaded
                      Size (bytes):497
                      Entropy (8bit):4.9069986073067975
                      Encrypted:false
                      SSDEEP:
                      MD5:48A3F23B5A94C213A68D0BE18E259F4F
                      SHA1:E371B351E5E4AE7B0AE26D18A093C2FF633542E7
                      SHA-256:07B4C5220903F6A29A30ABEBFE4C77A96437FFEFE3BAC1FAE577801D2E5316D7
                      SHA-512:45F0F3A7C3BB963FD83EDB414086E619EFDF461649770E148753E4ACEA9194CD8F429B27F194257433BB6499092615154DB9DE5F302F6F3CFF1FBCD3EE4AECBE
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcdn.unmineable&oit=3&cp=22&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://cdn.unmineable",["https //cdn.unmineable.net","https //cdn.unmineable.com","https //cdn.unmineable.io"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//cdn.unmineable.net"},{"mp":"\u2026 ","t":"//cdn.unmineable.com"},{"mp":"\u2026 ","t":"//cdn.unmineable.io"}],"google:suggestrelevance":[601,600,550],"google:suggestsubtypes":[[160],[160],[160]],"google:suggesttype":["TAIL","TAIL","TAIL"],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 161

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (676)
                      Category:downloaded
                      Size (bytes):681
                      Entropy (8bit):5.131239302245495
                      Encrypted:false
                      SSDEEP:
                      MD5:84B857B175FBFC91F26345DCA446D65A
                      SHA1:63ACE5817ACB5B13CE4F009540FF36CD629AFF5E
                      SHA-256:A2D5ADFACEA1FFEE1BF5891FA2FE00E53CACA1904181D344EA94C5AC13C476AC
                      SHA-512:B1FF499507587E60A515C7BCA8D6B823D12BD1942C9B386A2B1796DE5E827E6036CE34D8DF07028ECE5B111F464846A3C8CE1B5DA99C88F67D0B3724562DF0DF
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=http&oit=1&cp=4&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["http",["https","https //quizlet.com live","https //www.facebook.com login","https //kahoot..com","http //192.168.l.1","http status codes","https //kahoot.it login","https //csusa-fl.powerschool/public","https //www.myflfamilies.com login","https://www.google.com"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[601,600,556,555,554,553,552,551,550,400],"google:suggestsubtypes":[[512,433,131],[512],[512,433,131],[512],[512,433,131],[512,433,131],[512],[512],[512],[44]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","NAVIGATION"],"google:verbatimrelevance":1008}]

                      Chrome Cache Entry: 162

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 64, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):1561
                      Entropy (8bit):7.824087491511352
                      Encrypted:false
                      SSDEEP:
                      MD5:FCAF86180F335428A39954CF8796D901
                      SHA1:F874BBCFEEE76B59C8AE1F5E2B6B58A8217192AB
                      SHA-256:B6020BC57D5C1AB56D5301C08606392228E33371512895CD2DE3E33F40729B4B
                      SHA-512:526C60947BD1D0B8D6CA10C39016311970FFF5631354AD56FA3D6628145DB7755F7738137A1F7B8CE5B1A023061EF5F9888F47ED467FA6D0701D0DE6872F8E24
                      Malicious:false
                      Reputation:low
                      URL:https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQSeYSFVStplYiDaX3XsWIwF_VC-VWzMrdqWYmbB0k&s=10
                      Preview:.PNG........IHDR...@...@............rPLTE....c.._..a..b...k..Q.k..R..U..\..X........M......e..........v.o*................._..V.........g..x<.}F..~.@..t5...o...bIDATX.....8..K..6.D@@.P.._q..:...[a..&]i.H.?.{#..gQ&...20.f.4~..Qz...&.x:....@C.d.!-^......{p...O.|....Q%.....7.%.p"..P??e.7...{U.O.e"..^..'=...!..~.(.$...%..v!......W....XV....,W.pz...PO!.o...v.D.O._.&*......R....'..27...,c..^<..&.&.*....1......D...y.%..c...8....ju..Vc...d.....a...{..~.aG.....T.8;...E.d..!?....?.^..4../.v.h.w.#.Ei...K.....-.l..c...e.T...../........M.{.R...#.D.%<G..@....L....HNQ.`M.i..~.P. z.......z.. n4.2E..a. ^..).]..#-z.. ..i.j....@...S-.BK...(.,_..H...].....5..3.R..[%.z.P(.n"....&..Y....-*.,...&...X...Y.J..%.....pzi>S.e.|*58...z%a.6=i.....1z.[=.mu...D.5k..:..C.H..>!j`g.r...=.vk..@.0Z.]..C..XD.rx(_..t...j.....W..9.6gB..LUdZjI}r....{?..}...Bg.@....=.(9B.w$xY..q&....z."..yj<g0wm..q.B..72]..*..5AD...8.v..,vG.~.....h...1. N....w|.R......V...C.[Gzr.v.!T./...}g~../....W.@W.A..

                      Chrome Cache Entry: 163

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):151
                      Entropy (8bit):4.745875081303352
                      Encrypted:false
                      SSDEEP:
                      MD5:FA44AEAEFD9F32CBC846A769B9BE5998
                      SHA1:3CC5463FF3E7F4E100DE1ECFFD73F90BAF7AC760
                      SHA-256:AF7FEAA3B3CB150B20C38AC368C26A979E53088DC00DB763436EE63898752983
                      SHA-512:4903354F7269A09D60D5EB8B56088D9DEC9386E734DAD60FD1A805576D00CABB6965901B7208B34F3F33A2D864FD497B1575BEC484E3EDC2BAAE8EE6B01B5300
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcdn.unmineable.download&oit=3&cp=31&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://cdn.unmineable.download",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 164

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (839)
                      Category:downloaded
                      Size (bytes):844
                      Entropy (8bit):5.289904266357004
                      Encrypted:false
                      SSDEEP:
                      MD5:E061AAE44959436232D37875DD25604C
                      SHA1:17458B282EA8B99DBF73D6CEC73924B4D4FDC6AF
                      SHA-256:C4BA12A1493F896411B32380FDD4779FB8B3AAE6C9081F10A4EBB0BAE5E47F40
                      SHA-512:499BD4469623ED6ED7963A79C5DEFE3836C6EF18DBDC40B6783AA9E16DDBECB3270A5A20BA55D75CF71FCDA745F7333B82F308306720AB078DFBC1C72044F01D
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcdn.&oit=3&cp=12&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://cdn.",["https://cdn.krnl.place/getkey.php","https://cdn.openai.com/api/logo-assets/openai-logo-email-header-1.png","https://cdn.fbsbx.com/","https://cdn.i-ready.com/systemcheck/","https://cdn.jsdelivr.net","https://cdn.kutasoftware.com","https //cdn.jsdelivr.net/gh/fognetwork/ingot/ingot.min.js\u0027 document.body.appendchild(a) ())","https //cdn.fbsbx.com pdf","https //cdn.sportcast","https //cdn.bearsofficial"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"phi":0,"pre":0,"tlw":false},"google:suggestrelevance":[805,804,803,802,801,800,601,600,551,550],"google:suggestsubtypes":[[44],[44],[44],[44],[44],[44],[512],[512],[512],[512]],"google:suggesttype":["NAVIGATION","NAVIGATION","NAVIGATION","NAVIGATION","NAVIGATION","NAVIGATION","QUERY","QUERY","QUERY","QUERY"],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 165

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (384)
                      Category:downloaded
                      Size (bytes):389
                      Entropy (8bit):4.900674288986014
                      Encrypted:false
                      SSDEEP:
                      MD5:495F29F48D6525962A7B564BC91FC3C6
                      SHA1:2EC49561728C9EAAA3E32B7DAEB9AFA9DDF03FDA
                      SHA-256:7175A7850F11BFEE0887604DB54C0A1D8086CBAB92F4182209A48B1908D72D7F
                      SHA-512:701CDE6424C3B03E9738B42ECA6F87E495AB286D43DAACE00EEAF25786B91DC842817C172D16D5422FD55B5FAFBCBAECCB0A60FBDA5B11E9DCDB40C0B8FC3261
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcdn.unm&oit=3&cp=15&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://cdn.unm",["https //cdd.unm.edu","https //cdd.unm.edu login"],["",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//cdd.unm.edu"},{"mp":"\u2026 ","t":"//cdd.unm.edu login"}],"google:suggestrelevance":[601,600],"google:suggestsubtypes":[[160,10],[160,10]],"google:suggesttype":["TAIL","TAIL"],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 166

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (727)
                      Category:downloaded
                      Size (bytes):732
                      Entropy (8bit):5.145742174109705
                      Encrypted:false
                      SSDEEP:
                      MD5:D8F2F0F78B3D4B7D78F7E484151DCE50
                      SHA1:33F10DDD5AF7185906A522DDC0BD3DE8BBFC29EC
                      SHA-256:F9EAE150B4825E58A7F92F60552D35D80B2ED6D7ACCE58DCE27C7F6BC03A57CB
                      SHA-512:46BA6C4D58ED4A7B1BB91137297B12BFE889AE60AFF1E9223D785539D6A69CAAD2F0FD0DC7CC8324E84F2BED092F753F1163254778D1FE66AA5429447A9896D1
                      Malicious:false
                      Reputation:low
                      URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2F&oit=4&cp=8&pgcl=4&gs_rn=42&psi=FGhnXfJRlRLOS1-x&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                      Preview:)]}'.["https://",["https //quizlet.com live","https //www.facebook.com login","https //kahoot..com","https //csusa-fl.powerschool/public","https //kahoot.com join","https //www.myflfamilies.com login","https //www.blooket.com join","https //www.epic games.com/activate","https //kahoot.it login","https://aka.ms/remoteconnect"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[601,600,556,555,554,553,552,551,550,400],"google:suggestsubtypes":[[512],[512,433,131],[512,433],[512],[512],[512],[512],[512,433,131],[512,433,131],[44]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","NAVIGATION"],"google:verbatimrelevance":851}]

                      Chrome Cache Entry: 167

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 64 x 12, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):741
                      Entropy (8bit):7.561516469256553
                      Encrypted:false
                      SSDEEP:
                      MD5:9BA25B90942766C6AE0FB5269F0BFE43
                      SHA1:E04CE66ECB7B8CCCEAB04DFE1D6C3C35FA5D6FD5
                      SHA-256:1257955D5B490C3D57973BD27596051C0346500BC5408B0EFC06A223CB42F656
                      SHA-512:E44ECCA657440BCB8868B7BAAD150D7113212BB62F7EB77016D1E544998501AB4BE9355E7DC3B70DAA88111EA2BE51EC22106BB8CD5559A3CB2ADC4EE24A1160
                      Malicious:false
                      Reputation:low
                      URL:https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTQhGehD_h1jhIWWKnmFuM6bwHvKeMmjNkHhuklrGo&s=10
                      Preview:.PNG........IHDR...@..........-K.....PLTE.............X..V..R.....4)..............._X.].>z........%........"..zv......lf1r.x.......%g..F=....:0....LD.WQ.ql.c....U..u......J.`...........RT.@....IDAT(.]...0...S!H@ .....mE.......N.=..+`s8.0......m`'...-..p.2....>..7R|......s8F......Vm.E.32...`7Y]a&.......X..8.:."...e.I..a.....e.a...V. 6P!.".....`0q.F..H..H.q8T..).r...V.VX!....bi....b..Q..`Y!..`...\.....@x.mA..T.@.....20..V..*.-.q....>...].hX. .+4.r. ..2....p+.b.......L.%u..M...N..:T.....=Z7MR7....l7.7.K...m.>..>...7....y..#.1MG.:.*u..t.-..6.t.G.\..7.Bq...G.....vz...m?O..O.C.t.......Z..y.T.}.._}7k...i......W?w..C.G'.VZ.@.......q.I..^..}.._.\.SE"....#.N(.[.R..).i5.Z.;/M......O.3>........IEND.B`.

                      Static File Info

                      No static file info